| www.google.com/recaptcha/api.js | 142.250.74.132 | 200 OK | 1.0 kB |
URL GET HTTP/2www.google.com/recaptcha/api.js IP142.250.74.132:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
Hash5050ac21dabd123bb41b9ba3d2e6bc2e ee0e74eebfcae506fd788fd99cf9e716ffda3a4f ddb4088f1a77b266d63ba9383d04796d00bba057594e9b86db70a79ee0befa48
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 17 Apr 2024 17:04:04 GMT
date: Wed, 17 Apr 2024 17:04:04 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| hekwjelsdjzxn.pages.dev/LoginServices/main/ruxitagentjs_ICA2Vfghjqrux_10249220905100923.js | 172.66.46.224 | 200 OK | 3.3 kB |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/LoginServices/main/ruxitagentjs_ICA2Vfghjqrux_10249220905100923.js IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeHTML document, ASCII text, with very long lines (753), with CRLF line terminators Hash72dc29168b2f9bc809d3a340b2325660 123b0103aab44412ca101408e9b551aaa8873814 9dfea0ea27a294f26d1673835606c15d4f6ef146e7ce9a1ebf4040e8319cc10d
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /LoginServices/main/ruxitagentjs_ICA2Vfghjqrux_10249220905100923.js HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=islPnWwh0ZXeblJ%2FrVIK7oeF1YD1vMWJT88xL%2Byn58Jt%2FcDnZr4EcXH7RDMsw6aQPHx%2FAwj%2FSvfg8r11fnjX6b4hCSMrAX%2FaZOl%2BcFMivuAs3drOVbwuEeCJBqBiwzgNRthw3Tm4exDdxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfcaec392d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hekwjelsdjzxn.pages.dev/mgv2-application.css | 172.66.46.224 | 200 OK | 37 kB |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/mgv2-application.css IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeASCII text, with very long lines (59825) Hashaf6ff6a661f6f6822193e200619b8962 e516c4fb92f7cef1b66ed49d7bf4c04cb198b97a 6b029a47a7bb72e8b70cf436b83d904b8a366fd360d12b4d8917c9f59e4b7d46
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Australian Government | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /mgv2-application.css HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"db960120cc5de562abfba5fb2d99b0c0"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpnQdQ6xky78nDLv02nK3MK6O16OMjv0r5ZoZcp0c15QxFFN5t5O6q1gfWKsb%2BjekqtnykO%2Bz38hiedFURed8OvJfrRHzM3qmewyUtEu2lafj4AVr9ceMgzZ5Y1KBwFBaXq%2FpvNj2v4DfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfcbec692d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hekwjelsdjzxn.pages.dev/myGov-cobranded-logo-black.svg | 172.66.46.224 | 200 OK | 36 kB |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/myGov-cobranded-logo-black.svg IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeSVG Scalable Vector Graphics image Hashb53f20300babca4ebb422e59b888be1f 699c5898c6dd9d2b8b949db2e13c8f0b0d29e26b 954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Australian Government | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /myGov-cobranded-logo-black.svg HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"b7d79a0510019d5d23626b30fa2cdbb1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvvtTW5AXVxYUCWDiw969O6WUSb6ZkR%2FHDU9d2iSZLU836NnTg5IU14YKVi2t2U4kJuM%2ByiqB9WiBk6CCkHBb9uPTLK4skfLKPwZEFxz4j68rqQX5KmeBn8R7k1OKP%2BEw4BBHvWfYMaehA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfcbede92d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hekwjelsdjzxn.pages.dev/blugov.css | 172.66.46.224 | 200 OK | 26 kB |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/blugov.css IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash017be08165c903d14304596847c2661b 90d38f57be7614813e1e49a6090064dc023985b3 4217794b756a7de5f436ce268788f5f5ec0d457fbba048d13aa6addf30135b14
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Australian Government | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /blugov.css HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a4a2682a3e363c3280320178015e46e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJbfUQ15GOQVzT%2BbB29%2FSXMAaBRaxRGrqRmlOs%2BG9jd2YtqzHElOkF9Ir5%2F0fc97qtKMsZkI2ZjnKG8aplyIOWlccR%2Fi%2ByFkNkW9V7ELXUVsFqe1As9ayAYrAW3qqq0OjeQm9Yz8pgqIPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfcbed592d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hekwjelsdjzxn.pages.dev/icons/blugov-left-chevron-dark.svg | 172.66.46.224 | 200 OK | 3.3 kB |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/icons/blugov-left-chevron-dark.svg IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeHTML document, ASCII text, with very long lines (753), with CRLF line terminators Hash72dc29168b2f9bc809d3a340b2325660 123b0103aab44412ca101408e9b551aaa8873814 9dfea0ea27a294f26d1673835606c15d4f6ef146e7ce9a1ebf4040e8319cc10d
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /icons/blugov-left-chevron-dark.svg HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/blugov.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2BbxXn1iXDn870d0hLGt79vS%2BIcN%2BgQAl2UR5F9Nd0nzjHmHjzrTdquqjG0SX8r1LZY6cJzMMDWiUOqXQVO0Nxc2mNnRtw%2BGVwH%2F5AFzKgAvDuE5nNFr2kovT4EG8%2Fo3XjgixPgDLXkkhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfe6a7a92d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js | 142.250.74.35 | 200 OK | 203 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (554) Size203 kB (203369 bytes) Hashe9ccb3dbde79ba5ffdf9cad4b32d59fd 3a8cd67adc7c885bdf683f1e7f491e6a4a50679f 8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
GET /recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
Origin: https://hekwjelsdjzxn.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 203369
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 02:30:15 GMT
expires: Sun, 13 Apr 2025 02:30:15 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 398030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/styles__ltr.css | 142.250.74.35 | 200 OK | 25 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/styles__ltr.css IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfXfX4kAAAAAMeH8ToLn4NCO-EM6SWqBpVwyJwP&co=aHR0cHM6Ly9oZWt3amVsc2RqenhuLnBhZ2VzLmRldjo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=29ruzgw1lyiu CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeASCII text, with very long lines (56398), with no line terminators Hasheb4bc511f79f7a1573b45f5775b3a99b d910fb51ad7316aa54f055079374574698e74b35 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:54:26 GMT
expires: Wed, 16 Apr 2025 09:54:26 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
content-type: text/css
vary: Accept-Encoding
age: 112179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js | 142.250.74.35 | 200 OK | 203 kB |
URL GET HTTP/2www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (554) Size203 kB (203369 bytes) Hashe9ccb3dbde79ba5ffdf9cad4b32d59fd 3a8cd67adc7c885bdf683f1e7f491e6a4a50679f 8f2c6777c7ccc01ab67290fa8acd5a4c4866be64129f39dfaeb9197dfa15e137
GET /recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 203369
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 02:30:15 GMT
expires: Sun, 13 Apr 2025 02:30:15 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 398030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfXfX4kAAAAAMeH8ToLn4NCO-EM6SWqBpVwyJwP&co=aHR0cHM6Ly9oZWt3amVsc2RqenhuLnBhZ2VzLmRldjo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=29ruzgw1lyiu CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:43:03 GMT
expires: Fri, 11 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 570062
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:443
Requested byhttps://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfXfX4kAAAAAMeH8ToLn4NCO-EM6SWqBpVwyJwP&co=aHR0cHM6Ly9oZWt3amVsc2RqenhuLnBhZ2VzLmRldjo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=29ruzgw1lyiu CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:54:07 GMT
expires: Thu, 18 Apr 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 569398
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/mgv2-vendor.js | 172.66.46.224 | 200 OK | 0 B |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/mgv2-vendor.js IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /mygov/content/mgv2/js/mgv2-vendor.js HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=USqK6ISAy33yFdQowa6zCWEZ4M8Ps32yDHcYdUL2fVYoRN43c8b%2B3%2BpRn5MJez4l6iqg9bJyuG4OPbwOtWHGz6R9noKPjpK5Mtju8P9pjVSzYxa4yPTaU2eAwyGa4EJZqJwPbQP%2FuQsw7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfcbee992d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hekwjelsdjzxn.pages.dev/mygov/content/mgv2/icons/favicon-16x16.png | 172.66.46.224 | 200 OK | 8.8 kB |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/mygov/content/mgv2/icons/favicon-16x16.png IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeHTML document, ASCII text, with very long lines (10543), with no line terminators Hash30139fa255291a978f080288ea78cb41 07a0931a97649847024fed2c2527b83809fdb89c 5d8b0711aaf8d53daa01ffb23f318a82d7652335512d0fdf5478829e1601c5d6
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /mygov/content/mgv2/icons/favicon-16x16.png HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dDzJ7E8Ur2kqZqzifvkOjUcWBWnUE3mFNElP595UdtqrDIW29kNIbgBU2H47w4DQSS6796Z08oW%2BJtQw7mjGlJSYkjY%2F9REawnoyT04YchoIryGteXt8Opn2GrUCzgRccG%2Ff%2By4BVBQCrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdff9cf992d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hekwjelsdjzxn.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 88586
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/login.js | 172.66.46.224 | 200 OK | 0 B |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/login.js IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /mygov/content/mgv2/js/login.js HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcWAxAYyZV2umhBLe23ZoDYiHNWPDeG6bMXPlCj1vmoFCSZnUykv7BbBl7onqzvhlKcLCluNbU1kkV8aJy5qEhE5OSkM7mr%2F%2F%2BRl6DykKd2DXhkOrY4IHSFFZ28oviSeDzmR%2FgU2jUUIbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfecb2d92d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/login.js | 172.66.46.224 | 200 OK | 0 B |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/login.js IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /mygov/content/mgv2/js/login.js HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ec8HuCHFLNk140UmPL4IIsavB8CR9EFKmruGSdMm3yP8hk5%2FzbPJ%2Bma%2F3fGUVuV82NqHy%2Ftvs%2BU9CsBuj0dKrj79jUsHy%2BdWBO95UvaE0kfr2KYlr%2BRFfXZCtXP9SjcX2r6qe7GIFf7Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfcbef292d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/mgv2-application.js | 172.66.46.224 | 200 OK | 0 B |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/mgv2-application.js IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /mygov/content/mgv2/js/mgv2-application.js HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zm%2BRBCYwIIgL%2BQpIwtV9g22m3cktpUGus%2F7UriAz%2F0J55Wg3spbvSPb2SixyPEMurQXcsKxl0nRZaMN%2Bm%2FVbEzdY1SJonHxLvHBEBH04bz%2FrsEZYNkgQK0x113zGm8N45NqzULt9oWYfFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfe29f092d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| hekwjelsdjzxn.pages.dev/myGov-cobranded-logo-white.svg | 172.66.46.224 | 200 OK | 64 kB |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/myGov-cobranded-logo-white.svg IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeSVG Scalable Vector Graphics image Hashde646b2f77f5fa27d55a01bbb9cf584e 33316eb871adf6e08af7c780eb15872549d08dc3 10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Australian Government | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /myGov-cobranded-logo-white.svg HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2505abc899f3807a546ccb9bcfe8a858"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUORKLJbZK5gc%2FpS60mKSPUPUskqRC%2B%2FC2M9B3NGyqX1LcBICpZE%2FfcIO6SvK%2F6zZbFw701lhwXBEWGhvvAhIIEUHctKD6uaUTJcCHENUth%2B36x8VnDZmyj%2BU%2F3P7UYlr8Tu4QX3SIsg8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfcbee392d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15920, version 1.0 Hash3a44e06eb954b96aa043227f3534189d 23cef6993ddb2b2979e8e7647fc3763694e2ba7d b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hekwjelsdjzxn.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:56 GMT
expires: Fri, 11 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 531788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 172.66.46.224 | 200 OK | 8.8 kB |
URL User Request GET HTTP/2IP172.66.46.224:443
CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeHTML document, ASCII text, with very long lines (10543), with no line terminators Hash30139fa255291a978f080288ea78cb41 07a0931a97649847024fed2c2527b83809fdb89c 5d8b0711aaf8d53daa01ffb23f318a82d7652335512d0fdf5478829e1601c5d6
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET / HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1e7s2j1rcjbR%2FBuzD7ys%2B66F7osOwTtGwE%2F41HkP7O1en3KamwSHnpnGd467wmsRI%2Bn%2FlAz2U2Tqs6wCRkPHYbTBVud6XB2Gp4y7Rzizl4fGSeRi6OKQw5f7eqK%2BAc3xE%2B%2Ffbx53mk3aRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfa689b997e-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hekwjelsdjzxn.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 140973
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| hekwjelsdjzxn.pages.dev/icons/icon-blugov-info.svg | 172.66.46.224 | 200 OK | 8.8 kB |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/icons/icon-blugov-info.svg IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
File typeHTML document, ASCII text, with very long lines (10543), with no line terminators Hash30139fa255291a978f080288ea78cb41 07a0931a97649847024fed2c2527b83809fdb89c 5d8b0711aaf8d53daa01ffb23f318a82d7652335512d0fdf5478829e1601c5d6
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /icons/icon-blugov-info.svg HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/blugov.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pv7TR8jOCsdaIt3MsNJ0XV81EIUccKhQ4laY0ZsXF0e8A%2FeaSBvbKidHugpQ%2FdSAsoOdjJZuRCVDCurfwrR3JrglRj3KGkpe1Z0F%2BCp4ObEV5aTDvx8Y3PEYgvby%2BDyGqyGEnjq1g4egGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfe7a7f92d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap | 142.250.74.106 | 200 OK | 17 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap IP142.250.74.106:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash5f5bd58e02f8486ce59ed5d5fb1509d9 77fd797117ddce4c084ad2a14caa45bb1a935069 634cde3f8690c3853219fbbde17b42f14f2ce058319521ba704e0607b1620c2f
GET /css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 17:04:04 GMT
date: Wed, 17 Apr 2024 17:04:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/api2/anchor?ar=1&k=6LfXfX4kAAAAAMeH8ToLn4NCO-EM6SWqBpVwyJwP&co=aHR0cHM6Ly9oZWt3amVsc2RqenhuLnBhZ2VzLmRldjo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=29ruzgw1lyiu | 142.250.74.132 | 200 OK | 7.3 kB |
URL GET HTTP/3www.google.com/recaptcha/api2/anchor?ar=1&k=6LfXfX4kAAAAAMeH8ToLn4NCO-EM6SWqBpVwyJwP&co=aHR0cHM6Ly9oZWt3amVsc2RqenhuLnBhZ2VzLmRldjo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=29ruzgw1lyiu IP142.250.74.132:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeHTML document, ASCII text, with very long lines (7494), with no line terminators Hashfc10bd5f74be2ddc02fcaae3ab59ed50 93f2b34864e182307571877b295007d6003e6428 275c94a7ca77b704791686fe8b173c12e3156c3f686a41d5689a174a080a5261
GET /recaptcha/api2/anchor?ar=1&k=6LfXfX4kAAAAAMeH8ToLn4NCO-EM6SWqBpVwyJwP&co=aHR0cHM6Ly9oZWt3amVsc2RqenhuLnBhZ2VzLmRldjo0NDM.&hl=en&v=rz4DvU-cY2JYCwHSTck0_qm-&size=normal&cb=29ruzgw1lyiu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-security-policy: script-src 'nonce-4A3GGNfn_qdRm5JQPOet_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
date: Wed, 17 Apr 2024 17:04:05 GMT
expires: Wed, 17 Apr 2024 17:04:05 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/mgv2-application.js | 172.66.46.224 | 200 OK | 0 B |
URL GET HTTP/3hekwjelsdjzxn.pages.dev/mygov/content/mgv2/js/mgv2-application.js IP172.66.46.224:443
Requested byhttps://hekwjelsdjzxn.pages.dev/ CertificateIssuerGoogle Trust Services LLC Subjecthekwjelsdjzxn.pages.dev FingerprintFF:C2:D5:5B:B4:47:54:33:19:86:15:45:5D:46:E8:33:8C:AD:65:E9 ValidityWed, 20 Mar 2024 23:52:33 GMT - Tue, 18 Jun 2024 23:52:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Australian Government | PhishTank | phishing | Other |
GET /mygov/content/mgv2/js/mgv2-application.js HTTP/1.1
Host: hekwjelsdjzxn.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hekwjelsdjzxn.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:04:04 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7247e10796e3f085d4356485016302e8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEQZB%2FRxQ7zLcRvmGdXyADCGY0JVqmFooIcMKuAMwn5sKhp%2BtQJER%2B%2B7rgWrsNA%2Bl8Hhx977FWYwsV4hBkRYjgqnWgdf9CtwulGF%2FC13MCVIudDcdVDgf4mt6180gImHlKrcmRNHTbBl%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dfdfcbeeb92d4-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|