| txmygvrefunhgygt.pages.dev/mygov/content/mgv2/js/mgv2-application.js | 188.114.96.1 | 200 OK | 3.3 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/mygov/content/mgv2/js/mgv2-application.js IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeHTML document, ASCII text, with very long lines (753), with CRLF line terminators Hashaf309e0d3cc408d6b66463c66188106c 7f6af25b4227ad67a7cc9b252d7ffc86e1b153a3 54261e382a29fdd6773c982bd14f047e1268dd4946876d401443ebf741dcb211
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /mygov/content/mgv2/js/mgv2-application.js HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b161030d7c12f685946fbb1716cae4b3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15NBzLKBtIHtmjAYGuUz%2Bl7UgxA0MNfA4OFe24ptQC3BfUvbIMENm5JEl6Mg9GN7RmTE5AHZLI25mLWyMtU81K1hK8x%2FDMWW%2FFS1rmc8QRx4JlCjH3l2edd%2BogGsYxpXkuWzBLSlhd%2BjHj0mog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e52dee85693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://txmygvrefunhgygt.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 171273
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://txmygvrefunhgygt.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 01:54:31 GMT
expires: Wed, 23 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 223660
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| txmygvrefunhgygt.pages.dev/mygov/content/mgv2/js/login.js | 188.114.96.1 | 200 OK | 3.3 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/mygov/content/mgv2/js/login.js IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeHTML document, ASCII text, with very long lines (753), with CRLF line terminators Hashaf309e0d3cc408d6b66463c66188106c 7f6af25b4227ad67a7cc9b252d7ffc86e1b153a3 54261e382a29fdd6773c982bd14f047e1268dd4946876d401443ebf741dcb211
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /mygov/content/mgv2/js/login.js HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b161030d7c12f685946fbb1716cae4b3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxF7haLeUVOqoZYGqLl%2Fo257mn85Ss5%2BNX2J5QqJNatTQ1NUHte5rmfzRIsdHR1motyEizQ3Nn%2Fwk09sPq5CeTvWyi6tf9taFglDR9gRRiGCMORwFH%2Fo%2FMJJP0tHhTd1ibTQH84pjz3zvYU4gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e533f6b5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://txmygvrefunhgygt.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 13:20:56 GMT
expires: Fri, 25 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
age: 9675
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.131 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.131:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
Origin: https://txmygvrefunhgygt.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 05:51:13 GMT
expires: Wed, 23 Apr 2025 05:51:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 209458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| txmygvrefunhgygt.pages.dev/icons/blugov-left-chevron-dark.svg | 188.114.96.1 | 200 OK | 28 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/icons/blugov-left-chevron-dark.svg IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeHTML document, ASCII text, with very long lines (753), with CRLF line terminators Hashaf309e0d3cc408d6b66463c66188106c 7f6af25b4227ad67a7cc9b252d7ffc86e1b153a3 54261e382a29fdd6773c982bd14f047e1268dd4946876d401443ebf741dcb211
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /icons/blugov-left-chevron-dark.svg HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/blugov.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b161030d7c12f685946fbb1716cae4b3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SQ6yHb4fNa7yRY%2F90MOkWtVo1Ec%2B7Hx0xzwIDPuL3HXA%2BrjgeP3RkLOnyUTBSIxpAe3LDLzNC%2B6LpLbKRmnBOIBPTxcHRpf5igHWL2vbw8IeDoqVLdj8RJ7nofhIzR7BQYgs0bgbHtZhwNRHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e52ff225693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.131 | 200 OK | 206 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.131:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 05:51:13 GMT
expires: Wed, 23 Apr 2025 05:51:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 209458
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcTYQAlAAAAAEIfKbmrYZDwZeKZVnVQX34dAV31&co=aHR0cHM6Ly90eG15Z3ZyZWZ1bmhneWd0LnBhZ2VzLmRldjo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=2mdz80dbj3jm CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:43:03 GMT
expires: Fri, 25 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 47948
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.131 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.131:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcTYQAlAAAAAEIfKbmrYZDwZeKZVnVQX34dAV31&co=aHR0cHM6Ly90eG15Z3ZyZWZ1bmhneWd0LnBhZ2VzLmRldjo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=2mdz80dbj3jm CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:35:26 GMT
expires: Thu, 25 Apr 2024 17:35:26 GMT
cache-control: public, max-age=604800
age: 599205
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| txmygvrefunhgygt.pages.dev/myGov-cobranded-logo-black.svg | 188.114.96.1 | 200 OK | 64 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/myGov-cobranded-logo-black.svg IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeSVG Scalable Vector Graphics image Hashb53f20300babca4ebb422e59b888be1f 699c5898c6dd9d2b8b949db2e13c8f0b0d29e26b 954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Australian Government | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /myGov-cobranded-logo-black.svg HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:10 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b7d79a0510019d5d23626b30fa2cdbb1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZoBGKRReWoJeaGilc8M45VaXHuRmgrowy24746lk5stPi5jyhwyIpiwy5sz%2FS2oaoj22Pbhx4dyyvPzWoE1p7tCABEmvm7VKpWPsZkyWpgG7RaS6WkTB4iKBQv0GK3NX3aiRp2iBRMczC32eA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e51cdc35693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| txmygvrefunhgygt.pages.dev/icons/icon-blugov-info.svg | 188.114.96.1 | 200 OK | 8.8 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/icons/icon-blugov-info.svg IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeHTML document, ASCII text, with very long lines (10549), with no line terminators Hash22b3f49a0bafcb1d0675959ac0c2623e bebc36459927c22f515205e89fb77c39da153f19 03ff2f2e25cbf2630391075239db347cbcf859ceba8c3cb66168cda4743f6787
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /icons/icon-blugov-info.svg HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/blugov.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b161030d7c12f685946fbb1716cae4b3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=17msqxFCBhEGaFhwnGLI20xJmoBtjddtk6R4uRzLaz%2Bp5acekM6H4h9Rv1YD2bfgnPI9z5797gtpyP%2B1Kajq2eftF1beBgmrZZXaUikXw6QWE4%2B1DnOH9%2FsofD6cl3ZndTdUieqDp2FXRITPfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e52ff265693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| txmygvrefunhgygt.pages.dev/mygov/content/mgv2/icons/favicon-16x16.png | 188.114.96.1 | 200 OK | 8.8 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/mygov/content/mgv2/icons/favicon-16x16.png IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeHTML document, ASCII text, with very long lines (10549), with no line terminators Hash22b3f49a0bafcb1d0675959ac0c2623e bebc36459927c22f515205e89fb77c39da153f19 03ff2f2e25cbf2630391075239db347cbcf859ceba8c3cb66168cda4743f6787
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /mygov/content/mgv2/icons/favicon-16x16.png HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b161030d7c12f685946fbb1716cae4b3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BYbhpNaS9XHi8sP%2BE4OkLsSyk0PZX7C9Ehr1Pk42NRreqjapUG6x2HhUPJZsFLJ%2BDkOCU5CJwULuCZZhljRPrrnygNPvqGedZ2VqgrwujWBijdXEOXT0SsL8a3q5gSUUrt%2BpPuJUS%2BBp1T0pIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e5418785693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| txmygvrefunhgygt.pages.dev/ | 188.114.96.1 | 200 OK | 8.8 kB |
URL User Request GET HTTP/2txmygvrefunhgygt.pages.dev/ IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeHTML document, ASCII text, with very long lines (10549), with no line terminators Hash22b3f49a0bafcb1d0675959ac0c2623e bebc36459927c22f515205e89fb77c39da153f19 03ff2f2e25cbf2630391075239db347cbcf859ceba8c3cb66168cda4743f6787
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 16:02:10 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b161030d7c12f685946fbb1716cae4b3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uKh9uF8IDmfWkJufYEuFAjRccUeGfi46NrXG0CCNASh481qLzdPTABBDNeD0tGD5524HUnmzD%2B73QM4IzanAg8eKJ56HbWJju2zTTVTIJO0EiVWK923JVVbCS3487x1gTTBfFsXi8%2F3jOkUW5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e4ec88d5697-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| txmygvrefunhgygt.pages.dev/LoginServices/main/ruxitagentjs_ICA2Vfghjqrux_10249220905100923.js | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/LoginServices/main/ruxitagentjs_ICA2Vfghjqrux_10249220905100923.js IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /LoginServices/main/ruxitagentjs_ICA2Vfghjqrux_10249220905100923.js HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:10 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b161030d7c12f685946fbb1716cae4b3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZFve%2B%2FrCIxsGaoPiOBeusI1I%2B3MTUNkpBWIampAewNgFEDpdDpCVa3Qok8T6%2BD4sAtCLF%2F%2ByrKGoaVlkGDXs5R9snQ0IOtfORUfZg2B2NDk2AZseOkMat0qBUgtSdAXMbMy7Zr08dZmV00xgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e51cdbc5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6LcTYQAlAAAAAEIfKbmrYZDwZeKZVnVQX34dAV31&co=aHR0cHM6Ly90eG15Z3ZyZWZ1bmhneWd0LnBhZ2VzLmRldjo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=2mdz80dbj3jm | 216.58.211.4 | 200 OK | 7.3 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/anchor?ar=1&k=6LcTYQAlAAAAAEIfKbmrYZDwZeKZVnVQX34dAV31&co=aHR0cHM6Ly90eG15Z3ZyZWZ1bmhneWd0LnBhZ2VzLmRldjo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=2mdz80dbj3jm IP216.58.211.4:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeHTML document, ASCII text, with very long lines (7494), with no line terminators Hashc96c09be07446bd3ef06e0d312a67df4 2b7a9b1f323097d70e39176d713bf0a7eb3a0903 07add071b2303149e994b71ff5a3d444879662899f3f615e800656756376b47f
GET /recaptcha/api2/anchor?ar=1&k=6LcTYQAlAAAAAEIfKbmrYZDwZeKZVnVQX34dAV31&co=aHR0cHM6Ly90eG15Z3ZyZWZ1bmhneWd0LnBhZ2VzLmRldjo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=2mdz80dbj3jm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy: script-src 'nonce-C_83Aeb8ikqXzrkECe7MJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
date: Thu, 25 Apr 2024 16:02:11 GMT
expires: Thu, 25 Apr 2024 16:02:11 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/recaptcha/api.js | 216.58.211.4 | 200 OK | 850 B |
URL GET HTTP/2www.google.com/recaptcha/api.js IP216.58.211.4:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File typeJavaScript source, ASCII text, with very long lines (850), with no line terminators Hashee87fd4035a91d937ff13613982b4170 e897502e3a58c6be2b64da98474f0d405787f5f7 7649b605b4f35666df5cbcbb03597306d9215f53f61c2a097f085fa39af9859f
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Thu, 25 Apr 2024 16:02:10 GMT
date: Thu, 25 Apr 2024 16:02:10 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| txmygvrefunhgygt.pages.dev/mygov/content/mgv2/js/mgv2-vendor.js | 188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/mygov/content/mgv2/js/mgv2-vendor.js IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /mygov/content/mgv2/js/mgv2-vendor.js HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:10 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b161030d7c12f685946fbb1716cae4b3"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p434NYWPMQlRfTccF%2F76pDYQZaV%2BvXRmK6txFm6wQY2Dnft6XBUVZqLFUyQNwD0b4fLxJ3pnyK9GcE2jp9hQ2swjmnJR6tvqkr%2B17ueoyBz6DbfuEC6cKk7Z%2F9%2FlxXpAXj5Xh5Nw31FEcCV7aw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e51eded5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| txmygvrefunhgygt.pages.dev/myGov-cobranded-logo-white.svg | 188.114.96.1 | 200 OK | 64 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/myGov-cobranded-logo-white.svg IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeSVG Scalable Vector Graphics image Hashde646b2f77f5fa27d55a01bbb9cf584e 33316eb871adf6e08af7c780eb15872549d08dc3 10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Australian Government | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /myGov-cobranded-logo-white.svg HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:10 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2505abc899f3807a546ccb9bcfe8a858"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPSiKTqwuNf%2B3AENhxwwbNpWWorwewyPNvTDVx3IMd0WJkSOCaBpRRYJpaxNtmEAy2ss2239G9%2FXITW3B5e36L0vv2pdXuGd07bX%2B9wj6pjv%2B3c6VFO5%2Bja4trvloZElWsPTvVDtacvwteV7iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e51edeb5693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| txmygvrefunhgygt.pages.dev/mgv2-application.css | 188.114.96.1 | 200 OK | 126 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/mgv2-application.css IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeASCII text, with very long lines (59825) Size126 kB (125451 bytes) Hashaf6ff6a661f6f6822193e200619b8962 e516c4fb92f7cef1b66ed49d7bf4c04cb198b97a 6b029a47a7bb72e8b70cf436b83d904b8a366fd360d12b4d8917c9f59e4b7d46
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Australian Government | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /mgv2-application.css HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"db960120cc5de562abfba5fb2d99b0c0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjfmH77ET2FLCRU6bqSGeXWoNrBXDypfKY43IN3TwXv7W97UBmlbN%2Bro27xAvsvxfweQW1NqNy2BQdOLpqZDuUVW2PLU%2B9tP8Vf2Vul6%2FXe76%2BlNmc7DZfb7OAvYEHPyXJT0sZzzO6H2g%2FwdyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e51cdc15693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css | 142.250.74.131 | 200 OK | 56 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css IP142.250.74.131:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcTYQAlAAAAAEIfKbmrYZDwZeKZVnVQX34dAV31&co=aHR0cHM6Ly90eG15Z3ZyZWZ1bmhneWd0LnBhZ2VzLmRldjo0NDM.&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=2mdz80dbj3jm CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 14:47:48 GMT
expires: Wed, 23 Apr 2025 14:47:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 177263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap | 142.250.74.74 | 200 OK | 17 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap IP142.250.74.74:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash5f5bd58e02f8486ce59ed5d5fb1509d9 77fd797117ddce4c084ad2a14caa45bb1a935069 634cde3f8690c3853219fbbde17b42f14f2ce058319521ba704e0607b1620c2f
GET /css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 16:02:10 GMT
date: Thu, 25 Apr 2024 16:02:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| txmygvrefunhgygt.pages.dev/blugov.css | 188.114.96.1 | 200 OK | 71 kB |
URL GET HTTP/3txmygvrefunhgygt.pages.dev/blugov.css IP188.114.96.1:443
Requested byhttps://txmygvrefunhgygt.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecttxmygvrefunhgygt.pages.dev Fingerprint13:91:33:D6:61:C3:6D:ED:9D:8D:F7:7A:F8:A3:8C:20:70:C1:B4:74 ValiditySun, 31 Mar 2024 23:44:26 GMT - Sat, 29 Jun 2024 23:44:25 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash017be08165c903d14304596847c2661b 90d38f57be7614813e1e49a6090064dc023985b3 4217794b756a7de5f436ce268788f5f5ec0d457fbba048d13aa6addf30135b14
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Australian Government | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other | Quad9 DNS | malicious | Sinkholed |
GET /blugov.css HTTP/1.1
Host: txmygvrefunhgygt.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://txmygvrefunhgygt.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 16:02:10 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a4a2682a3e363c3280320178015e46e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nUTZP1IqoSSfXkCiNNDJepaR9JAsE3TUk1w5aes%2FSAS8yJEwCt1nwSfcnzeXSpPRZ3pSeYOyQUQJ%2BqkwnocKIHuqNknbew6Jn9fuWT3FXOimF%2BFeP65f9VN9UW%2BdLJYgRfrwJ81oLz%2FbjD85eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879f8e51cdc25693-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|