urlscan.io logo urlscan.io
SecurityTrails logo

auth.myir.co.nz-orakil000.cloudns.be Open in urlscan Pro
185.49.126.56  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Submission: On March 07 via api from IE — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 24 HTTP transactions. The main IP is 185.49.126.56, located in United Kingdom and belongs to OXIDE-GROUP-LIMITED Oxide Group Limited, GB. The main domain is auth.myir.co.nz-orakil000.cloudns.be.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 6th 2024. Valid for: 3 months.
This is the only time auth.myir.co.nz-orakil000.cloudns.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NZ Government (Government)

Domain & IP information

IP Address AS Autonomous System
3 185.49.126.56 199654 (OXIDE-GRO...)
15 138.235.20.11 136990 (IRD-NZ-AS...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
24 5
Apex Domain
Subdomains		 Transfer
15 ird.govt.nz
myir.ird.govt.nz
827 KB
3 cloudns.be
auth.myir.co.nz-orakil000.cloudns.be
32 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310
100 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
6 KB
24 4
Domain Requested by
15 myir.ird.govt.nz auth.myir.co.nz-orakil000.cloudns.be
myir.ird.govt.nz
3 auth.myir.co.nz-orakil000.cloudns.be auth.myir.co.nz-orakil000.cloudns.be
2 cdn.jsdelivr.net auth.myir.co.nz-orakil000.cloudns.be
cdn.jsdelivr.net
1 cdnjs.cloudflare.com auth.myir.co.nz-orakil000.cloudns.be
24 4

This site contains links to these domains. Also see Links.

Domain
www.ird.govt.nz
www.govt.nz
Subject Issuer Validity Valid
auth.myir.co.nz-orakil000.cloudns.be
ZeroSSL RSA Domain Secure Site CA		 2024-03-06 -
2024-06-04		 3 months crt.sh
services.ird.govt.nz
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-14 -
2024-11-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Frame ID: 1AEACC041E6D9941B7199DA1CC78B32D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Home - myIR

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

88 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

966 kB
Transfer

1954 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.php
auth.myir.co.nz-orakil000.cloudns.be/govt.nz/ 		31 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.49.126.56 , United Kingdom, ASN199654 (OXIDE-GROUP-LIMITED Oxide Group Limited, GB),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 / PHP/8.0.30
Resource Hash
4f1307613b8b57a1d33e89b4292ad785426a20a707e832ec9be7f5083b10cda7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Mar 2024 01:25:05 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
Transfer-Encoding
chunked
X-Powered-By
PHP/8.0.30
jquery.qtip.min.css.v.387595267
myir.ird.govt.nz/Resource/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/jquery.qtip.min.css.v.387595267
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
90b9c95c65a004df67ba75007cfdb086a31ef8189400d4dc60f128d90cb26eeb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:29 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
ETag
"12E3B7CC7B454648677EA8D2B5060349E446380B"
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
max-age=28800, private
Server-Timing
wdc;dur=0, wlb;dur=0, wlb;dur=1
Content-Length
566
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
WDC.External.DefaultExternal.min.css.v.764223592
myir.ird.govt.nz/Resource/ 		538 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/WDC.External.DefaultExternal.min.css.v.764223592
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
07bfa19834539101958e54b7fd14257fefc8b89a023ae604a560acb2f279712d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
X-Frame-Options
DENY
Content-Type
text/css
Server-Timing
wdc;dur=0, wlb;dur=1, wlb;dur=1
Content-Length
62374
X-XSS-Protection
1; mode=block
Controls.External.DefaultExternal.min.css.v.152399424
myir.ird.govt.nz/Resource/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/Controls.External.DefaultExternal.min.css.v.152399424
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
745b413aa798cde4769e9d81065794af61ca73f896f4c604f192e230d1f405d0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
X-Frame-Options
DENY
Content-Type
text/css
Server-Timing
wdc;dur=0, wlb;dur=0, wlb;dur=1
Content-Length
7059
X-XSS-Protection
1; mode=block
eServices.v.min.238837649
myir.ird.govt.nz/Theme/ 		183 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Theme/eServices.v.min.238837649?Web=WEB
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
675584eb9749afd3cab331d17183503b65c58a9572123f2abdd6ed7dd295c882
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:28 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
ETag
"F2C14FAD1221708ADCBB8864F59A8265C0062B19"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=28800, private
Content-Length
21776
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 01:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
33887
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWaCZD8u0hKaOdpZ1jtylr1GAxDZ5rCEHswN%2BnVaJgyswEqM3EjSIu3rbG3ERSb52x2A3x2mbPCgCR0B1repq6KfBTpEg%2BTCDmE3QzpRRT%2BZMpnlCrOLDx3b14ewIZZWxJ6mSdFPxMf4swwLJpPPc3Hp"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8606ca2bbea450a8-AKL
expires
Tue, 25 Feb 2025 01:25:06 GMT
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/ 		72 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Mar 2024 01:25:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
13996497
x-jsd-version
1.7.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
9964
x-served-by
cache-fra-etou8220056-FRA, cache-akl10324-AKL
x-jsd-version-type
version
etag
W/"11e37-gaZqnrLenLCs4BvyXVKzdrhY6WA"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery-3.5.1.min.js.v.219725020
myir.ird.govt.nz/Resource/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/jquery-3.5.1.min.js.v.219725020
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Fast-WDC-Response
1
X-Frame-Options
DENY
Content-Type
application/octet-stream
Server-Timing
wdc;dur=0, wlb;dur=0, wlb;dur=1
Content-Length
0
X-XSS-Protection
1; mode=block
jquery-ui-1.13.2.min.js.v.357363296
myir.ird.govt.nz/Resource/ 		249 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/jquery-ui-1.13.2.min.js.v.357363296
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
d7ae4d82d4dc55cc02d643f0b071d7fa5caef7fe3aa985bdbdcf4d2c7084eb79
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:29 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
ETag
"4BA98EB0A601E70CCF954CEE60947F899EF972B9"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
max-age=28800, private
Server-Timing
wdc;dur=0, wlb;dur=1, wlb;dur=2
Content-Length
61689
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
jquery.ba-hashchange.min.js.v.364077054
myir.ird.govt.nz/Resource/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/jquery.ba-hashchange.min.js.v.364077054
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
504f7f4e1119940f9422d7ffe8cb091e4d063285cf4c13614fe7b0f5c099c6a7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:28 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
ETag
"5395B35FFE29CED54669A16887FA7BB95EEDCCD1"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
max-age=28800, private
Server-Timing
wdc;dur=0, wlb;dur=0, wlb;dur=1
Content-Length
737
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
jquery.watermark-3.2.0.min.js.v.33801024
myir.ird.govt.nz/Resource/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/jquery.watermark-3.2.0.min.js.v.33801024
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
97a5a50d2b1ad3bfc5bf38c7cfdf211ac437054461d8b99cd10c488586d74572
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:29 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
ETag
"EA178073BD7A15FDBAE41A05AF79395740DAE5CD"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
max-age=28800, private
Server-Timing
wdc;dur=0, wlb;dur=1, wlb;dur=2
Content-Length
2182
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
jquery.qtip.min.js.v.707925258
myir.ird.govt.nz/Resource/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/jquery.qtip.min.js.v.707925258
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
5eaacd3beb02a9364a189eae4fcd83991d56b25f80e1352b05a771c602e676a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
X-Frame-Options
DENY
Content-Type
text/javascript
Server-Timing
wdc;dur=0, wlb;dur=1, wlb;dur=1
Content-Length
12758
X-XSS-Protection
1; mode=block
globalize.min.js.v.452217732
myir.ird.govt.nz/Resource/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/globalize.min.js.v.452217732
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
553c3be1cbf03bdefc68ea168d0673ce77572e18f374301926a04d7e5eaac692
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:29 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
ETag
"017BE29FACF2059C381FE5A5292D489AF44B84FF"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
max-age=28800, private
Server-Timing
wdc;dur=0, wlb;dur=0, wlb;dur=1
Content-Length
5506
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
jquery.form.min.js.v.632995640
myir.ird.govt.nz/Resource/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myir.ird.govt.nz/Resource/jquery.form.min.js.v.632995640
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
1c32b36aa4e9c50d8b1ca7c7534c77ca59eab123af693a330a3919d34aec4301
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:29 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
ETag
"0DF0867A77E3EB25BABF38C21E86EA25C19D32C7"
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
max-age=28800, private
Server-Timing
wdc;dur=0, wlb;dur=1, wlb;dur=1
Content-Length
6216
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
WDC.min.js.v.118082747
auth.myir.co.nz-orakil000.cloudns.be/Resource/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.myir.co.nz-orakil000.cloudns.be/Resource/WDC.min.js.v.118082747
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.49.126.56 , United Kingdom, ASN199654 (OXIDE-GROUP-LIMITED Oxide Group Limited, GB),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
323
Content-Type
text/html; charset=iso-8859-1
fast-jquery-ui-i18n.min.js.v.625819528
auth.myir.co.nz-orakil000.cloudns.be/Resource/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.myir.co.nz-orakil000.cloudns.be/Resource/fast-jquery-ui-i18n.min.js.v.625819528
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.49.126.56 , United Kingdom, ASN199654 (OXIDE-GROUP-LIMITED Oxide Group Limited, GB),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
323
Content-Type
text/html; charset=iso-8859-1
nz.myIR_logo_white.svg
myir.ird.govt.nz/Image/ENG/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myir.ird.govt.nz/Image/ENG/nz.myIR_logo_white.svg
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
430edee4cd96cc082378317144ef67e516c15e6719493c7d4a89e7eab1d50a3b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:28 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=28800, private
Content-Length
1320
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
NZ.RealMeWhite
myir.ird.govt.nz/Icon/Medium/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myir.ird.govt.nz/Icon/Medium/NZ.RealMeWhite?_=365229482
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
39ec5b897c6ac23ac94684c56c42d2e0e52a8a87aad10bacc42a0ddac1e5fd17
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Last-Modified
Wed, 06 Mar 2024 06:06:28 GMT
Fast-WDC-Response
1
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=28800, private
Content-Length
11224
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
NZ.NZGovernmentLogo.svg
myir.ird.govt.nz/Image/ENG/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myir.ird.govt.nz/Image/ENG/NZ.NZGovernmentLogo.svg
Requested by
Host: auth.myir.co.nz-orakil000.cloudns.be
URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
87361acbd03d0b9e57cb98fa22fbe9e28be4090c17bebdabf0948ef5fe0c598f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://auth.myir.co.nz-orakil000.cloudns.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:06 GMT
Content-Encoding
br
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 06 Mar 2024 06:06:28 GMT
Fast-WDC-Response
1
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=28800, private
Content-Length
2219
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:06 GMT
eServicesBanner3.jpg
myir.ird.govt.nz/Image/ENG/ 		620 KB
621 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myir.ird.govt.nz/Image/ENG/eServicesBanner3.jpg
Requested by
Host: myir.ird.govt.nz
URL: https://myir.ird.govt.nz/Resource/Controls.External.DefaultExternal.min.css.v.152399424
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.235.20.11 , New Zealand, ASN136990 (IRD-NZ-AS-CLOUD-AP Inland Revenue Department, NZ),
Reverse DNS
Software
/
Resource Hash
ba6696013b3b33d4561691cb86b1e09a07192d0e28f0e13feafe4925e11aee80
Security Headers
Name Value
Content-Security-Policy default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://myir.ird.govt.nz/Resource/Controls.External.DefaultExternal.min.css.v.152399424
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date
Thu, 07 Mar 2024 01:25:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com; script-src 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.google.com/ https://*.gstatic.com/; frame-src 'self' *.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none';
Last-Modified
Wed, 06 Mar 2024 06:06:29 GMT
Fast-WDC-Response
1
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=28800, private
Content-Length
634405
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Mar 2024 09:25:07 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/bootstrap-icons.woff2?30af91bf14e37666a085fb8a161ff36d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Origin
https://auth.myir.co.nz-orakil000.cloudns.be
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Mar 2024 01:25:07 GMT
x-content-type-options
nosniff
age
1648426
x-jsd-version
1.7.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
92064
x-served-by
cache-fra-eddf8230020-FRA, cache-akl10329-AKL
x-jsd-version-type
version
etag
W/"167a0-ABUDSebr2vJiivnqTlbWsC29o5M"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
MaterialIcons-Regular.woff2
myir.ird.govt.nz/Resource/Fonts/MaterialIcons/ 		0
0
MaterialIcons-Regular.woff
myir.ird.govt.nz/Resource/Fonts/MaterialIcons/ 		0
0
MaterialIcons-Regular.ttf
myir.ird.govt.nz/Resource/Fonts/MaterialIcons/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
myir.ird.govt.nz
URL
https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.woff2?v=220919
Domain
myir.ird.govt.nz
URL
https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.woff?v=220919
Domain
myir.ird.govt.nz
URL
https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.ttf?v=220919

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NZ Government (Government)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Globalize

1 Cookies

Domain/Path Name / Value
auth.myir.co.nz-orakil000.cloudns.be/ Name: PHPSESSID
Value: vih1e22n539enhkmskrsfjvbfa

10 Console Messages

Source Level URL
Text
network error URL: https://myir.ird.govt.nz/Resource/jquery-3.5.1.min.js.v.219725020
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Message:
Refused to execute script from 'https://myir.ird.govt.nz/Resource/jquery-3.5.1.min.js.v.219725020' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network error URL: https://auth.myir.co.nz-orakil000.cloudns.be/Resource/fast-jquery-ui-i18n.min.js.v.625819528
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://auth.myir.co.nz-orakil000.cloudns.be/Resource/WDC.min.js.v.118082747
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Message:
Access to font at 'https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.woff2?v=220919' from origin 'https://auth.myir.co.nz-orakil000.cloudns.be' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.woff2?v=220919
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Message:
Access to font at 'https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.woff?v=220919' from origin 'https://auth.myir.co.nz-orakil000.cloudns.be' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.woff?v=220919
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://auth.myir.co.nz-orakil000.cloudns.be/govt.nz/home.php?ts=1
Message:
Access to font at 'https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.ttf?v=220919' from origin 'https://auth.myir.co.nz-orakil000.cloudns.be' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://myir.ird.govt.nz/Resource/Fonts/MaterialIcons/MaterialIcons-Regular.ttf?v=220919
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.myir.co.nz-orakil000.cloudns.be
cdn.jsdelivr.net
cdnjs.cloudflare.com
myir.ird.govt.nz
myir.ird.govt.nz
138.235.20.11
185.49.126.56
2606:4700::6811:180e
2a04:4e42:600::485
07bfa19834539101958e54b7fd14257fefc8b89a023ae604a560acb2f279712d
1c32b36aa4e9c50d8b1ca7c7534c77ca59eab123af693a330a3919d34aec4301
39ec5b897c6ac23ac94684c56c42d2e0e52a8a87aad10bacc42a0ddac1e5fd17
430edee4cd96cc082378317144ef67e516c15e6719493c7d4a89e7eab1d50a3b
4f1307613b8b57a1d33e89b4292ad785426a20a707e832ec9be7f5083b10cda7
504f7f4e1119940f9422d7ffe8cb091e4d063285cf4c13614fe7b0f5c099c6a7
553c3be1cbf03bdefc68ea168d0673ce77572e18f374301926a04d7e5eaac692
5eaacd3beb02a9364a189eae4fcd83991d56b25f80e1352b05a771c602e676a9
675584eb9749afd3cab331d17183503b65c58a9572123f2abdd6ed7dd295c882
745b413aa798cde4769e9d81065794af61ca73f896f4c604f192e230d1f405d0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87361acbd03d0b9e57cb98fa22fbe9e28be4090c17bebdabf0948ef5fe0c598f
90b9c95c65a004df67ba75007cfdb086a31ef8189400d4dc60f128d90cb26eeb
97a5a50d2b1ad3bfc5bf38c7cfdf211ac437054461d8b99cd10c488586d74572
ba6696013b3b33d4561691cb86b1e09a07192d0e28f0e13feafe4925e11aee80
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
d7ae4d82d4dc55cc02d643f0b071d7fa5caef7fe3aa985bdbdcf4d2c7084eb79
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9