ato-dept-declarations.gov-services.online Open in urlscan Pro
3.105.144.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
Submission Tags: falconsandbox
Submission: On May 09 via api (May 9th 2021, 11:12:19 am UTC) from US

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 32 HTTP transactions. The main IP is 3.105.144.17, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is ato-dept-declarations.gov-services.online.
TLS certificate: Issued by Amazon on January 19th 2021. Valid for: a year.

This is the only time ato-dept-declarations.gov-services.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
32	3.105.144.17 3.105.144.17		16509 (AMAZON-02) (AMAZON-02)
32	1

32 3.105.144.17 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

ato-dept-declarations.gov-services.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	gov-services.online ato-dept-declarations.gov-services.online	54 KB
32	1

	Domain	Requested by
32	ato-dept-declarations.gov-services.online	ato-dept-declarations.gov-services.online
32	1

This site contains no links.

Subject Issuer	Validity	Valid
user-account.co Amazon	`2021-01-19` - `2022-02-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
Frame ID: 6F11DF1C88AE0FF66BB943F8727E9E06
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

54 kB
Transfer

121 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 410 Primary Request 47fef40830 Show response
ato-dept-declarations.gov-services.online/ 2 KB
3 KB 970ms
319ms Document
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

befdc0e88611851b4c53f3e5dc1e190834c29d289e15404b3ffed6d9f6560d55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ato-dept-declarations.gov-services.online
:scheme: https
:path: /47fef40830?l=1749
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 11:12:01 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
set-cookie: EXFILGUID=47fef40830; path=/ link_clicked_47fef40830=1; path=/
x-request-id: 0d5873ac-6291-47cd-9442-8aa93d0f0d6d
x-runtime: 0.014438
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
server: ThreatSim-Web-Server

GET
H2 200 jquery.min.js Show response
ato-dept-declarations.gov-services.online/assets/ajax/libs/jquery/1.8.0/ 90 KB
33 KB 589ms
589ms Script
application/javascript 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ato-dept-declarations.gov-services.online/assets/ajax/libs/jquery/1.8.0/jquery.min.js
Requested by: Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Request headers

:path: /assets/ajax/libs/jquery/1.8.0/jquery.min.js
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 11:12:01 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 19:22:53 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000 public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.js Show response
ato-dept-declarations.gov-services.online/assets/ 28 KB
7 KB 304ms
303ms Script
application/javascript 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ato-dept-declarations.gov-services.online/assets/all.js?g=410
Requested by: Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com
Software: ThreatSim-Web-Server /
Resource Hash: 39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9

Request headers

:path: /assets/all.js?g=410
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 11:12:01 GMT
content-encoding: gzip
last-modified: Thu, 06 May 2021 19:22:53 GMT
server: ThreatSim-Web-Server
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000 public
content-length: 7191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 311ms
310ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=undefined&msg=window.tracking_id%20is%20not%20set%2C%20let%27s%20get%20it&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.007501
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: fda46388-b0bb-41f2-af06-eb32d03ece5a
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 308ms
307ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=unknown&msg=get-id%20is%20undefined&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.003831
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: eab47e77-7a8c-4d18-ad47-1c6a91f76c17
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 310ms
310ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=unknown&msg=found%20guid%20in%20last%20part%20of%20location&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=unknown&msg=found%20guid%20in%20last%20part%20of%20location&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.004625
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: db4eafb0-d210-4d9f-ac0c-dba8df2703c7
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

POST
H2 200 browser_post Show response
ato-dept-declarations.gov-services.online/secure/ 0
476 B 332ms
332ms XHR
image/gif 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ato-dept-declarations.gov-services.online/secure/browser_post

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/assets/ajax/libs/jquery/1.8.0/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://ato-dept-declarations.gov-services.online
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
content-length: 637
:path: /secure/browser_post
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 09 May 2021 11:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 124ef4fa-5c35-4d8c-a816-2ca33d111f77
x-runtime: 0.006645
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 307ms
303ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20localStorage%20%3D%20false&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.003315
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 621dd624-57f0-4501-9155-52025642176b
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
397 B 336ms
330ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20sessionStorage%20%3D%20true&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.027522
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 333473df-7387-47c2-90bd-bfb85ceb4266
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 328ms
323ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20hasCookies%20%3D%20true&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.020495
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 67cc747e-057b-46df-8f5e-08baa9633eff
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 326ms
321ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20browser%20%3D%20Chrome&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.014273
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 04804708-fa17-47d0-ab22-9808b09b79b6
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 329ms
324ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20browser_version%20%3D%2089&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20browser_version%20%3D%2089&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.020549
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: e7eda25c-f4ec-425a-9be9-3f478f36b921
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 325ms
319ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20os%20%3D%20Linux&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.009771
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: e7b5ef8a-89a5-4c74-97e7-817ad07ebb47
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 324ms
319ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20os_version%20%3D%2010&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.010092
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 0d608b3d-a8ae-43fc-a7f3-3543988e21a3
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 332ms
327ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20language%20%3D%20en-US&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.009251
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: b8defd48-9e34-46d8-a4cd-a880ebefedeb
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 334ms
328ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20colorDepth%20%3D%2024&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.008113
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: cdd369d9-9927-4b74-a9c1-21054a465555
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 345ms
340ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20width%20%3D%201600&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.024970
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 8952d823-2e9f-4b06-b509-004a37e8de53
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
397 B 341ms
335ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=BrowserDetect%20-%20height%20%3D%201200&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.023608
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 472d5bc0-36bb-47ed-9377-80b42548d766
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 log
ato-dept-declarations.gov-services.online/ 0
476 B 331ms
326ms Image
image/gif 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/log?id=47fef40830&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /log?id=47fef40830&sev=1&msg=PluginDetect%20is%20not%20defined&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 11:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 67746ed9-1216-4d46-857d-cd195482a50f
x-runtime: 0.016123
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 337ms
333ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=Loading%20Java%20version%20from%20pinlady&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.015821
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 68782045-a2d9-42b3-ac9c-f13a83b3265c
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 log
ato-dept-declarations.gov-services.online/ 0
476 B 339ms
334ms Image
image/gif 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/log?id=47fef40830&sev=1&msg=Cannot%20read%20property%20%27getVersion%27%20of%20undefined&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /log?id=47fef40830&sev=1&msg=Cannot%20read%20property%20%27getVersion%27%20of%20undefined&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 11:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 7be01c6b-7f20-49a6-898b-453825f148cb
x-runtime: 0.021999
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 325ms
321ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=Loading%20Java%20version%20from%20deployJava&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.007228
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 673220a9-a60c-49e5-b472-c2fcb14077b7
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 log
ato-dept-declarations.gov-services.online/ 0
476 B 340ms
336ms Image
image/gif 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/log?id=47fef40830&sev=1&msg=deployJava%20is%20not%20defined&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /log?id=47fef40830&sev=1&msg=deployJava%20is%20not%20defined&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 09 May 2021 11:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 21432976-9117-4343-a627-a3184c468f28
x-runtime: 0.010354
referrer-policy: strict-origin-when-cross-origin
server: ThreatSim-Web-Server
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
395 B 322ms
318ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=java_version%20%3D%20undefined&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=java_version%20%3D%20undefined&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.006056
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: cb4b1850-2e23-428b-9eb3-e0f05521ccef
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 339ms
336ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=Loading%20flash%20version&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=Loading%20flash%20version&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.013729
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: b14f176d-3b91-42e4-aff5-56d846a8fc73
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 337ms
334ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=Loading%20pdf%20version&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=Loading%20pdf%20version&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.008919
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 5712a1b2-55b3-440f-8f71-c93295bab2fe
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
397 B 346ms
343ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=Loading%20quicktime%20version&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=Loading%20quicktime%20version&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.007118
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 1f6d17f0-f6d2-4394-974e-5694785cd679
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 335ms
333ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=Loading%20RealPlayer%20version&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=Loading%20RealPlayer%20version&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.009789
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 8186ef79-37ac-4e60-bffc-fe0fbde37479
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 344ms
341ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=Loading%20Silverlight%20version&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=Loading%20Silverlight%20version&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.010850
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: f72a98bc-f434-40cb-90ae-e6a9abe0fceb
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 337ms
335ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=Loading%20WindowsMediaPlayer%20version&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.008116
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: be8166ae-9f06-40dd-8154-693096e4a784
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 340ms
338ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=redirect_url%20is%20undefined&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=redirect_url%20is%20undefined&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.009520
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-06115b2576a140d36 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: 4c016ec8-afe5-41db-948f-a7adf7f7734a
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

GET
H2 200 trace
ato-dept-declarations.gov-services.online/ 0
396 B 307ms
306ms Image
text/html 3.105.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ato-dept-declarations.gov-services.online/trace?id=47fef40830&msg=browser_post_successful&correlation_id=undefined

Requested by

Host: ato-dept-declarations.gov-services.online
URL: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.105.144.17 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-105-144-17.ap-southeast-2.compute.amazonaws.com

Software

ThreatSim-Web-Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /trace?id=47fef40830&msg=browser_post_successful&correlation_id=undefined
pragma: no-cache
cookie: EXFILGUID=47fef40830; link_clicked_47fef40830=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ato-dept-declarations.gov-services.online
referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ato-dept-declarations.gov-services.online/47fef40830?l=1749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.004061
date: Sun, 09 May 2021 11:12:02 GMT
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-host-info: lw-prod-ap-i-0282db0592db86c67 ; 1976f574a321a2ad7a4eaf0f51c9a7b25652101b
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
x-request-id: f194b308-fbe1-4171-a3e9-2b1f6d90c194
content-length: 0
x-content-type-options: nosniff
server: ThreatSim-Web-Server

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ato-dept-declarations.gov-services.online/	1969-12-31 23:59:59	Name: link_clicked_47fef40830 Value: 1
			ato-dept-declarations.gov-services.online/	1969-12-31 23:59:59	Name: EXFILGUID Value: 47fef40830

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ato-dept-declarations.gov-services.online
3.105.144.17
39b4614f1c87cf0cfd1bc3375642e95825cb2018e0318a36aad766ddb5a8cbe9
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
befdc0e88611851b4c53f3e5dc1e190834c29d289e15404b3ffed6d9f6560d55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ato-dept-declarations.gov-services.online Open in urlscan Pro 3.105.144.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

54 kBTransfer

121 kBSize

2 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ato-dept-declarations.gov-services.online Open in urlscan Pro
3.105.144.17 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

54 kB
Transfer

121 kB
Size

2
Cookies

32 HTTP transactions
0 data transactions