surabaya.floristza.net Open in urlscan Pro
2606:4700:3032::6815:3333 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Submission: On December 04 via api (December 4th 2023, 2:52:00 pm UTC) from FR — Scanned from US

Summary HTTP 39 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 13 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3032::6815:3333, located in United States and belongs to CLOUDFLARENET, US. The main domain is surabaya.floristza.net.
TLS certificate: Issued by GTS CA 1P5 on November 4th 2023. Valid for: 3 months.

This is the only time surabaya.floristza.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::6815:3333	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2600:141b:1c0... 2600:141b:1c00:2092::f50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:402... 2607:f8b0:4024:c09::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4023::84	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:5063	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.31 149.56.240.31	16276 (OVH) (OVH)
3	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.8.19.43 65.8.19.43	16509 (AMAZON-02) (AMAZON-02)
2	3.20.49.194 3.20.49.194	16509 (AMAZON-02) (AMAZON-02)
1	104.18.34.83 104.18.34.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:c3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	44.193.54.186 44.193.54.186	14618 (AMAZON-AES) (AMAZON-AES)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
1	23.47.69.85 23.47.69.85	16625 (AKAMAI-AS) (AKAMAI-AS)
5	67.202.105.33 67.202.105.33	32748 (STEADFAST) (STEADFAST)
1	18.161.34.84 18.161.34.84	16509 (AMAZON-02) (AMAZON-02)
4	23.206.172.38 23.206.172.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	67.202.105.34 67.202.105.34	32748 (STEADFAST) (STEADFAST)
39	17

1 2606:4700:3032::6815:3333 (United States)

ASN13335 (CLOUDFLARENET, US)

surabaya.floristza.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:141b:1c00:2092::f50 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

www.irs.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4024:c09::84 (Clarksville, United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023::84 (Clarksville, United States)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.8.19.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-19-43.bos50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.20.49.194 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-49-194.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.83 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.193.54.186 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-54-186.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.69.85 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.161.34.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-84.bos50.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.206.172.38 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-38.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.34 (United States)

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	irs.gov www.irs.gov — Cisco Umbrella Rank: 22804	219 KB
7	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13327 ic.tynt.com — Cisco Umbrella Rank: 11417 de.tynt.com — Cisco Umbrella Rank: 1577	8 KB
6	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 11669 t.sharethis.com — Cisco Umbrella Rank: 5617	15 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 17386 t.dtscout.com — Cisco Umbrella Rank: 14358	5 KB
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2916	723 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	833 B
2	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4856 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6028	12 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 15174 s4.histats.com — Cisco Umbrella Rank: 14862	5 KB
2	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12342	503 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	429 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 15253	599 B
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11479	10 KB
1	floristza.net surabaya.floristza.net	13 KB
39	13

	Domain	Requested by
12	www.irs.gov	surabaya.floristza.net www.irs.gov
5	ic.tynt.com	surabaya.floristza.net
4	t.sharethis.com	pd.sharethis.com t.sharethis.com surabaya.floristza.net
2	pixel.onaudience.com	2 redirects
2	bcp.crwdcntrl.net	1 redirects surabaya.floristza.net
2	pd.sharethis.com	e.dtscout.com surabaya.floristza.net
2	t.dtscout.com	e.dtscout.com
2	blogger.googleusercontent.com	surabaya.floristza.net
1	de.tynt.com	cdn.tynt.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	tags.bluekai.com	surabaya.floristza.net
1	t.dtscdn.com	e.dtscout.com
1	cdn.tynt.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	surabaya.floristza.net
1	1.bp.blogspot.com	surabaya.floristza.net
1	surabaya.floristza.net
39	19

This site contains links to these domains. Also see Links.

Domain
s.id

Subject Issuer	Validity	Valid
floristza.net GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
www.irs.gov Entrust Certification Authority - L1F	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Frame ID: 6F8CD19BF904B775B9FF51CE39C975B0
Requests: 35 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=104017017015132999684D5CACD79C14
Frame ID: 4D3C229B3C430A94D95B81CAC837E21B
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1263.23366&cid=c010&cls=C
Frame ID: AC54248FAF5D9118984AEAF7CF3EC713
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1263.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 51DFFBAB5D351EF6FE9DD5D9507583A9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Direct Pay | Internal Revenue Service

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

39
Requests

95 %
HTTPS

39 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

791 kB
Transfer

1458 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://s.id/1vMSZ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=104017017015132999684D5CACD79C14 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=104017017015132999684D5CACD79C14

Request Chain 25

https://pixel.onaudience.com/?partner=137085098&mapped=104017017015132999684D5CACD79C14 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=397fc4f9b085c08e

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request direct-pay Show response
surabaya.floristza.net/https-www.irs.gov/payments/ 108 KB
13 KB 1273ms
1126ms Document
text/html 2606:4700:3032::6815:3333
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3333 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b49061a6454a0de736c79135e733054ef2451f322dc9ef5bb486609aa466af27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8304deaa7dd13360-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 14:51:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BVFekDIAz9BeCaRgnanZFtX8c5rBKT9QyBN0x9aUb%2FxRhx1OyznFZp1XXYTrWYyc3CWKI9iPjShaDc4dHqXBGh%2FqfHlHaDLggtMfcz4puCjQGY%2BUH7I4YJj1AXqbIKz57B34vhM%2FU4eX3NdP%2B2ItAWUphiq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 css_vQa_3OpFXGfhGcJM-mri8abMGZjHfxk0EwQD4DAxXsQ.css
www.irs.gov/pub/css/ 33 KB
6 KB 385ms
76ms Stylesheet
text/css 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irs.gov/pub/css/css_vQa_3OpFXGfhGcJM-mri8abMGZjHfxk0EwQD4DAxXsQ.css

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bd06bfdcea455c67e119c24cfa6ae2f1a6cc1998c77f1934130403e030315ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: Tue, 05 Dec 2023 14:51:52 GMT
x-edgeconnect-origin-mex-latency: 7, 7
date: Mon, 04 Dec 2023 14:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-edgeconnect-midmile-rtt: 0, 0
x-age: 1
x-ah-environment: prod
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512126_389700030_2438447014_49_9131_64_0_255";dur=1
content-length: 5338
x-request-id: v-d313760c-85b7-11ee-b2e7-3bd270a12391
last-modified: Sat, 18 Nov 2023 02:13:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css
www.irs.gov/pub/css/ 327 KB
39 KB 445ms
136ms Stylesheet
text/css 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ed9ef750cf022f756ddf47c04964713c4b35b3e19c3a4b13a8433ec7cdde41bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: Tue, 05 Dec 2023 14:51:52 GMT
date: Mon, 04 Dec 2023 14:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-age: 5
x-ah-environment: prod
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512256_389700030_2438447016_45_9140_64_129_255";dur=1
content-length: 39620
x-request-id: v-b739fc7e-7533-11ee-8af8-6747858a0797
last-modified: Sat, 18 Nov 2023 02:12:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 css_DcoweyAYuMoA29whsp8WH-9ibwtLfQ2s1U7sjCY7qbI.css
www.irs.gov/pub/css/ 220 KB
16 KB 385ms
77ms Stylesheet
text/css 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irs.gov/pub/css/css_DcoweyAYuMoA29whsp8WH-9ibwtLfQ2s1U7sjCY7qbI.css

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0dca307b2018b8ca00dbdc21b29f161fef626f0b4b7d0dacd54eec8c263ba9b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: Tue, 05 Dec 2023 14:51:52 GMT
x-edgeconnect-origin-mex-latency: 340
date: Mon, 04 Dec 2023 14:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-edgeconnect-midmile-rtt: 15
x-age: 2
x-ah-environment: prod
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512256_389700030_2438447015_41_9188_64_0_255";dur=1
content-length: 15568
x-request-id: v-d3ced2da-85b7-11ee-9e02-a3e3cfdf553f
last-modified: Sat, 18 Nov 2023 02:45:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 css_RG_kLfRq3GwROtMk1r48PfjHnNw6kjdv2M-XN9ltGgI.css
www.irs.gov/pub/css/ 4 KB
1 KB 78ms
77ms Stylesheet
text/css 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irs.gov/pub/css/css_RG_kLfRq3GwROtMk1r48PfjHnNw6kjdv2M-XN9ltGgI.css

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

446fe42df46adc6c113ad324d6be3c3df8c79cdc3a92376fd8cf9737d96d1a02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-edgeconnect-origin-mex-latency: 76
date: Mon, 04 Dec 2023 14:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-edgeconnect-midmile-rtt: 6
x-age: 0
x-ah-environment: prod
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512467_389700030_2438447160_33_9895_64_0_109";dur=1
content-length: 1058
x-request-id: v-546c76ba-768e-11ee-bf3a-6bae5a7a3af0
last-modified: Sat, 18 Nov 2023 02:12:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 banner%20floristza%20net.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZZGwOO9ktCIHk9M-2n2rcxthf_zzSu5TvbmbiFrzbMe-as_Fw4rEqAwVC4U0Ho6EsuMhJxIIt4tL9cBIabGjn6p1xVE5p_kJYDz0qnV_6IFD515LSgNR-la56UI4jv5oHjlQtB28HQp23JpOx... 331 KB
331 KB 810ms
695ms Image
image/jpeg 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZZGwOO9ktCIHk9M-2n2rcxthf_zzSu5TvbmbiFrzbMe-as_Fw4rEqAwVC4U0Ho6EsuMhJxIIt4tL9cBIabGjn6p1xVE5p_kJYDz0qnV_6IFD515LSgNR-la56UI4jv5oHjlQtB28HQp23JpOxWstEFvYQlRSCmsmdSuj3r1KM-88hBKt9MhE1B4sRxg/s810/banner%20floristza%20net.jpg

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e605344e52766231f8111f38a154041126020820939f04f2c3f7b2c174bf7cb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:52 GMT
x-content-type-options: nosniff
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner floristza net.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338507
x-xss-protection: 0
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 TOMBOL-PESAN-SEKARANG-GERAK.gif
1.bp.blogspot.com/-GTwG8rdqXAU/XfOw-MkAUWI/AAAAAAAACkI/l3jSu2mUuAINCvdhuRTc2Q-l29S17dVCgCLcBGAsYHQ/s320/ 10 KB
10 KB 532ms
408ms Image
image/gif 2607:f8b0:4023::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-GTwG8rdqXAU/XfOw-MkAUWI/AAAAAAAACkI/l3jSu2mUuAINCvdhuRTc2Q-l29S17dVCgCLcBGAsYHQ/s320/TOMBOL-PESAN-SEKARANG-GERAK.gif

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d31756b19f8a4f412b79aa9a1a2e8667829c70e3a3d65e95f907a58d0ad6d15c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:52 GMT
x-content-type-options: nosniff
server: fife
etag: "va43"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="TOMBOL-PESAN-SEKARANG-GERAK.gif"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10108
x-xss-protection: 0
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 banner%20floristza.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy8WHQfG1qMYJgiAFCQ2u4YFwO77moz5o4MtzZjno7XJEUJS1gF2R44Q3EDyxZP-hoZfcGf_9KBe4xNkeps7TJeDHMxZ-jZ4hAkammjDueGKorAtGaFBst7VWPZPOnxVnmTKSFU8KvFd9SLqTV... 172 KB
172 KB 919ms
918ms Image
image/png 2607:f8b0:4024:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy8WHQfG1qMYJgiAFCQ2u4YFwO77moz5o4MtzZjno7XJEUJS1gF2R44Q3EDyxZP-hoZfcGf_9KBe4xNkeps7TJeDHMxZ-jZ4hAkammjDueGKorAtGaFBst7VWPZPOnxVnmTKSFU8KvFd9SLqTV1wTSddxkhcR7-MKc6kErfxI3Bx7mDm8khli8tr8Oeg/s698/banner%20floristza.png

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c09::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bf1acd45904d5609a07a8dd94808762cb1f9ed0ca437c2fc6cd4795478f8fcd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:53 GMT
x-content-type-options: nosniff
server: fife
etag: "vc"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner floristza.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175870
x-xss-protection: 0
expires: Tue, 05 Dec 2023 14:51:53 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 130ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 23296
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8304deb55dcd746a-MIA
content-length: 4547

GET
H2 200 official-site-flag.png
www.irs.gov/themes/custom/pup_base/images/ 4 KB
4 KB 96ms
96ms Image
image/png 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irs.gov/themes/custom/pup_base/images/official-site-flag.png

Requested by

Host: www.irs.gov
URL: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2aed0559ebb58b74e1ae783ef624dbbc9f70390a2648dc1787af6c68122ec510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 8
date: Mon, 04 Dec 2023 14:51:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 02 Jul 2022 04:50:45 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=86400
x-age: 940509
x-ah-environment: prod
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512481_389700030_2438447165_423_22781_64_0_146";dur=1
content-length: 4029
x-request-id: v-a794fc34-5981-11ed-aa7e-1fff184ae064
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 fa5-hands-helping.png
www.irs.gov/themes/custom/pup_base/images/ 976 B
1 KB 83ms
83ms Image
image/png 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irs.gov/themes/custom/pup_base/images/fa5-hands-helping.png

Requested by

Host: www.irs.gov
URL: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

493d68e8f237b05f962056bd60a80aa816f0a7adddd1e2e944f0ad688b2af09e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 07:43:03 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=86400
x-age: 0
x-ah-environment: prod
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512480_389700030_2438447166_163_11737_64_0_146";dur=1
content-length: 976
x-request-id: v-4b850a16-22b6-11ee-b93a-eb9e8b7f6ae2
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 fa5-book.png
www.irs.gov/themes/custom/pup_base/images/ 583 B
954 B 81ms
81ms Image
image/png 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irs.gov/themes/custom/pup_base/images/fa5-book.png

Requested by

Host: www.irs.gov
URL: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a1f9b6b76c5af10cdeb8108bc10487112c9b521bff9c71b67bbd7ed2e583b346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 15
date: Mon, 04 Dec 2023 14:51:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 07:43:03 GMT
content-type: image/png
cache-control: max-age=86400
x-age: 1010900
x-ah-environment: prod
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512480_389700030_2438447167_163_11732_64_0_146";dur=1
content-length: 583
x-request-id: v-0666a944-664c-11ec-b3c2-4784894bf382
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 sourcesanspro-regular-webfont.woff
www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/ 29 KB
30 KB 278ms
82ms Font
text/plain 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/sourcesanspro-regular-webfont.woff

Requested by

Host: www.irs.gov
URL: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

561baf0bcf9ffa0205461ca95da4a23889403e237e88bea07da997db6aaf6662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css
Origin: https://surabaya.floristza.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-edgeconnect-origin-mex-latency: 38, 38
date: Mon, 04 Dec 2023 14:51:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 02 Jul 2022 04:50:45 GMT
x-edgeconnect-midmile-rtt: 0, 1
access-control-allow-origin: *
cache-control: max-age=86400
x-age: 0
x-ah-environment: prod
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512562_389700030_2438447303_37_12677_64_132_255";dur=1
content-length: 29840
x-request-id: v-024e6dd6-1ab2-11ed-ae12-eb291e6055a7
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 sourcesanspro-bold-webfont.woff
www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/ 29 KB
29 KB 367ms
171ms Font
text/plain 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/sourcesanspro-bold-webfont.woff

Requested by

Host: www.irs.gov
URL: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

69238a5125d41f5a81da26e3d7cb9c6d266d2497afc18e8c56e44420cdad4877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css
Origin: https://surabaya.floristza.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 7
date: Mon, 04 Dec 2023 14:51:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 02 Jul 2022 04:50:45 GMT
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=86400
x-age: 4267
x-ah-environment: prod
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512713_389700030_2438447326_239_9471_64_0_255";dur=1
content-length: 29396
x-request-id: v-ae472058-8d56-11ed-9a1d-df1b47b4c7a5
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 sourcesanspro-italic.woff
www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/ 14 KB
14 KB 352ms
157ms Font
text/plain 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/sourcesanspro-italic.woff

Requested by

Host: www.irs.gov
URL: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ac4be05412a4585bd1c8a708b0de58cd5ca12c0ae7570a8fa8f478a80f731da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css
Origin: https://surabaya.floristza.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits: 3
date: Mon, 04 Dec 2023 14:51:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 02 Jul 2022 04:50:45 GMT
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=86400
x-age: 136407
x-ah-environment: prod
accept-ranges: bytes
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512713_389700030_2438447324_235_9361_64_0_255";dur=1
content-length: 13948
x-request-id: v-559dd416-36b0-11ee-ac1d-0b8a69718be3
expires: Tue, 05 Dec 2023 14:51:52 GMT

GET
H2 200 fontawesome-webfont.woff2
www.irs.gov/themes/custom/pup_base/fonts/ 75 KB
76 KB 416ms
221ms Font
text/plain 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.irs.gov/themes/custom/pup_base/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.irs.gov
URL: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.irs.gov/pub/css/css_7Z73UM8CL3Vt30fASWRxPEs1s-GcOksTqEM-x83eQb0.css
Origin: https://surabaya.floristza.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: Tue, 05 Dec 2023 14:51:52 GMT
x-edgeconnect-origin-mex-latency: 14
date: Mon, 04 Dec 2023 14:51:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
x-age: 610
x-ah-environment: prod
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1701701512716_389700030_2438447325_747_23588_64_0_255";dur=1
content-length: 77160
x-request-id: v-6265f780-7532-11ee-822a-af08616d3622
last-modified: Sat, 02 Jul 2022 04:50:45 GMT
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 4

GET
H2 200 IRS-Logo.svg
www.irs.gov/themes/custom/pup_base/ 5 KB
2 KB 77ms
76ms Image
image/svg+xml 2600:141b:1c00:2092::f50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.irs.gov/themes/custom/pup_base/IRS-Logo.svg

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2092::f50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0f43618580dd31a8096effd969ca2af7e26ba8555ab8d732e5b32fe2ef8e8cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: Tue, 05 Dec 2023 14:51:52 GMT
x-edgeconnect-origin-mex-latency: 21
date: Mon, 04 Dec 2023 14:51:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-edgeconnect-midmile-rtt: 1
x-age: 742263
x-ah-environment: prod
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701701512550_389700030_2438447207_27_10549_64_0_146";dur=1
content-length: 1941
x-request-id: v-2af622aa-513a-11ee-baf6-9744598b0ab4
last-modified: Wed, 25 Oct 2023 14:34:30 GMT
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 11

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 378 B
513 B 247ms
77ms Script
text/html 149.56.240.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4731924&@f16&@g1&@h1&@i1&@j1701701512573&@k0&@l1&@mDirect%20Pay%20%7C%20Internal%20Revenue%20Service&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-140492742&@b3:1701701513&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534110.ip-149-56-240.net
Software: /
Resource Hash: 1c2998eb5e2b0337cfcf99c566f71bc74f10e324fe254dfecf3e831930a4b513

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 04 Dec 2023 14:51:49 GMT
Connection: close
Content-Length: 378
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
3 KB 214ms
139ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4731924&@f16&@g1&@h1&@i1&@j1701701512573&@k0&@l1&@mDirect%20Pay%20%7C%20Internal%20Revenue%20Service&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-140492742&@b3:1701701513&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cd91a61886937afc6a5456b89be13a17e22852bb060cbf5b6df2160204790a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:53 GMT
x-t: 0.298
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAvwG6Y0DMed%2FhvxtG6C3hSq7k8Ja%2Bbf3f8CcPY%2BmZNEQIFbqPzq4%2BUligBpfm%2BqwKWlt%2F5sbEh9wO6m4tIJx9RKoqRh4PcetWDas9TOUghqJGRoXZgGzK1AK9czAWQvvJ2xEJ52ZE9fdRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 8304deb80d9bda23-MIA
expires: Mon, 04 Dec 2023 14:51:52 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 4D3C 1 KB
760 B 136ms
135ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=104017017015132999684D5CACD79C14
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac138fb7b1bcdc9fbeb67332bc8e283dc33bd61282ae9cfd10cd6dfd81e4fc32

Request headers

Referer: https://surabaya.floristza.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8304deb8fed8da23-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 14:51:53 GMT
expires: Mon, 04 Dec 2023 14:51:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=123viyg1kZUSBx8Hb9245LBZuZg%2Fnn4DaA%2Bg67k6XYz3%2BMeJLQ9m6VFPSXX3hhnHkGHFSQLSjZMIIWBc6uBc2irw1HO%2Fh8mZSB5ahZW6ZN2cTcvvl%2FgaLihZVau9gGGHCl%2FS0Roegc1ajcg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 268ms
77ms Script
text/javascript 65.8.19.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.19.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-19-43.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 dc1f27692afc326c207626af1ea91108.cloudfront.net (CloudFront)
date: Mon, 04 Dec 2023 12:30:19 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-C3
age: 8494
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: eqft1KCtguaGW_k3I5oQIxvgM4f_IkQ-yrXg0qxpGjNS4YPo47a8BA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 305ms
67ms Script
application/javascript 3.20.49.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.49.194 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-49-194.us-east-2.compute.amazonaws.com

Software

Resource Hash

e04b5320cab145cf66d00544980cbe896d975f8c9914152c2b9fb1e4f74f2c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 04 Dec 2023 14:51:53 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 138ms
44ms Script
application/javascript 104.18.34.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:08:56 GMT
server: cloudflare
age: 111889
etag: W/"651ed188-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8304deb989e06dd3-MIA
expires: Thu, 07 Dec 2023 14:51:53 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 50 B
341 B 120ms
119ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=surabaya.floristza.net&_ss=75x3mc5s5a&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=m&_cbid=3oc9&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28bf1fd58d5c17019b54e92f9728a27bd6050a7a067ae8b3de459429282cb65

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:53 GMT
x-t: 0.142
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsYLrMT5HiRfyfUIY3YsyF%2By3jbutJy0RDEQOb0z0AiZbmxyhXOmJAsXWYCyYsvsWi08Opm76XigNkh%2F3fWs8%2FqucFNvXZdhBeTBKh8jiM2h26rCp3xLcqHRTs8fsUzSDHx021a9zPxZjCc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8304deb8fed9da23-MIA
expires: Mon, 04 Dec 2023 14:51:52 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
599 B 160ms
83ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=104017017015132999684D5CACD79C14&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:53 GMT
x-t: 0.64
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P68zs6JooA2gcfBez2BMClDzyl93qpHMFcuknvOfd3VLZ09kWC7yeCxnVWPtOPZbanx%2FguXdGLfaoH1Yt9YiL%2Bz%2FsS6hhBUgvsXSo%2FQXyL0TTpuaLosPBBYIrOHCLKtLVqW6RV251Z35PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 8304debaabd15c5f-MIA
expires: Mon, 04 Dec 2023 12:32:37 GMT

GET
H2

200

tpid=104017017015132999684D5CACD79C14
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=104017017015132999684D5CACD79C14
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=104017017015132999684D5CACD79C14

49 B
545 B

72ms
71ms

Image
image/gif

44.193.54.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=104017017015132999684D5CACD79C14
Requested by: Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Server: 44.193.54.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-54-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 14:51:53 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.51.101
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 14:51:53 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=104017017015132999684D5CACD79C14
cache-control: no-cache
x-server: 10.40.14.148
content-length: 0
expires: 0

GET
H2

200

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=104017017015132999684D5CACD79C14
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=397fc4f9b085c08e

62 B
429 B

642ms
443ms

Image
image/gif

23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=397fc4f9b085c08e
Requested by: Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Mon, 04 Dec 2023 14:51:54 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=397fc4f9b085c08e
content-length: 0

GET
H2 204 p
ic.tynt.com/b/ 0
228 B 356ms
68ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1701701513292&dn=AFWU&iso=0&pu=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&t=Direct%20Pay%20%7C%20Internal%20Revenue%20Service&chmob=0
Requested by: Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 04 Dec 2023 14:51:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
962 B 322ms
106ms Fetch
application/json 18.161.34.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.34.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-161-34-84.bos50.r.cloudfront.net
Software: /
Resource Hash: ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 04 Dec 2023 14:51:53 GMT
via: 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront), 1.1 5ebab8cdcf3ddcdf356a3843470b85ce.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, BOS50-P2
x-amzn-requestid: dd3f4028-457f-422f-8dbe-c7411531a931
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: PbEdjGvziYcEIrg=
content-length: 555
x-amz-cf-id: YTORRwtc45cnC-NOhJp3tTFHVdZHB0XZyWDsJozs1BuF2YGKKIne3A==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 361ms
65ms Script
application/javascript 23.206.172.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.820025662270081&stid=ZG8AB2Vt54kAAAAIA1NbAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.206.172.38 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-206-172-38.deploy.static.akamaitechnologies.com

Software

Resource Hash

c610d824ff3cd1060ba3dcadcf40930bf82ba190c458a798e31f9d41699570b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 04 Dec 2023 14:51:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1365
Expires: Mon, 04 Dec 2023 15:51:53 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
387 B 67ms
67ms Image
image/gif 3.20.49.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&event_source=dtscout&rnd=0.820025662270081&exptid=ZG8AB2Vt54kAAAAIA1NbAw%3D%3D&fcmp=false

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.20.49.194 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-49-194.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 04 Dec 2023 14:51:53 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
327 B 232ms
72ms Script
application/javascript 67.202.105.34
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip34.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Mon, 04 Dec 2023 14:51:53 GMT
cache-control: max-age=86400
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 4
expires: Tue, 05 Dec 2023 14:51:53 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 67ms
67ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1701701513292&dn=AFWU&iso=0&pu=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&t=Direct%20Pay%20%7C%20Internal%20Revenue%20Service
Requested by: Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 04 Dec 2023 14:51:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 68ms
67ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1701701513292&dn=AFWU&iso=0&pu=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay
Requested by: Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 04 Dec 2023 14:51:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame AC54 2 KB
1 KB 71ms
68ms Document
text/html 23.206.172.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1263.23366&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.820025662270081&stid=ZG8AB2Vt54kAAAAIA1NbAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.206.172.38 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-206-172-38.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://surabaya.floristza.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Mon, 04 Dec 2023 14:51:53 GMT
Expires: Mon, 11 Dec 2023 14:51:53 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 75ms
74ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1701701513292&dn=AFWU&iso=0&pu=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay
Requested by: Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 04 Dec 2023 14:51:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 72ms
70ms Image
text/plain 67.202.105.33
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1701701513292&dn=AFWU&iso=0&pu=https%3A%2F%2Fsurabaya.floristza.net%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay
Requested by: Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip33.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires: "Sat, 26 Jul 1997 05:00:00 GMT"
date: Mon, 04 Dec 2023 14:51:53 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1263.23366/a/US/ Frame 51DF 19 KB
9 KB 71ms
70ms Script
text/javascript 23.206.172.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1263.23366/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1263.23366&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.206.172.38 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-206-172-38.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1263.23366&cid=c010&cls=C
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 04 Dec 2023 14:51:54 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Mon, 11 Dec 2023 14:51:54 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 51DF 0
289 B 77ms
77ms Image
text/plain 23.206.172.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZG8AB2Vt54kAAAAIA1NbAw%253D%253D&tt=t.dhj&dhjLcy=1701701513763&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1263.23366&ell=d&cck=__stid&dmn=surabaya.floristza.net&pn=%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&qs=na&rdn=surabaya.floristza.net&rpn=%2Fhttps-www.irs.gov%2Fpayments%2Fdirect-pay&rqs=na&cc=US&cont=NA&evid=qOHU1wYAzSV8IvVHi_Lu&urls=&rnd=1701701514156&cid=c010&version=1.1263.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=76

Requested by

Host: surabaya.floristza.net
URL: https://surabaya.floristza.net/https-www.irs.gov/payments/direct-pay

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.206.172.38 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-206-172-38.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1263.23366&cid=c010&cls=C
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2023 14:51:54 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Mon, 04 Dec 2023 14:51:54 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
surabaya.floristza.net/	1970-01-21 01:27:17	Name: HstCfa4731924 Value: 1701701512573
surabaya.floristza.net/	1970-01-21 01:27:17	Name: HstCla4731924 Value: 1701701512573
surabaya.floristza.net/	1970-01-21 01:27:17	Name: HstCmu4731924 Value: 1701701512573
surabaya.floristza.net/	1970-01-21 01:27:17	Name: HstPn4731924 Value: 1
surabaya.floristza.net/	1970-01-21 01:27:17	Name: HstPt4731924 Value: 1
surabaya.floristza.net/	1970-01-21 01:27:17	Name: HstCnv4731924 Value: 1
surabaya.floristza.net/	1970-01-21 01:27:17	Name: HstCns4731924 Value: 1
.dtscout.com/	1970-01-20 16:41:46	Name: m Value: 1
.dtscout.com/	1970-01-20 16:41:45	Name: st Value: 1
.dtscout.com/	1970-01-20 16:41:55	Name: oa Value: 1
.dtscout.com/	1970-01-20 19:05:41	Name: df Value: 1701701513
.dtscout.com/	1970-01-20 18:49:51	Name: l Value: 104017017015132999684D5CACD79C14
.floristza.net/	1970-01-20 18:46:58	Name: __dtsu Value: 104017017015132999684D5CACD79C14
.dtscdn.com/	1970-01-20 20:59:27	Name: uid Value: 104017017015132999684D5CACD79C14
.crwdcntrl.net/	1970-01-20 23:10:26	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 23:10:26	Name: _cc_id Value: e54ecf5f520c09704be7b5b534e5414a
.sharethis.com/	1970-01-20 16:43:07	Name: pxcelAcc3PC Value: 1
.onaudience.com/	1970-01-21 01:27:17	Name: cookie Value: f8fef33acb089af2
.onaudience.com/	1970-01-20 16:43:07	Name: done_redirects109 Value: 1
.t.sharethis.com/	1970-01-20 17:01:51	Name: pxcelPage_default_c010_C Value: 1_0_1701701514155
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 79
.bluekai.com/	1970-01-20 21:05:12	Name: bku Value: ylT99/g7qVDQXKW7
.bluekai.com/	1970-01-20 21:05:12	Name: bkpa Value: KJy9/9e4d02pSUHknp1p1Exhw0joje6pmE5ZRpHZmV/ymePM1eCk9yYPH9M+

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
bcp.crwdcntrl.net
blogger.googleusercontent.com
cdn.tynt.com
de.tynt.com
e.dtscout.com
get.s-onetag.com
ic.tynt.com
onetag-geo.s-onetag.com
pd.sharethis.com
pixel.onaudience.com
s10.histats.com
s4.histats.com
surabaya.floristza.net
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bluekai.com
www.irs.gov
104.18.34.83
141.94.171.216
149.56.240.31
18.161.34.84
23.206.172.38
23.47.69.85
2600:141b:1c00:2092::f50
2606:4700:10::6814:5063
2606:4700:20::681a:c3c
2606:4700:21::8d65:780a
2606:4700:3032::6815:3333
2607:f8b0:4023::84
2607:f8b0:4024:c09::84
3.20.49.194
44.193.54.186
65.8.19.43
67.202.105.33
67.202.105.34
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
07cd91a61886937afc6a5456b89be13a17e22852bb060cbf5b6df2160204790a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0dca307b2018b8ca00dbdc21b29f161fef626f0b4b7d0dacd54eec8c263ba9b2
0f43618580dd31a8096effd969ca2af7e26ba8555ab8d732e5b32fe2ef8e8cf6
1c2998eb5e2b0337cfcf99c566f71bc74f10e324fe254dfecf3e831930a4b513
2aed0559ebb58b74e1ae783ef624dbbc9f70390a2648dc1787af6c68122ec510
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
42736c7de60dfab94b3cc902b8692f80cfeb0a5989d1d51db1d25fd7d18dc45b
446fe42df46adc6c113ad324d6be3c3df8c79cdc3a92376fd8cf9737d96d1a02
493d68e8f237b05f962056bd60a80aa816f0a7adddd1e2e944f0ad688b2af09e
561baf0bcf9ffa0205461ca95da4a23889403e237e88bea07da997db6aaf6662
69238a5125d41f5a81da26e3d7cb9c6d266d2497afc18e8c56e44420cdad4877
a1f9b6b76c5af10cdeb8108bc10487112c9b521bff9c71b67bbd7ed2e583b346
ac138fb7b1bcdc9fbeb67332bc8e283dc33bd61282ae9cfd10cd6dfd81e4fc32
ac4be05412a4585bd1c8a708b0de58cd5ca12c0ae7570a8fa8f478a80f731da8
b49061a6454a0de736c79135e733054ef2451f322dc9ef5bb486609aa466af27
bd06bfdcea455c67e119c24cfa6ae2f1a6cc1998c77f1934130403e030315ec4
bf1acd45904d5609a07a8dd94808762cb1f9ed0ca437c2fc6cd4795478f8fcd1
c610d824ff3cd1060ba3dcadcf40930bf82ba190c458a798e31f9d41699570b6
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d28bf1fd58d5c17019b54e92f9728a27bd6050a7a067ae8b3de459429282cb65
d31756b19f8a4f412b79aa9a1a2e8667829c70e3a3d65e95f907a58d0ad6d15c
e04b5320cab145cf66d00544980cbe896d975f8c9914152c2b9fb1e4f74f2c7e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e605344e52766231f8111f38a154041126020820939f04f2c3f7b2c174bf7cb7
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ed9ef750cf022f756ddf47c04964713c4b35b3e19c3a4b13a8433ec7cdde41bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff990708f1742064fb848a81f53edab5672739625bb6b0ebe08ceadd7f913c7d

surabaya.floristza.net Open in urlscan Pro 2606:4700:3032::6815:3333 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

95 %HTTPS

39 %IPv6

13 Domains

19 Subdomains

17 IPs

4 Countries

791 kBTransfer

1458 kBSize

23 Cookies

1 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

surabaya.floristza.net Open in urlscan Pro
2606:4700:3032::6815:3333 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

39 %
IPv6

13
Domains

19
Subdomains

17
IPs

4
Countries

791 kB
Transfer

1458 kB
Size

23
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!