dashing-reindeer.10web.site Open in urlscan Pro
34.70.139.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://urlz.fr/lcbu
Effective URL:
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
Submission: On March 31 via manual (March 31st 2023, 4:52:39 am UTC) from AU — Scanned from NL

Summary HTTP 22 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 34.70.139.72, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is dashing-reindeer.10web.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 3rd 2022. Valid for: a year.

This is the only time dashing-reindeer.10web.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3038::6815:ead6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.245.105.165 77.245.105.165	35104 (KTC-AS) (KTC-AS)
2 21	34.70.139.72 34.70.139.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	4

1 2606:4700:3038::6815:ead6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.105.165 (Astana, Kazakhstan)

ASN35104 (KTC-AS, KZ)

qujat.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 34.70.139.72 (Council Bluffs, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.139.70.34.bc.googleusercontent.com

dashing-reindeer.10web.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	10web.site 2 redirects dashing-reindeer.10web.site	4 MB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	28 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	29 KB
1	qujat.kz qujat.kz	464 B
1	urlz.fr 1 redirects urlz.fr — Cisco Umbrella Rank: 869226	506 B
22	5

	Domain	Requested by
21	dashing-reindeer.10web.site	2 redirects dashing-reindeer.10web.site cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	dashing-reindeer.10web.site
1	code.jquery.com	dashing-reindeer.10web.site
1	qujat.kz
1	urlz.fr	1 redirects
22	5

This site contains links to these domains. Also see Links.

Domain
login.my.gov.au
beta.my.gov.au
www.digitalidentity.gov.au
www.mygovid.gov.au
australia.gov.au

Subject Issuer	Validity	Valid
qujat.kz R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.10web.site Sectigo RSA Domain Validation Secure Server CA	`2022-10-03` - `2023-09-18`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
Frame ID: 5ADD86CD28BEE21630697755670661F0
Requests: 19 HTTP requests in this frame

Frame: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/saved_resource.html
Frame ID: CA9E758343472ECFEDB8DB9BC168027A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign-in - myGov

Page URL History Show full URLs

https://urlz.fr/lcbu HTTP 302
https://qujat.kz/mygoo.html Page URL
https://dashing-reindeer.10web.site/cpsess9100303772/ HTTP 302
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed HTTP 301
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/ Page URL
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

4578 kB
Transfer

5343 kB
Size

1
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://login.my.gov.au/LoginServices/main/login?execution=e2s1
Title: Skip to Ask a question

Search URL Search Domain Scan URL

URL: https://beta.my.gov.au/?utm_source=blue&utm_medium=banner&utm_campaign=myGov&utm_id=beta&cid=mygovbeta_banner_green_unauth
Title: myGov Beta

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/CredentialManager/recoverUserId.jsp?Origin=&Return=/sps/auth&Login=true
Title: Forgot username

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/CredentialManager/resetPassword.jsp?Origin=&Return=/sps/auth&Login=true
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/LoginServices/main/login?execution=e2s1&_eventId=digitalIdentity
Title: Continue with Digital Identity

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/EnrolService/register.jsp?login=true&Return=/mga/sps/auth
Title: create a myGov account

Search URL Search Domain Scan URL

URL: https://www.digitalidentity.gov.au/
Title: Digital Identity

Search URL Search Domain Scan URL

URL: https://www.mygovid.gov.au/
Title: myGovID

Search URL Search Domain Scan URL

URL: https://australia.gov.au/
Title: australia.gov.au

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/about.html
Title: About myGov

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/contact.html
Title: Contact us

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/terms.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/copyright.html
Title: Copyright

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/security.html
Title: Security

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/help.html
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://urlz.fr/lcbu HTTP 302
https://qujat.kz/mygoo.html Page URL
https://dashing-reindeer.10web.site/cpsess9100303772/ HTTP 302
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed HTTP 301
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/ Page URL
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://urlz.fr/lcbu HTTP 302
https://qujat.kz/mygoo.html

Request Chain 1

https://dashing-reindeer.10web.site/cpsess9100303772/ HTTP 302
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed HTTP 301
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

mygoo.html Show response
qujat.kz/
Redirect Chain

https://urlz.fr/lcbu
https://qujat.kz/mygoo.html

201 B
464 B

367ms
86ms

Document
text/html

77.245.105.165
KTC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qujat.kz/mygoo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.245.105.165 Astana, Kazakhstan, ASN35104 (KTC-AS, KZ),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d832740c11d3483dced9b3d4e6bac6a60400c85e420a1ada1cf99f6e0e3e9321

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 31 Mar 2023 04:52:34 GMT
ETag: W/"64266263-c9"
Last-Modified: Fri, 31 Mar 2023 04:32:35 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 7b05fbd2c8511c84-AMS
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 04:52:34 GMT
expires: Fri, 31 Mar 2023 04:53:34 GMT
location: https://qujat.kz/mygoo.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJ10lxH%2FOQVfDlB5wR3nm1MC2I7pX7CMxnG8MBfJvmUHtgku%2BK%2BNteWBXVXiF2VE2Dw9oz0lv2YaDiX6golQ%2Fz4rL0ltx3CKFnVpcxhWuZOxHR1mY1mWbpApCg%2BiNjRHY%2F28ET5q"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: HIT

GET
H2

200

/ Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
Redirect Chain

https://dashing-reindeer.10web.site/cpsess9100303772/
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

432 KB
18 KB

272ms
272ms

Document
text/html

34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0d472332432a3ec50696c125faf9874c9db399c9194b5fbbd3d64b11766f989e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qujat.kz/mygoo.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 04:52:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-length: 162
content-type: text/html
date: Fri, 31 Mar 2023 04:52:35 GMT
location: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 m3d.css
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/ 151 B
408 B 139ms
138ms Stylesheet
text/css 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/m3d.css

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c113ebc50cb4d96a2b7829a0aaca2fe5a01b36197859283dab10767d6a267072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:35 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-97"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:52:35 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 61ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://dashing-reindeer.10web.site/
Origin: https://dashing-reindeer.10web.site
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:35 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:24:41 GMT
server: nginx
etag: W/"573f4859-14e4a"
vary: Accept-Encoding
x-hw: 1680238355.dop228.am5.t,1680238355.cds258.am5.hn,1680238355.cds218.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 56ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 74186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIDzI2OcjVsezl%2FFOlsVOLFkyoUIhcFnkZvZhCq0P04n4Y8yBK4Ppd8oTacTljIk1ULxU5bHMTNaE3W8zx4ICTTRZDp%2FlpDmN4q41jTCOm2cBcEg7GB8zv9ARKnIct24MIEkArl%2FUzAX3D98RX3EZWaQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b05fbdc4bc3b8ae-AMS
expires: Wed, 20 Mar 2024 04:52:35 GMT

GET
H2 200 ajax.php
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/m3dularbh/ 0
237 B 142ms
142ms XHR
text/html 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/m3dularbh/ajax.php?n=m3d

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:36 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request / Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ 15 KB
4 KB 136ms
136ms Document
text/html 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

50b65fed0f479fd543a6285bfd56a1980e119b600d23302d5f95dbb17417108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 04:52:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ruxitagentjs_ICA2Vfghjqrux_10239220408103229.js.download Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 243 KB
243 KB 267ms
267ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ruxitagentjs_ICA2Vfghjqrux_10239220408103229.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0fb5ae1c24514ad48f8e743a87eee447b573a30aeb7d8ce16cebf4d5ead810b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:36 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-3cb60"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 248672
x-xss-protection: 1; mode=block

GET
H2 200 mgv2-application.css
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 122 KB
19 KB 399ms
398ms Stylesheet
text/css 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.css

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e8d0781b70b1c2db3eb0ac367588de1c4e9a8d6126f1c8695a08580d83cd2683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:36 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-1e7f4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:52:36 GMT

GET
H2 200 austgovt-inline-white.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 113 KB
33 KB 143ms
142ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/austgovt-inline-white.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-1c460"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:52:37 GMT

GET
H2 200 mygov-logo.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 2 KB
1 KB 138ms
137ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mygov-logo.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-8a1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:52:37 GMT

GET
H2 200 dismiss-x.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 839 B
702 B 144ms
143ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/dismiss-x.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a3e9863b69280adb1c01eb12d33cb2fbaeecd5423e15400caad5ff4a5e4aeac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-347"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:52:37 GMT

GET
H2 200 icon-external-link-blue.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 742 B
764 B 145ms
144ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/icon-external-link-blue.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e470bb1617b294c5f4c8c456278f819d1640b90c2c15e5d237d3c0683aa32a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-2e6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:52:37 GMT

GET
H2 200 austgovt-inline.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 71 KB
26 KB 147ms
147ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/austgovt-inline.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bfbb8c3288312fe27cba0cdd45fe392f7f8af33c3d61c78b133744c7b494c8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-11a6c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:52:37 GMT

GET
H2 200 mgv2-vendor.js.download Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 148 KB
149 KB 261ms
261ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-vendor.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2bedda083bdbe6820e493159f1e3e27146b96ef6840094bd74447925e8c66e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:36 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-251cf"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 152015
x-xss-protection: 1; mode=block

GET
H2 200 mgv2-application.js.download Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 74 KB
74 KB 135ms
134ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0b4c8ea1d01a3a04fd23a1e4564a956964006ac5288461327caa1fedee4cc1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-1262d"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 75309
x-xss-protection: 1; mode=block

GET
H2 200 login.js.download Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 2 KB
2 KB 138ms
137ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/login.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3398bdeeb65157116e93bdeef72d320cb5d90700b149a62f60ff1dcb2ac8f9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-618"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1560
x-xss-protection: 1; mode=block

GET
H2 404 link-arrow.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/ 548 B
548 B 144ms
144ms Image
text/html 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/link-arrow.svg
Requested by: Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.139.70.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 saved_resource.html Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ Frame CA9E 7 KB
2 KB 135ms
134ms Document
text/html 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/saved_resource.html

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a5b2581b953d8504daeab4c2b2fa009544a019ac2754ce8ead7b95d0adfb896d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 04:52:37 GMT
etag: W/"6426410c-1d0e"
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 404 va_arrowup.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/ 548 B
548 B 134ms
133ms Image
text/html 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/va_arrowup.svg
Requested by: Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 72.139.70.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 vendors_main.8221d08a72d89a078615.js.download Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ Frame CA9E 4 MB
4 MB 135ms
134ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/vendors_main.8221d08a72d89a078615.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/saved_resource.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4220492e3eccf91a99b094668ad572059a4181dffeabf795fce7b2ec2d82f02f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-3d12fa"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4002554
x-xss-protection: 1; mode=block

GET
H2 200 main.edd90a1d2353255129c9.js.download Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ Frame CA9E 31 KB
31 KB 299ms
298ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/main.edd90a1d2353255129c9.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/saved_resource.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

5867b8cda07f59ffb9ba08ce2f8961801afbdc974a1a9f88b839b909d1ff2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:52:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-7c73"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 31859
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dashing-reindeer.10web.site/	1969-12-31 23:59:59	Name: PHPSESSID Value: 201a0655da8df42515cc2684a65d8c27

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Message: Refused to execute script from 'https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ruxitagentjs_ICA2Vfghjqrux_10239220408103229.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Message: Refused to execute script from 'https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-vendor.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Message: Refused to execute script from 'https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Message: Refused to execute script from 'https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/login.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/link-arrow.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/va_arrowup.svg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/saved_resource.html Message: Refused to execute script from 'https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/vendors_main.8221d08a72d89a078615.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/saved_resource.html Message: Refused to execute script from 'https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/main.edd90a1d2353255129c9.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
dashing-reindeer.10web.site
qujat.kz
urlz.fr
2001:4de0:ac18::1:a:3a
2606:4700:3038::6815:ead6
2606:4700::6811:180e
34.70.139.72
77.245.105.165
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b4c8ea1d01a3a04fd23a1e4564a956964006ac5288461327caa1fedee4cc1df
0d472332432a3ec50696c125faf9874c9db399c9194b5fbbd3d64b11766f989e
0fb5ae1c24514ad48f8e743a87eee447b573a30aeb7d8ce16cebf4d5ead810b0
2bedda083bdbe6820e493159f1e3e27146b96ef6840094bd74447925e8c66e26
3398bdeeb65157116e93bdeef72d320cb5d90700b149a62f60ff1dcb2ac8f9a5
4220492e3eccf91a99b094668ad572059a4181dffeabf795fce7b2ec2d82f02f
42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721
50b65fed0f479fd543a6285bfd56a1980e119b600d23302d5f95dbb17417108f
5867b8cda07f59ffb9ba08ce2f8961801afbdc974a1a9f88b839b909d1ff2cb7
91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb
a3e9863b69280adb1c01eb12d33cb2fbaeecd5423e15400caad5ff4a5e4aeac9
a5b2581b953d8504daeab4c2b2fa009544a019ac2754ce8ead7b95d0adfb896d
bfbb8c3288312fe27cba0cdd45fe392f7f8af33c3d61c78b133744c7b494c8e8
c113ebc50cb4d96a2b7829a0aaca2fe5a01b36197859283dab10767d6a267072
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d832740c11d3483dced9b3d4e6bac6a60400c85e420a1ada1cf99f6e0e3e9321
e470bb1617b294c5f4c8c456278f819d1640b90c2c15e5d237d3c0683aa32a22
e8d0781b70b1c2db3eb0ac367588de1c4e9a8d6126f1c8695a08580d83cd2683

dashing-reindeer.10web.site Open in urlscan Pro 34.70.139.72 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

4578 kBTransfer

5343 kBSize

1 Cookies

18 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

8 Console Messages

Indicators

dashing-reindeer.10web.site Open in urlscan Pro
34.70.139.72 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

4578 kB
Transfer

5343 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!