govref-inbxmsg.buzz
Open in
urlscan Pro
104.21.63.239
Public Scan
Effective URL: https://govref-inbxmsg.buzz/
Submission Tags: @ecarlesi threat phishing mygov Search All
Submission: On May 10 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by GTS CA 1P5 on May 9th 2024. Valid for: 3 months.
This is the only time govref-inbxmsg.buzz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 104.21.63.239 104.21.63.239 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
govref-inbxmsg.buzz
1 redirects
govref-inbxmsg.buzz |
46 KB |
9 | 1 |
Domain | Requested by | |
---|---|---|
10 | govref-inbxmsg.buzz |
1 redirects
govref-inbxmsg.buzz
|
9 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
govref-inbxmsg.buzz GTS CA 1P5 |
2024-05-09 - 2024-08-07 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://govref-inbxmsg.buzz/
Frame ID: 35BA59D4BCED743E6E6FDD42AAC35BC2
Requests: 5 HTTP requests in this frame
Frame:
https://govref-inbxmsg.buzz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: 6B37F9EDA8D07E9AA3C05AB688BA46EE
Requests: 2 HTTP requests in this frame
Frame:
https://govref-inbxmsg.buzz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: F052358CB9B756BC3CB14E965FAF1AB1
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
403 ForbiddenPage URL History Show full URLs
-
http://govref-inbxmsg.buzz/
HTTP 307
https://govref-inbxmsg.buzz/ Page URL
- https://govref-inbxmsg.buzz/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://govref-inbxmsg.buzz/
HTTP 307
https://govref-inbxmsg.buzz/ Page URL
- https://govref-inbxmsg.buzz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://govref-inbxmsg.buzz/ HTTP 307
- https://govref-inbxmsg.buzz/
- https://govref-inbxmsg.buzz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://govref-inbxmsg.buzz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
govref-inbxmsg.buzz/ Redirect Chain
|
19 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
govref-inbxmsg.buzz/ |
0 909 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
govref-inbxmsg.buzz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame 6B37 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
govref-inbxmsg.buzz/ |
18 KB 19 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8817e041e8ee4c57
govref-inbxmsg.buzz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6B37 |
0 600 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
govref-inbxmsg.buzz/ |
2 KB 1011 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
govref-inbxmsg.buzz/cdn-cgi/challenge-platform/scripts/jsd/ Frame F052 |
8 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8817e043fb484c57
govref-inbxmsg.buzz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F052 |
0 594 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
govref-inbxmsg.buzz/ |
548 B 627 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 015 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
govref-inbxmsg.buzz/ | Name: GZxFIT_VRj3qfyeIfRk9mxuPIYg Value: LAZQMS0FjACzBdE0oD-X_whD-wI |
|
govref-inbxmsg.buzz/ | Name: yMIl55N21ygQO8gaYwU9qRK-DxA Value: 1715322573 |
|
govref-inbxmsg.buzz/ | Name: 7pWw-EyjU7YyCxLGRAyQ4YjTcTw Value: 1715408973 |
|
govref-inbxmsg.buzz/ | Name: smGhmyjKNupT51yDKkisyOTg5SY Value: -kwAWObnyZ474ojKNV2Xt7XNoPI |
|
govref-inbxmsg.buzz/ | Name: gq7VkZTaUDegVSNWTbI0UW2ik_w Value: 0Tk1zSgcHNvIXv3A2HlrqIacoLE |
|
govref-inbxmsg.buzz/ | Name: qLrma4CVV83Yvt2hkNd6NaKvYDI Value: n9l9RFWkAclkyyrhlL_LoKckowE |
|
govref-inbxmsg.buzz/ | Name: KOMvakukilVy3NrizSqoX0tJisk Value: 1715322577 |
|
govref-inbxmsg.buzz/ | Name: 6GDEfIQ5tNlSHmUyjJf0W91b9JI Value: 1715408977 |
|
govref-inbxmsg.buzz/ | Name: VC_ktNNhCaGEQIqSsTajA5SmwlE Value: fjTCT2ar54qo4CNDaz_NRu1Z4hs |
|
govref-inbxmsg.buzz/ | Name: J1Hz6pjP0kc8w8r4Z_SKP0Ri_N8 Value: KZdzR3Iw3Q2qUEtaZnIOb48eKYY |
|
govref-inbxmsg.buzz/ | Name: K73hMsGwvPYPXzkIzRver0R_hgI Value: jOVQ_5sJmlQJwhH95F5s-X7AAxA |
|
govref-inbxmsg.buzz/ | Name: 0DganTWDOkCQqq3fONzPM498pMA Value: 1715322562 |
|
govref-inbxmsg.buzz/ | Name: 50f8loBnUPoIkpnSj6TYTbg5NFU Value: 1715408962 |
|
govref-inbxmsg.buzz/ | Name: CDLEyLQulsVDMrNOOu_uItaomUA Value: WSAA_SActOUk4VMYIEb1vkI1Qzg |
|
.govref-inbxmsg.buzz/ | Name: cf_clearance Value: R458GbS8CfAZ4j4DCzuVS9tvSuspnva2voIWEbKabS4-1715322578-1.0.1.1-_hHmH1dEVX58iF169bzP4XJm50v_3VoJ.SYBs1JBQnD9qGQpU9rOLnH8.L1kCPTy_o00WAkAAbP4eo__igtCdQ |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
govref-inbxmsg.buzz
104.21.63.239
03a1a7a556a7991bd1fae8a46f424f84b2104311e6129f932a6cbd292c30eeb5
07a79bd5143033079611e6f9a653a8bdfc435ac9c0dd23e65596f46669d92c7c
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
a833f7c6392321e280792e5e7941f809b704334da6b736ec605312195380f108
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855