urlscan.io logo urlscan.io
SecurityTrails logo

datatransfer.ato.gov.au Open in urlscan Pro
103.151.87.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://datatransfer.ato.gov.au/
Effective URL: https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Submission: On April 30 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 18 HTTP transactions. The main IP is 103.151.87.214, located in Australia and belongs to MTG-MG Macquarie Telecom Group Pty Ltd, AU. The main domain is datatransfer.ato.gov.au.
TLS certificate: Issued by Thawte TLS RSA CA G1 on January 24th 2024. Valid for: a year.
This is the only time datatransfer.ato.gov.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 103.151.87.214 140637 (MTG-MG Ma...)
18 1
Apex Domain
Subdomains		 Transfer
19 ato.gov.au
datatransfer.ato.gov.au
125 KB
18 1
Domain Requested by
19 datatransfer.ato.gov.au 1 redirects datatransfer.ato.gov.au
18 1

This site contains links to these domains. Also see Links.

Domain
www.ato.gov.au
Subject Issuer Validity Valid
datatransfer.ato.gov.au
Thawte TLS RSA CA G1		 2024-01-24 -
2025-02-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Frame ID: 8C0383BC10D57B96ABCF0B281609E90A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Australian Taxation Office» Data Transfer

Page URL History Show full URLs

  1. http://datatransfer.ato.gov.au/ HTTP 307
    https://datatransfer.ato.gov.au/ Page URL
  2. https://datatransfer.ato.gov.au/mailbox HTTP 302
    https://datatransfer.ato.gov.au/mailbox/ Page URL
  3. https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

124 kB
Transfer

91 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://datatransfer.ato.gov.au/ HTTP 307
    https://datatransfer.ato.gov.au/ Page URL
  2. https://datatransfer.ato.gov.au/mailbox HTTP 302
    https://datatransfer.ato.gov.au/mailbox/ Page URL
  3. https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://datatransfer.ato.gov.au/ HTTP 307
  • https://datatransfer.ato.gov.au/
Request Chain 1
  • https://datatransfer.ato.gov.au/mailbox HTTP 302
  • https://datatransfer.ato.gov.au/mailbox/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
datatransfer.ato.gov.au/
Redirect Chain
  • http://datatransfer.ato.gov.au/
  • https://datatransfer.ato.gov.au/
199 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
7276e2b674cb318b36a9238e9918acf2f42519af83366686230aa209312d477e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
199
Content-Type
text/html;charset=utf-8
Date
Tue, 30 Apr 2024 10:49:41 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains

Redirect headers

Location
https://datatransfer.ato.gov.au/
Non-Authoritative-Reason
HttpsUpgrades
/
datatransfer.ato.gov.au/mailbox/
Redirect Chain
  • https://datatransfer.ato.gov.au/mailbox
  • https://datatransfer.ato.gov.au/mailbox/
174 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/mailbox/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://datatransfer.ato.gov.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
174
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Content-Type
text/html
Date
Tue, 30 Apr 2024 10:49:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Last-Modified
Mon, 09 Oct 2023 00:08:12 GMT
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 30 Apr 2024 10:49:41 GMT
Location
https://datatransfer.ato.gov.au/mailbox/
Strict-Transport-Security
max-age=15768000; includeSubDomains
favicon.ico
datatransfer.ato.gov.au/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Connection
keep-alive
Content-Length
0
Primary Request login.jsp
datatransfer.ato.gov.au/mailbox/jsp/ 		15 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
713a750aa7010cf9fa77dee19da4d7273472214faea04e7e08eb1dc2a4536263
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://datatransfer.ato.gov.au/mailbox/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
15475
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Content-Type
text/html;charset=utf-8
Date
Tue, 30 Apr 2024 10:49:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
SAMEORIGIN
X-XSS-Protection
1; mode=block
favicon.ico
datatransfer.ato.gov.au/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
Connection
keep-alive
Content-Length
0
bp_locon.css
datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/ 		1 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/bp_locon.css
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
6b53866b7d44a566c2ccaf4776204c66fa04e96baa6d5a4f1422e06f9a830ff0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1052
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
locon.css
datatransfer.ato.gov.au/mailbox/html/ui/styles/ 		12 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
e3b705eb7436856ae336b63942d287e54540c958417fd98bf9ca94194ab6acf4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12374
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
admin.css
datatransfer.ato.gov.au/mailbox/css/ 		21 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/mailbox/css/admin.css
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
4aa342a503fa5a235d86a67fa52be37bbcc4e6f7efabd3d743d5e5d732287c18
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:12 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21662
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
plc-holder.gif
datatransfer.ato.gov.au/mailbox/images/ 		49 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datatransfer.ato.gov.au/mailbox/images/plc-holder.gif
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
506e8943fdcc7cb594dfe26ed950a4706b1de81ff674417f63dcdcf20320a627
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
basic.css
datatransfer.ato.gov.au/mailbox/html/ui/styles/ 		99 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/basic.css
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
b2c73f24846e9ca1f201d55c34f13f073b73e9392b60ca00324bf5e830326413
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
base.css
datatransfer.ato.gov.au/mailbox/html/ui/styles/ 		24 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/base.css
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
73712ce688bf5a7d304324f18c4d85529bfdde7d29e79fdfbfaae86e0f2b9263
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/css
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24890
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bp_header_overflow.gif
datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/bp_header_overflow.gif
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/bp_locon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
fc8de30c928d1b35f9c01585a4b53b5437847a4d0acac401eb423de362144fa8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/bp_locon.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2084
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
head_bg.jpg
datatransfer.ato.gov.au/mailbox/html/ui/common_img/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/common_img/head_bg.jpg
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
50bebd43bfaabc5af855cb51b3ff8312e5f60b29c6ead72c845fb4cd4aefd142
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8380
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
logo.gif
datatransfer.ato.gov.au/mailbox/html/ui/common_img/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/common_img/logo.gif
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
b375cb9b36402053f424387e49af31dc6532d8bff08a36ac8ca9537205340ad2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2433
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
accessBar_bg_bp.gif
datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/ 		1 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/accessBar_bg_bp.gif
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/bp_locon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
92170c4b1cd0b13fac54c142b73ee1e172a692d54861147a1d4cd24a0ecd5ce3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/bp_locon/bp_locon.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1430
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
menu_bg.gif
datatransfer.ato.gov.au/mailbox/html/ui/sidemenu_img/ 		504 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/sidemenu_img/menu_bg.gif
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
a0fed67a48fc4a74717775d81a9166bf73e00a7c6da2ea82719b591270a408c7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
text/html;charset=iso-8859-1
Cache-Control
must-revalidate,no-cache,no-store
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Content-Length
504
X-XSS-Protection
1; mode=block
overflow_bg.gif
datatransfer.ato.gov.au/mailbox/html/ui/common_img/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/common_img/overflow_bg.gif
Requested by
Host: datatransfer.ato.gov.au
URL: https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
3f9fadc8c3fcce4e232f80e2985f87c7aeb950bee4cf660c64ece93be24c7fc0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/html/ui/styles/locon.css
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1322
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ato_logo.gif
datatransfer.ato.gov.au/mailbox/html/ui/common_img/ 		599 B
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://datatransfer.ato.gov.au/mailbox/html/ui/common_img/ato_logo.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.151.87.214 , Australia, ASN140637 (MTG-MG Macquarie Telecom Group Pty Ltd, AU),
Reverse DNS
datatransfer.sig.ato.gov.au
Software
/
Resource Hash
e7903392d6c99f609ee43056acf3ef1a21b9feea075d826a62c689026b3c5f3a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 30 Apr 2024 10:49:41 GMT
Content-Security-Policy
default-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'self'; style-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: http: https:; form-action 'self' data: http: https:; media-src 'self'; font-src 'self'; connect-src 'self';frame-src 'self';frame-ancestors 'self';
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Last-Modified
Mon, 09 Oct 2023 00:08:14 GMT
Strict-Transport-Security
max-age=15768000; includeSubDomains
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/gif
Cache-Control
no-cache, no-store, private, must-revalidate, max-age=0
Feature-Policy
geolocation 'none'; battery 'none'; camera 'none'
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
599
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| checkSubmit function| breakout

9 Cookies

Domain/Path Name / Value
datatransfer.ato.gov.au/mailbox Name: JSESSIONID
Value: node0p699mqlj8nt2bu9xaoa71412566.node0
datatransfer.ato.gov.au/mailbox Name: TS01e5d6ac
Value: 01a45df5bb75b6af5a4e301c33a044e1c3bd312ddbf6f31718e29dbcf11873cc425d84f565c933affe0232290271dc070ca74c51e7
datatransfer.ato.gov.au/ Name: AWSALBAPP-1
Value: _remove_
datatransfer.ato.gov.au/ Name: AWSALBAPP-2
Value: _remove_
datatransfer.ato.gov.au/ Name: AWSALBAPP-3
Value: _remove_
datatransfer.ato.gov.au/ Name: BIGipServervp-bde-dtf-prod-tcp-443-87.214
Value: 1362151434.61455.0000
datatransfer.ato.gov.au/ Name: TS01082ec1
Value: 01a45df5bb75b6af5a4e301c33a044e1c3bd312ddbf6f31718e29dbcf11873cc425d84f565c933affe0232290271dc070ca74c51e7
datatransfer.ato.gov.au/ Name: AWSALBTG
Value: WRSmLtR6Dzl+0RjKk9KWXnJRyxnOaOW0lh/6C006VqKHgX2q/hPopKMXTqUhqcrleGl/vJjOpm3e09DXzwiCP1oPelk2Kx97HJ2ghwuNcQjJM2Mjby9uNKHGzrAHnZXswY6+BXVIFggPJQKk5HirPpYfl5xsdrg+3wJY4Qshc3a5yu7oZVk=
datatransfer.ato.gov.au/ Name: AWSALBAPP-0
Value: AAAAAAAAAADtkGxAvNwH24p79GDN+NB4fXIVtojvSw3Fl8nz3cBP7RQJ2A4H5PQE9KzqAWMI3pDsr1teiNWbwy/aHKK5Vpu8rsqa57qsbEpNgxLPjzdmEaSVqWy6S70eZWmuJwYkuKuhJ9Y=

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'battery'.
recommendation verbose URL: https://datatransfer.ato.gov.au/mailbox/jsp/login.jsp
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://datatransfer.ato.gov.au/mailbox/html/ui/sidemenu_img/menu_bg.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains