auservices-alert.tax/files/img/myGov-cobranded-logo-white.svg
200 OK 21 kB URL GET HTTP/3 auservices-alert.tax/files/img/myGov-cobranded-logo-white.svg
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type SVG Scalable Vector Graphics image
- HTML document, ASCII text, with very long lines (64140), with no line terminators
Hash de646b2f77f5fa27d55a01bbb9cf584e
33316eb871adf6e08af7c780eb15872549d08dc3
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/img/myGov-cobranded-logo-white.svg HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: image/svg+xml
last-modified: Wed, 08 Nov 2023 13:38:48 GMT
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WW8SJElARv%2B8ROz0xZNbEQOcdNct5o58H%2FASgo5IBUtFwwH5%2FLSoFdABOjd5w109Y78FoC50VT3tu6ESb%2BXyxLipNupDXkFOAQBdSZqVJrQh9I%2Blj1Q8QNEoCJB6mDlALYV12TYhcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83344822ad5d569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
auservices-alert.tax/files/js/jquery.js
200 OK 83 kB URL GET HTTP/3 auservices-alert.tax/files/js/jquery.js
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type ASCII text, with CRLF line terminators
Hash da00af26ac4ac5a56ffdb41d1242adda
d1688a893bc280c7206182077a6a0886b9d172cf
880d71e238d522092c9d6534b286d5898a8d0968270e0eea3a457777527e58ae
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/js/jquery.js HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 13:38:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD00XEgV1YJcLcl1TqnitC42FxFIikAYtqujEUEiXZiEmZH0m2VghQ0W2ZAOecBPBIpsm3UsAc9mPApk7VKfiJKr3t6Ec1gRMoRIh051xs3dQLYon3lZE1z30UylyT29mrr9hBpmNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83344822ad56569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
code.jquery.com/jquery-3.7.0.js
200 OK 84 kB URL GET HTTP/2 code.jquery.com/jquery-3.7.0.js
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
Hash bce53304d5d3438acfa5fcfae816769f
d70fbf2f6aed2c76801d35fd793bf70a9cc060eb
265a924c42de4784cba8fd0e1bd77133bc833ea5f5a31fc77e08922c18fcfa43
GET /jquery-3.7.0.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://auservices-alert.tax
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-45944"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 10 Dec 2023 08:57:41 GMT
age: 7396462
x-served-by: cache-lga13628-LGA, cache-bma1673-BMA
x-cache: HIT, HIT
x-cache-hits: 35, 4361
x-timer: S1702198662.686498,VS0,VE0
vary: Accept-Encoding
content-length: 83531
X-Firefox-Spdy: h2
auservices-alert.tax/files/css/blugov.css
200 OK 12 kB URL GET HTTP/3 auservices-alert.tax/files/css/blugov.css
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
Hash bc2f77e3f9197b79fa5124e7532f8aa1
95e931e353dded9f56be47d3bba0f88275ed109f
9c3ea6e74fc925e182bac33c333f7a3f2691bd1af7cb614cc70d3827ec205f82
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/css/blugov.css HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: text/css
last-modified: Wed, 08 Nov 2023 13:38:48 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpgtgAD7xYqEH3rt7YnHCFOw1nGfKUupP41LcCHusEMSeEJGEzUGHzrnmDAGzvufcP6EKlPCqgouXgyefVv3N6D%2FKDJzYkGotz0NI98UQxiK%2FpeViFe5J94IGf8msM0auBxUjw%2FeaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83344822ad53569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
auservices-alert.tax/files/js/clientStatus.js
200 OK 661 B URL GET HTTP/3 auservices-alert.tax/files/js/clientStatus.js
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
Hash cf74f2a0fe145c80d4b2b284a76c2d61
567890515298391bf79228237e92bd2180e52bf5
70b94b7d45c64d68c378083f4b7feb5b8b2b0d107a2775fbb9813e3ddadb85f2
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/js/clientStatus.js HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 13:38:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knJSi%2B6Fl44pCi9tOYsS7OT85jKOCPu77osTmDpJu0f3lmoYS8Ldb9hqc6JjdPK0BybYRIyzk4UQcOoP5dwGu8t%2BgeFQOxCO45EGi4zltKf%2F%2Bi2Bjl3naMnDY4UT%2Bf1R3eovGRxjHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83344822ad57569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
200 OK 17 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
File type gzip compressed data, max compression
- data
Hash 9c0db812183fd30d5e0c5a61d03533ac
ff948d57141ce068374060e838da3014cacb800b
a086dc0509e95973d80284431c88bf86a06e71f9afb8363fe055b301cb77e43b
GET /css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 10 Dec 2023 08:57:41 GMT
date: Sun, 10 Dec 2023 08:57:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auservices-alert.tax
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:25 GMT
expires: Fri, 06 Dec 2024 15:46:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 234676
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
auservices-alert.tax/files/img/favicon.png
200 OK 238 B URL GET HTTP/3 auservices-alert.tax/files/img/favicon.png
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
- data
Hash 734603b796e313e6b30c5314cfff7a0d
9ef8bcab45a447a173ba98d4e8af6114c30a1aca
5e70f30259d620e25efa88586a8871d5c94113f0b0d7d6f3e817f585891bf154
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/img/favicon.png HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: image/png
content-length: 238
last-modified: Wed, 08 Nov 2023 13:38:49 GMT
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msmGU3bcmnn4j7TaQ8B%2B9aFVnx%2BSIiMBJDuIS07G7twvzJx6z4BhnMnYBQ29ONvsO3oFSb20uBZYOgINGrk7m96QpeGyPVz07otxt369m074%2FXbwTg7HgAJHrBkilJLLSIJE3EzCig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833448256840569c-OSL
alt-svc: h3=":443"; ma=86400
auservices-alert.tax/files/js/login.js
200 OK 727 B URL GET HTTP/3 auservices-alert.tax/files/js/login.js
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type ASCII text, with very long lines (763), with no line terminators
Hash 74e90cd9b900c3ec0fd9389fe655bcf4
bd9ca5254bc9f2d9b1c56b7a26d8afd9503fb38d
1f09a94d7fc67047dd10cd5dae1b14b32b2d63967e32e6b9649d50fa74f8e0f9
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/js/login.js HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 13:38:47 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsZIyXTu2Q9LwBwkJl4REQTosysGoSVp3bLgWcduDC6yDBOLUnGXuaEJ%2BcOjwoygdORSeHPkjUTZw5JasbAhc22wle5LI9nSh9NsH2CATS2RZPUUGC7UYCjnP1tWPxSbeCDMBeuzyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83344822ad5c569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
auservices-alert.tax/intl/secure.php/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/
302 Found 9.0 kB URL User Request GET HTTP/2 auservices-alert.tax/intl/secure.php/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/
IP
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /intl/secure.php/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/auservices-alert.tax/ HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 10 Dec 2023 08:57:39 GMT
content-type: text/html; charset=UTF-8
location: //auservices-alert.tax/
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0syIve0MNoA7IhQVjAfayeubCitIT2OwxnsUFYl8RIHspovlwjBA%2F482ONbnYedpooWggcpB2Oaep%2BMYSPcY150Wo8FV1Fbkft%2BaXYVJAmyeBiw0Uw3y9wWfLZpGpkwITkeSYV03tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8334481668b156aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
auservices-alert.tax/intl/secure.php
200 OK 9.0 kB URL User Request GET HTTP/3 auservices-alert.tax/intl/secure.php
IP
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document, ASCII text, with very long lines (9557), with no line terminators
Hash 4e5bbad1e9a840d945fc882c51b21420
2048759d14a8360103c9cc854ad1b1ba0a2405a9
a7ee8f6cd69f741265ce56c0315e3f7655185e28d5c0c18da0cdf310ed2d44ea
GET /intl/secure.php HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqlUpBIcr08F9GpwllOp%2B55cKKzdGbX5Xh5F%2BQ1qHNi3UDVSIFQ4EtuxG5ExtbRXm9jX%2BsLgC3x7MAvlwoBHZEVugkCQYRxiQQAmHWVOgoRvkdyJHR7Gqp7McNQ8CAdEiiFc834iOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8334481f8a78569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
auservices-alert.tax/files/fonts/Lucida%20Sans.ttf
200 OK 59 kB URL GET HTTP/3 auservices-alert.tax/files/fonts/Lucida%20Sans.ttf
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type TrueType Font data, 16 tables, 1st "LTSH", 40 names, Macintosh, � 1991 Bigelow & Holmes Inc. Pat. Des. 289,420. All Rights Reserved. � 1990-1991 Type Solutions,
- data
Hash d324d81ab6bb59a57b48685202de640f
1deaf2cec9417ad343c3592646b5f14294bbdbd2
373f07a5c2c147ee5e6ec6a6167df0e67e7d008fc9fb2109fe06610ca439ed50
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/fonts/Lucida%20Sans.ttf HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/files/css/page.css
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: font/ttf
last-modified: Wed, 08 Nov 2023 13:38:47 GMT
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8edIUXjG5wRZx0TqZt%2FdVjOgiVQEZUyr6t8gQiRPGrbdyfhpqI5F40C38yBRjAhJCU1eUrnCikjmOsrT8z4rddDNwnMkdUEFv%2FE34KBL7%2B%2B%2F15eM9RE3I9uIa8tHbTht1EnkAbCvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83344824af5e569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
auservices-alert.tax/files/css/page.css
200 OK 3.3 kB URL GET HTTP/3 auservices-alert.tax/files/css/page.css
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type ASCII text, with very long lines (3693), with no line terminators
Hash 77413232682900e41dda93f606c6e61b
41ae2a16215d79273718ae59ae7df640823547ef
db28002de241acb14290140e8fb2af832edb0c978313bd2f2bcfbca8c2768e40
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/css/page.css HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: text/css
last-modified: Wed, 08 Nov 2023 13:38:48 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ua4bGj9SqaOgoumYg%2FavZh5yWjujQygeuay%2FVIgVyQYFfKTlW%2FRWk7t6cQKrepu8m6HYh3NdQKAHpp9wU7CTikPK%2BywXWFWF9s63u2sJwnNqsa804KhROmr4swJFkbKJ1JIp3EDy1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83344822ad55569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
auservices-alert.tax/files/img/myGov-cobranded-logo-black.svg
200 OK 64 kB URL GET HTTP/3 auservices-alert.tax/files/img/myGov-cobranded-logo-black.svg
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type SVG Scalable Vector Graphics image
- HTML document, ASCII text, with very long lines (64143), with no line terminators
Hash b53f20300babca4ebb422e59b888be1f
699c5898c6dd9d2b8b949db2e13c8f0b0d29e26b
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/img/myGov-cobranded-logo-black.svg HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: image/svg+xml
last-modified: Wed, 08 Nov 2023 13:38:49 GMT
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfwxBlBVgmKU5PwHSjTo%2FBtVk9rqCfr1T%2F%2FldtwPI91DsIbUk%2BNR2EsZzAVCN7q3LwOvWGYWvWbF2LNZQBrqXdaHg2JR0VIviQAP6e6TKr3WZnd53J%2FJLhHlFrXwthIKkSVuZWlntw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83344822ad5a569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://auservices-alert.tax
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 04:57:34 GMT
expires: Fri, 06 Dec 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 273607
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
302 Found 9.0 kB URL User Request GET HTTP/2 IP
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: text/html; charset=UTF-8
location: intl/secure.php
set-cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; path=/
allowed=1; expires=Sun, 10-Dec-2023 09:18:05 GMT; Max-Age=1200; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2BUrJ4cl13KBBfJ47CO4Vao4321L8njlfqdLZhJNn2hMfYxQoy5cqeMRkVmJmXk8XqIIOVfUi7YfCzcUI5CCxz8Cf5g6S28SDW2O6nxC%2BNhSaBAXZsk1XOgvV9e0GmbHm2Dc5Enpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83344817a95e56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
auservices-alert.tax/files/css/mgv2-application.css
200 OK 128 kB URL GET HTTP/3 auservices-alert.tax/files/css/mgv2-application.css
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
File type ASCII text, with very long lines (59825)
Size 128 kB (127809 bytes)
Hash dc1b3b3e5043dd0f04efd60c46ac3953
a3d401b405720346eed630f13bd2c792af27a05b
4da7bbf336eb443d346f3fe3604ccbcde366b43df36f87434334d54fa1aa0ed7
Analyzer Verdict Alert urlquery phishing Phishing - Australian Government
GET /files/css/mgv2-application.css HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:41 GMT
content-type: text/css
last-modified: Wed, 08 Nov 2023 13:38:48 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cache-control: max-age=14400
cf-cache-status: HIT
age: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gD9DT1i%2Fd7Pk%2BYsaI38YuzexFzkD4a1d7UEtRJr1XhIuxrULgKjyfIV5%2FTuvzV8tf5AQMU7XFYchqCtmwWJDcLKmQs7sg3F1zvn8zX4nSueek77Wvw2AhBQI56H8mM9aVxp2RnNEtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83344822ad52569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
auservices-alert.tax/files/incl/action.php?type=clientStatus
200 OK 0 B URL GET HTTP/3 auservices-alert.tax/files/incl/action.php?type=clientStatus
IP
Requested by https://auservices-alert.tax/intl/secure.php
Certificate IssuerGoogle Trust Services LLC
Subjectauservices-alert.tax
FingerprintBC:AF:20:AB:C4:F1:A4:B7:F9:F4:4D:60:FB:72:48:4F:B8:8B:55:ED
ValidityTue, 28 Nov 2023 00:52:47 GMT - Mon, 26 Feb 2024 00:52:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /files/incl/action.php?type=clientStatus HTTP/1.1
Host: auservices-alert.tax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://auservices-alert.tax/intl/secure.php
Cookie: PHPSESSID=4j4m47463j1buol3ruougkdo5p; allowed=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 10 Dec 2023 08:57:45 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
sec-fetch-site: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XkGT%2BVP1xxp%2FymoIR%2Bc8FvVYcW5Uays2TCt0122ZRPUumYIlhRD55u3iqiGPE8Xhe6%2BvuajTUxaBw0wpyChfAAQGaAPXhmw0QIH7S7eNqO3M6W61CC1vk7NYSMAsurhsp1ghKrn1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8334483738bb569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
104.21.73.181
151.101.66.137