rentalassistances.site Open in urlscan Pro
199.188.201.124 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rentalassistances.site/
Submission Tags: @ecarlesi threat phishing Search All
Submission: On May 28 via api (May 28th 2024, 9:27:42 am UTC) from IT — Scanned from IT

Summary HTTP 21 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 199.188.201.124, located in United States and belongs to NAMECHEAP-NET, US. The main domain is rentalassistances.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 28th 2024. Valid for: a year.

This is the only time rentalassistances.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
9	199.188.201.124 199.188.201.124	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
3	2.17.147.184 2.17.147.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	4

9 199.188.201.124 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server281-3.web-hosting.com

rentalassistances.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.17.147.184 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-184.deploy.static.akamaitechnologies.com

www.servicesaustralia.gov.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	rentalassistances.site rentalassistances.site	657 KB
3	servicesaustralia.gov.au www.servicesaustralia.gov.au Failed	10 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	90 KB
21	3

	Domain	Requested by
9	rentalassistances.site	rentalassistances.site
3	www.servicesaustralia.gov.au	rentalassistances.site
1	www.googletagmanager.com	rentalassistances.site
21	3

This site contains links to these domains. Also see Links.

Domain
www.servicesaustralia.gov.au
my.gov.au
business.centrelink.gov.au
services.csa.gov.au
ministers.dss.gov.au
findus.servicesaustralia.gov.au

Subject Issuer	Validity	Valid
rentalassistances.site Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-05-28`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
servicesaustralia.gov.au Entrust Certification Authority - L1J	`2024-03-20` - `2024-10-27`	7 months	crt.sh

This page contains 1 frames:

Primary Page: https://rentalassistances.site/
Frame ID: F76B1B72028EB78AC011A1D30241F77A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

21
Requests

62 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

756 kB
Transfer

1388 kB
Size

0
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.servicesaustralia.gov.au/site-notices?context=1#darkmode
Title: dark mode

Search URL Search Domain Scan URL

URL: https://my.gov.au/
Title: Individuals myGov is a simple and secure way to access online government services.

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/proda-provider-digital-access
Title: PRODA Log in to access HPOS, Business Hub, Aged Care Provider Portal and a range of other government online services.

Search URL Search Domain Scan URL

URL: https://business.centrelink.gov.au/
Title: Centrelink Business Online

Search URL Search Domain Scan URL

URL: https://services.csa.gov.au/
Title: Child Support Business Online

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/how-to-manage-your-rent-assistance?context=22206
Title: Next: How to manage your payment Your options and obligations for Rent Assistance.

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/about-us
Title: About us

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/forms
Title: Forms

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/media
Title: Media

Search URL Search Domain Scan URL

URL: https://ministers.dss.gov.au/bill-shorten
Title: Our Minister

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/contact-us
Title: Contact us

Search URL Search Domain Scan URL

URL: https://findus.servicesaustralia.gov.au/
Title: Find us

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/complaints-and-feedback
Title: Complaints and feedback

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/business-hub
Title: Business Hub

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/paid-parental-leave-scheme-for-employers
Title: Paid Parental Leave scheme for employers

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/community-resources-and-help
Title: Community resources and help

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/providing-voluntary-work-opportunities
Title: Providing voluntary work opportunities

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/family-organisations
Title: Family organisations

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/hpos
Title: Health Professionals Online Services

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/aged-care-provider-portal
Title: Aged Care Provider Portal

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/medicare-benefits-for-health-professionals
Title: Medicare benefits for health professionals

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/running-business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/community-groups
Title: Community groups

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/health-professionals
Title: Health professionals

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/your-right-to-privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/site-notices
Title: Site notices

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/access-to-information
Title: Access to information

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/accessing-our-services
Title: Accessing our services

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/information-your-language
Title: Languages

Search URL Search Domain Scan URL

URL: https://www.servicesaustralia.gov.au/connect-with-us-social-media
Title: Follow us Facebook Instagram Twitter YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rentalassistances.site/ 196 KB
50 KB 847ms
284ms Document
text/html 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 47fd93025879ff0ad3b88019fe7bd7002e9abaa741be33f33600550a1a04d6d7

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 51148
content-type: text/html
date: Tue, 28 May 2024 09:27:37 GMT
last-modified: Tue, 28 May 2024 08:17:13 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 125ms
65ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-GW2HYVF5LJ&l=dataLayer&cx=c

Requested by

Host: rentalassistances.site
URL: https://rentalassistances.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

168e35ff6d73fd206b4811de331006aae5d720dce4e6c4e8781b3c27dc707dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 09:27:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 May 2024 09:27:37 GMT

GET
H2 200 js Show response
rentalassistances.site/index_files/ 195 KB
195 KB 761ms
759ms Script
text/plain 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/index_files/js
Requested by: Host: rentalassistances.site
URL: https://rentalassistances.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: f056ec8f700b46e596d327eac9b0cfc096e272c176ef417cd14597a83a363e9d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 09:27:37 GMT
x-turbo-charged-by: LiteSpeed
last-modified: Tue, 28 May 2024 08:17:13 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 199868

GET
H2 200 gtm.js.download Show response
rentalassistances.site/index_files/ 243 KB
243 KB 595ms
595ms Script
application/octet-stream 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/index_files/gtm.js.download
Requested by: Host: rentalassistances.site
URL: https://rentalassistances.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: dac9b9a500b236d2e9786a107fc4ddb676146c2a968b7c276e9b78726d8abf86

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 09:27:37 GMT
x-turbo-charged-by: LiteSpeed
last-modified: Tue, 28 May 2024 08:17:13 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 249007
content-type: application/octet-stream

GET
H2 404 ReadSpeaker.Styles-Button.css
rentalassistances.site/index_files/.downloadr/r2419/ 0
0 279ms
277ms Stylesheet
text/html 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/index_files/.downloadr/r2419/ReadSpeaker.Styles-Button.css?v=3.8.0.2419
Requested by: Host: rentalassistances.site
URL: https://rentalassistances.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 09:27:37 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1251
content-type: text/html

GET roboto-v27-latin-regular.4673b4537a.woff2
www.servicesaustralia.gov.au/webpack/assets/fonts/ 0
0

GET roboto-v27-latin-300.0109a2ace8.woff2
www.servicesaustralia.gov.au/webpack/assets/fonts/ 0
0

GET roboto-v27-latin-500.869888415d.woff2
www.servicesaustralia.gov.au/webpack/assets/fonts/ 0
0

GET roboto-v27-latin-700.0682ca7f74.woff2
www.servicesaustralia.gov.au/webpack/assets/fonts/ 0
0

GET roboto-v29-latin-900.153ba33142.woff2
www.servicesaustralia.gov.au/webpack/assets/fonts/ 0
0

GET MaterialIcons-Regular.1f0f6cdb23.woff2
www.servicesaustralia.gov.au/webpack/assets/fonts/ 0
0

GET
H2 200 css_bpSmj_P8-S0eOkpRzTWCy1eNE7J9djbEYEbVjOQ_i44.css
rentalassistances.site/index_files/ 732 B
511 B 573ms
572ms Stylesheet
text/css 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/index_files/css_bpSmj_P8-S0eOkpRzTWCy1eNE7J9djbEYEbVjOQ_i44.css
Requested by: Host: rentalassistances.site
URL: https://rentalassistances.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6e94a68ff3fcf92d1e3a4a51cd3582cb578d13b27d7636c46046d58ce43f8b8e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 09:27:37 GMT
content-encoding: br
last-modified: Tue, 28 May 2024 08:17:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 291
expires: Tue, 04 Jun 2024 09:27:37 GMT

GET
H2 200 css_8Wi-E5BcxLowrLyQpj0pOud8-zdXZ2_2SHDhTyuMaJI.css
rentalassistances.site/index_files/ 302 KB
55 KB 576ms
575ms Stylesheet
text/css 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/index_files/css_8Wi-E5BcxLowrLyQpj0pOud8-zdXZ2_2SHDhTyuMaJI.css
Requested by: Host: rentalassistances.site
URL: https://rentalassistances.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 370461454f11108e0706ea6ae69c587365ca6424ff8e9c37cf5b005c82514e34

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 09:27:37 GMT
content-encoding: br
last-modified: Tue, 28 May 2024 08:17:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 55619
expires: Tue, 04 Jun 2024 09:27:37 GMT

GET
H2 200 webReader.js.download Show response
rentalassistances.site/index_files/ 75 KB
75 KB 309ms
309ms Script
application/octet-stream 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/index_files/webReader.js.download
Requested by: Host: rentalassistances.site
URL: https://rentalassistances.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c402cb9a4e2770e0721638debbf5d1ad5460d7c30b136cc4ac9b8599abff9b2b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 09:27:37 GMT
x-turbo-charged-by: LiteSpeed
last-modified: Tue, 28 May 2024 08:17:13 GMT
server: LiteSpeed
accept-ranges: bytes
content-length: 77058
content-type: application/octet-stream

GET
H2 200 ReadSpeaker.Styles-Button.css
rentalassistances.site/index_files/ 71 KB
37 KB 566ms
565ms Stylesheet
text/css 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/index_files/ReadSpeaker.Styles-Button.css
Requested by: Host: rentalassistances.site
URL: https://rentalassistances.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 33b21905ceaca326afd528c95fb4bc0a7006d25265e45f5d34071f45c77deef8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 09:27:37 GMT
content-encoding: br
last-modified: Tue, 28 May 2024 08:17:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 37962
expires: Tue, 04 Jun 2024 09:27:37 GMT

GET
H2 404 ReadSpeaker.Styles-Button.css
rentalassistances.site/index_files/.downloadr/r2419/ 0
0 297ms
292ms Stylesheet
text/html 199.188.201.124
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://rentalassistances.site/index_files/.downloadr/r2419/ReadSpeaker.Styles-Button.css?v=3.8.0.2419
Requested by: Host: rentalassistances.site
URL: https://rentalassistances.site/index_files/webReader.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.124 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server281-3.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 09:27:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1251
content-type: text/html

GET
H2 200 mygov-black.svg
www.servicesaustralia.gov.au/themes/custom/dhs/images/ 2 KB
1 KB 119ms
50ms Image
image/svg+xml 2.17.147.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.servicesaustralia.gov.au/themes/custom/dhs/images/mygov-black.svg

Requested by

Host: rentalassistances.site
URL: https://rentalassistances.site/index_files/css_8Wi-E5BcxLowrLyQpj0pOud8-zdXZ2_2SHDhTyuMaJI.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.184 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

0cf9d4f99bdc33505b1e783721e1c8cf32b31098fb6a95db4fef490d94699edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 28 May 2024 09:27:38 GMT
last-modified: Wed, 22 May 2024 19:57:12 GMT
etag: "664e4e18-7c6"
vary: Accept-Encoding
content-type: image/svg+xml
x-lagoon: amazeeio-govcms6>ingress-nginx>dhs-d8-master:nginx>nginx-6f8f79968f-vvds2
cache-control: max-age=177225
accept-ranges: bytes
content-length: 920
expires: Thu, 30 May 2024 10:41:23 GMT

GET
H2 200 mygov.svg
www.servicesaustralia.gov.au/themes/custom/dhs/images/ 2 KB
1 KB 151ms
83ms Image
image/svg+xml 2.17.147.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.servicesaustralia.gov.au/themes/custom/dhs/images/mygov.svg

Requested by

Host: rentalassistances.site
URL: https://rentalassistances.site/index_files/css_8Wi-E5BcxLowrLyQpj0pOud8-zdXZ2_2SHDhTyuMaJI.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.184 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

4cbca5642f5094ec0c9797f52339ff7d2e0abb4f0ddd5811a44c344c5ac5a52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 28 May 2024 09:27:38 GMT
last-modified: Wed, 22 May 2024 19:57:12 GMT
etag: "664e4e18-7c3"
vary: Accept-Encoding
content-type: image/svg+xml
x-lagoon: amazeeio-govcms6>ingress-nginx>dhs-d8-master:nginx>nginx-6f8f79968f-v56lv
cache-control: max-age=43243
accept-ranges: bytes
content-length: 919
expires: Tue, 28 May 2024 21:28:21 GMT

GET
H2 200 languages-button-footer.svg
www.servicesaustralia.gov.au/themes/custom/dhs/images/iiyl/ 46 KB
8 KB 117ms
51ms Image
image/svg+xml 2.17.147.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.servicesaustralia.gov.au/themes/custom/dhs/images/iiyl/languages-button-footer.svg

Requested by

Host: rentalassistances.site
URL: https://rentalassistances.site/index_files/css_8Wi-E5BcxLowrLyQpj0pOud8-zdXZ2_2SHDhTyuMaJI.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.184 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-184.deploy.static.akamaitechnologies.com

Software

Resource Hash

b4509de819dc6cb166eeffa3a6a1714060ac66442974f57bd58c73c4dbbab9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://rentalassistances.site/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 28 May 2024 09:27:38 GMT
last-modified: Wed, 22 May 2024 19:57:12 GMT
etag: "664e4e18-b7ee"
vary: Accept-Encoding
content-type: image/svg+xml
x-lagoon: amazeeio-govcms6>ingress-nginx>dhs-d8-master:nginx>nginx-6f8f79968f-d5qdh
cache-control: max-age=176506
accept-ranges: bytes
content-length: 7623
expires: Thu, 30 May 2024 10:29:24 GMT

GET MaterialIcons-Regular.aef30bd507.woff
www.servicesaustralia.gov.au/webpack/assets/fonts/ 0
0

GET MaterialIcons-Regular.2098484bbd.ttf
www.servicesaustralia.gov.au/webpack/assets/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.servicesaustralia.gov.au
URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-regular.4673b4537a.woff2

Domain: www.servicesaustralia.gov.au
URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-300.0109a2ace8.woff2

Domain: www.servicesaustralia.gov.au
URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-500.869888415d.woff2

Domain: www.servicesaustralia.gov.au
URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-700.0682ca7f74.woff2

Domain: www.servicesaustralia.gov.au
URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v29-latin-900.153ba33142.woff2

Domain: www.servicesaustralia.gov.au
URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.1f0f6cdb23.woff2

Domain: www.servicesaustralia.gov.au
URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.aef30bd507.woff

Domain: www.servicesaustralia.gov.au
URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.2098484bbd.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://rentalassistances.site/ Message: Access to font at 'https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-regular.4673b4537a.woff2' from origin 'https://rentalassistances.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-regular.4673b4537a.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rentalassistances.site/ Message: Access to font at 'https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-300.0109a2ace8.woff2' from origin 'https://rentalassistances.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-300.0109a2ace8.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rentalassistances.site/ Message: Access to font at 'https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-500.869888415d.woff2' from origin 'https://rentalassistances.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-500.869888415d.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rentalassistances.site/ Message: Access to font at 'https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.1f0f6cdb23.woff2' from origin 'https://rentalassistances.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.1f0f6cdb23.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rentalassistances.site/ Message: Access to font at 'https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v29-latin-900.153ba33142.woff2' from origin 'https://rentalassistances.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v29-latin-900.153ba33142.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rentalassistances.site/ Message: Access to font at 'https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-700.0682ca7f74.woff2' from origin 'https://rentalassistances.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/roboto-v27-latin-700.0682ca7f74.woff2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://rentalassistances.site/index_files/.downloadr/r2419/ReadSpeaker.Styles-Button.css?v=3.8.0.2419 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://rentalassistances.site/ Message: Access to font at 'https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.aef30bd507.woff' from origin 'https://rentalassistances.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.aef30bd507.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rentalassistances.site/ Message: Access to font at 'https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.2098484bbd.ttf' from origin 'https://rentalassistances.site' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.servicesaustralia.gov.au/webpack/assets/fonts/MaterialIcons-Regular.2098484bbd.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://rentalassistances.site/index_files/.downloadr/r2419/ReadSpeaker.Styles-Button.css?v=3.8.0.2419 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rentalassistances.site
www.googletagmanager.com
www.servicesaustralia.gov.au
www.servicesaustralia.gov.au
142.250.181.232
199.188.201.124
2.17.147.184
0cf9d4f99bdc33505b1e783721e1c8cf32b31098fb6a95db4fef490d94699edf
168e35ff6d73fd206b4811de331006aae5d720dce4e6c4e8781b3c27dc707dd0
33b21905ceaca326afd528c95fb4bc0a7006d25265e45f5d34071f45c77deef8
370461454f11108e0706ea6ae69c587365ca6424ff8e9c37cf5b005c82514e34
47fd93025879ff0ad3b88019fe7bd7002e9abaa741be33f33600550a1a04d6d7
4cbca5642f5094ec0c9797f52339ff7d2e0abb4f0ddd5811a44c344c5ac5a52b
6e94a68ff3fcf92d1e3a4a51cd3582cb578d13b27d7636c46046d58ce43f8b8e
b4509de819dc6cb166eeffa3a6a1714060ac66442974f57bd58c73c4dbbab9c4
c402cb9a4e2770e0721638debbf5d1ad5460d7c30b136cc4ac9b8599abff9b2b
dac9b9a500b236d2e9786a107fc4ddb676146c2a968b7c276e9b78726d8abf86
f056ec8f700b46e596d327eac9b0cfc096e272c176ef417cd14597a83a363e9d

rentalassistances.site Open in urlscan Pro 199.188.201.124 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

21 Requests

62 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

756 kBTransfer

1388 kBSize

0 Cookies

31 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

18 Console Messages

Indicators

rentalassistances.site Open in urlscan Pro
199.188.201.124 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

62 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

756 kB
Transfer

1388 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!