Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

URLScan

urlscan

1

http://mygov-ato.info

windows10-2004-x64

1

http://mygov-ato.info

android-9-x86

7

http://mygov-ato.info

android-10-x64

7

http://mygov-ato.info

android-11-x64

7

Analysis

  • max time kernel
    124s
  • max time network
    132s
  • platform
    android_x64
  • resource
    android-x64-arm64-20240506-en
  • resource tags

    androidarch:armarch:arm64arch:x64arch:x86image:android-x64-arm64-20240506-enlocale:en-usos:android-11-x64system
  • submitted
    13/05/2024, 02:48 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    http://mygov-ato.info

Score
7/10
discoveryevasion

Malware Config

Signatures

Processes

  • com.android.chrome
    1⤵
    • Checks CPU information
    • Checks memory information
    PID:4702

Network

  • flag-us
    DNS
    android.apis.google.com
    Remote address:
    1.1.1.1:53
    Request
    android.apis.google.com
    IN A
    Response
    android.apis.google.com
    IN CNAME
    clients.l.google.com
    clients.l.google.com
    IN A
    172.217.16.238
  • flag-us
    DNS
    mygov-ato.info
    Remote address:
    1.1.1.1:53
    Request
    mygov-ato.info
    IN A
    Response
    mygov-ato.info
    IN A
    172.67.143.125
    mygov-ato.info
    IN A
    104.21.95.69
  • flag-us
    DNS
    accounts.google.com
    Remote address:
    1.1.1.1:53
    Request
    accounts.google.com
    IN A
    Response
    accounts.google.com
    IN A
    64.233.184.84
  • flag-us
    DNS
    accounts.google.com
    Remote address:
    1.1.1.1:53
    Request
    accounts.google.com
    IN A
    Response
    accounts.google.com
    IN A
    74.125.206.84
  • flag-us
    DNS
    mygov-ato.info
    Remote address:
    1.1.1.1:53
    Request
    mygov-ato.info
    IN A
    Response
    mygov-ato.info
    IN A
    172.67.143.125
    mygov-ato.info
    IN A
    104.21.95.69
  • flag-be
    POST
    https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
    Remote address:
    74.125.206.84:443
    Request
    POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/2.0
    host: accounts.google.com
    content-length: 1
    origin: https://www.google.com
    content-type: application/x-www-form-urlencoded
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
  • flag-us
    GET
    http://mygov-ato.info/
    Remote address:
    172.67.143.125:80
    Request
    GET / HTTP/1.1
    Host: mygov-ato.info
    Connection: keep-alive
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Accept-Encoding: gzip, deflate
    Accept-Language: en-US,en;q=0.9
    Response
    HTTP/1.1 301 Moved Permanently
    Date: Mon, 13 May 2024 02:49:09 GMT
    Content-Type: text/html
    Content-Length: 167
    Connection: keep-alive
    Cache-Control: max-age=3600
    Expires: Mon, 13 May 2024 03:49:09 GMT
    Location: https://mygov-ato.info/
    Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guap7qFwVyGOOCNalcElo366Ifh4C4yus8aTS8yaa%2FfOmy4B5HYq1SBhdLwP0pL7npUbOVbLLPFSHFGRQ1DNCffv%2Ffoq1olhuvO9rprLytVqNrt43nZYW0cUA3iF%2FK00tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    Vary: Accept-Encoding
    Server: cloudflare
    CF-RAY: 882f5568ed5b4141-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/
    Remote address:
    172.67.143.125:443
    Request
    GET / HTTP/2.0
    host: mygov-ato.info
    upgrade-insecure-requests: 1
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    sec-fetch-site: none
    sec-fetch-mode: navigate
    sec-fetch-dest: document
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 403
    date: Mon, 13 May 2024 02:49:09 GMT
    content-type: text/html; charset=UTF-8
    accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
    cross-origin-embedder-policy: require-corp
    cross-origin-opener-policy: same-origin
    cross-origin-resource-policy: same-origin
    origin-agent-cluster: ?1
    permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
    referrer-policy: same-origin
    x-frame-options: SAMEORIGIN
    cf-mitigated: challenge
    cf-chl-out: N+SNTBVXO2RMXgVyN8NXML4d2yn8KuhJJGlUkaxTyLzHqAIrp+WGf+KcvYNtaWmjS7nHXeIZcuW22cUKJrCIjOtfigz4WiD+A4tzb9g7gGDTKUrdp97NevvW6ajiI5knuyORuOoTiPNJ/6FCOxOfBQ==$uXDWh84Y96tkVDIP6F36ZQ==
    cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    expires: Thu, 01 Jan 1970 00:00:01 GMT
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nw2s%2FFDua8x9IHdw3gspN5dIMJ0DR12W8PpmXbxxgP4buBbDvu4sLSNPY%2BxxtLH9OdUiGH%2BcOO%2BKBW6cYhWPlQAWBBSUEonkoZZJPbA94mkZm1zP0C%2BK8kj9wunWhDAPqg%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 882f556a1bcf94c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=882f556a1bcf94c6
    Remote address:
    172.67.143.125:443
    Request
    GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=882f556a1bcf94c6 HTTP/2.0
    host: mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: */*
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: script
    referer: https://mygov-ato.info/?__cf_chl_rt_tk=pttPzTXzCFkjkWRU6gkB4meItCeyBzzLoClNqwmXnxg-1715568549-0.0.1.1-1279
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:10 GMT
    content-type: application/javascript; charset=UTF-8
    cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnHXbtE4cFE66eidx9kT0tpy2gSlJDJKnjZRWP%2FVvoXGWOg7uGkb%2BjFaN50JD%2BkPyNFxybjiViY5TN04UUbDjW50bC28R7w1TBDPPpEUjWmZSQPguYauRCde0zeOQu9s8g%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 882f5570dfaf94c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/favicon.ico
    Remote address:
    172.67.143.125:443
    Request
    GET /favicon.ico HTTP/2.0
    host: mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: image/webp,image/apng,image/*,*/*;q=0.8
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://mygov-ato.info/
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 403
    date: Mon, 13 May 2024 02:49:10 GMT
    content-type: text/html; charset=UTF-8
    accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
    cross-origin-embedder-policy: require-corp
    cross-origin-opener-policy: same-origin
    cross-origin-resource-policy: same-origin
    origin-agent-cluster: ?1
    permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
    referrer-policy: same-origin
    x-frame-options: SAMEORIGIN
    cf-mitigated: challenge
    cf-chl-out: qmIwQjGB/x3Acq7AoxeeSgfUF8/cPbt9cGN3mvng5vr0u0f+I9KKa68z6lhDT/ELPTXHLCDrDFIg6d5d/3wdKeveW0Jfmr9YOF0fWUwTX0w2ySxq86l8rkbr3Vf2MB5MoOVJ3makWK9N5ALbpfvNWA==$gNwvBNCFjHK/xgza6Nwunw==
    cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    expires: Thu, 01 Jan 1970 00:00:01 GMT
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2FK2TLPVwtuf8FQQLcq7%2FZhlejl6evk%2FwIshmf24EBF7uwrWW2YnCjMibGBB11ei7QgezQwhSqMG5x%2Fwr4tClL%2BwWlhqZEGPbYxh8WxWJQohRMZzFV9FvH0n6K9IZeMZqg%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 882f5572b8aa94c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/favicon.ico
    Remote address:
    172.67.143.125:443
    Request
    GET /favicon.ico HTTP/2.0
    host: mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: image/webp,image/apng,image/*,*/*;q=0.8
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://mygov-ato.info/
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 403
    date: Mon, 13 May 2024 02:49:10 GMT
    content-type: text/html; charset=UTF-8
    accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
    cross-origin-embedder-policy: require-corp
    cross-origin-opener-policy: same-origin
    cross-origin-resource-policy: same-origin
    origin-agent-cluster: ?1
    permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
    referrer-policy: same-origin
    x-frame-options: SAMEORIGIN
    cf-mitigated: challenge
    cf-chl-out: fvveGnLtmNWsfcXJH4gMG2nG99gntSWxdbAF79OEYdPbuP4+5yL01+MhxQGYimkeLls5NGZrc6BbpETSPpupk5FsVjBUKzTTwsT/lBw91gDKIgybUjs/EI9OXZLCzKAnK2aFHzShGa1xn9Ps5zFisQ==$QLBQmSP4c/hcC03Do2f7/g==
    cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    expires: Thu, 01 Jan 1970 00:00:01 GMT
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBBS7OXf4ng61llxhxFTJB5gmUg4VOOWmpQSKgGlHewpAeYTSrU%2BXA2m9c2o1w%2FCZn%2BAJAq%2BzRW7C6mxxBf1X4VR7F8ign8ZwF9Glt3HZjDCKTInipWDYPDiRR7fCVloiA%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 882f557348f094c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    POST
    https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/flow/ov1/216795345:1715566208:jN9hdTP6S9HJbFnEKJ_3RI_1bD5xbffbtRqwQf4laFk/882f556a1bcf94c6/44c887844a03f93
    Remote address:
    172.67.143.125:443
    Request
    POST /cdn-cgi/challenge-platform/h/g/flow/ov1/216795345:1715566208:jN9hdTP6S9HJbFnEKJ_3RI_1bD5xbffbtRqwQf4laFk/882f556a1bcf94c6/44c887844a03f93 HTTP/2.0
    host: mygov-ato.info
    content-length: 1997
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    cf-challenge: 44c887844a03f93
    content-type: application/x-www-form-urlencoded
    accept: */*
    origin: https://mygov-ato.info
    sec-fetch-site: same-origin
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    referer: https://mygov-ato.info/
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:11 GMT
    content-type: text/plain; charset=UTF-8
    cf-chl-gen: j9ZDpyTrv4UoMl0kLP0y75+CDdQ6wFsb3z+C8TQu9LGiglA2kNKbmz264y57LKWi$MQ6e1f7eu04vfUQBSaDBFA==
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKjTiabfwQ2PCSLxEVUxLdS8hEsKbduPl2ggatL0Ii9BFQiI2uRJcp5y4DLgBiFVmOFP6A%2BawLRl1ukwVllKnNXP396mvZ%2FQZllVdiPWIMoX%2FMETCzUnQa00oWBEHD35GA%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 882f5573c93794c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    POST
    https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/flow/ov1/216795345:1715566208:jN9hdTP6S9HJbFnEKJ_3RI_1bD5xbffbtRqwQf4laFk/882f556a1bcf94c6/44c887844a03f93
    Remote address:
    172.67.143.125:443
    Request
    POST /cdn-cgi/challenge-platform/h/g/flow/ov1/216795345:1715566208:jN9hdTP6S9HJbFnEKJ_3RI_1bD5xbffbtRqwQf4laFk/882f556a1bcf94c6/44c887844a03f93 HTTP/2.0
    host: mygov-ato.info
    content-length: 3429
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    cf-challenge: 44c887844a03f93
    content-type: application/x-www-form-urlencoded
    accept: */*
    origin: https://mygov-ato.info
    sec-fetch-site: same-origin
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    referer: https://mygov-ato.info/
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:38 GMT
    content-type: text/html; charset=UTF-8
    cf-chl-out-s: ZRImOLCURLANu9pYu+FmGQ==$02QiwTXZ07MMBSzHepIr3g==
    set-cookie: cf_chl_rc_i=;Expires=Sun, 12 May 2024 02:49:38 GMT;SameSite=Strict
    cf-chl-out: tq7W1CJ3YUPR82By5QjH4I9MkU0MH2PP99175KwVdau+G0UVDsxhtA3fZSlT/nLhIzZLlII62ig44GyNASZy0tKH8lxSlbrNJQmGI78xzIYd32uPxN8aBXCOR0O6kAO7$5/NJj7ET/8Z1syPdkhTTAA==
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vEtn7WnMQd3dIk%2F667EBiEDqD69oh8Jln5FuRsbwVj%2Fxo8q3i4fXSlYQnXJyiqRqzz3mt5rM%2BRiBp9MmVe5fje1JOoI3Xzlqobq5T11AYQ4lqqBV%2Fo%2FkZvxZKMrsAx1PbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 882f561e0e5b94c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/favicon.ico
    Remote address:
    172.67.143.125:443
    Request
    GET /favicon.ico HTTP/2.0
    host: mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: image/webp,image/apng,image/*,*/*;q=0.8
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://mygov-ato.info/?__cf_chl_tk=pttPzTXzCFkjkWRU6gkB4meItCeyBzzLoClNqwmXnxg-1715568549-0.0.1.1-1279
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 403
    date: Mon, 13 May 2024 02:49:38 GMT
    content-type: text/html; charset=UTF-8
    accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
    cross-origin-embedder-policy: require-corp
    cross-origin-opener-policy: same-origin
    cross-origin-resource-policy: same-origin
    origin-agent-cluster: ?1
    permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
    referrer-policy: same-origin
    x-frame-options: SAMEORIGIN
    cf-mitigated: challenge
    cf-chl-out: 2oCi4XFmdCG8LP3PrHsrxd0YH+iNvQ5HyWZipEofeYALSFnVbkUtywJfHdlmcwNnFeROHuo7AeJjDfVbINmmPwwiukdj7OXphSYkmoz7HAb75Qo/8RahZCEORw90+tFcdVVEcoKHwnIGYwp+bjpTog==$crrX1wYWYQe8hfxR6Be1+Q==
    cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    expires: Thu, 01 Jan 1970 00:00:01 GMT
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uiBvu9AuAHZNd0lbR4ev7DCvPNbb92YcwzgLmK98bkml%2Fw7BR2j0yNtSnn%2F46Hggcn40nIoQygM12q1yCClQfnizpDg8Y4wwydboe8RJDzPRlY7ZhDIOjVWXGrRcumoTww%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 882f561eeed294c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    POST
    https://mygov-ato.info/
    Remote address:
    172.67.143.125:443
    Request
    POST / HTTP/2.0
    host: mygov-ato.info
    content-length: 4036
    cache-control: max-age=0
    upgrade-insecure-requests: 1
    origin: https://mygov-ato.info
    content-type: application/x-www-form-urlencoded
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    sec-fetch-site: same-origin
    sec-fetch-mode: navigate
    sec-fetch-user: ?1
    sec-fetch-dest: document
    referer: https://mygov-ato.info/?__cf_chl_tk=pttPzTXzCFkjkWRU6gkB4meItCeyBzzLoClNqwmXnxg-1715568549-0.0.1.1-1279
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 503
    date: Mon, 13 May 2024 02:49:38 GMT
    content-type: text/html; charset=utf-8
    set-cookie: cf_clearance=XFnBzxZayCP3_BbIfvyAF5PQlJSXdTK.ZeWcX2CmgnA-1715568549-1.0.1.1-Jf4y67mZjKRDGuOqlq_rLwkCoLwNsbT6D5vG3whKZZApowBPTXUfb6n.P209uIRgaJDVn8YKEzR2xs7P0P6erg; Path=/; Expires=Tue, 13-May-25 02:49:38 GMT; Domain=.mygov-ato.info; HttpOnly; Secure; SameSite=None; Partitioned
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1; mode=block
    x-xss-protection: 1; mode=block
    set-cookie: ZYavSEAr0DqxQDOmEQxSOq1p7-4=Rq34EmZb88ioXCHEj1rbaAMIBBg; path=/; expires=Tue, 14-May-24 02:49:36 GMT; Max-Age=86400;
    set-cookie: uL8PFec57tQ8fibtGbiKw0RYuIQ=1715568576; path=/; expires=Tue, 14-May-24 02:49:36 GMT; Max-Age=86400;
    set-cookie: abDMYQZqX-af2GC9tH8-zpd-4_8=1715654976; path=/; expires=Tue, 14-May-24 02:49:36 GMT; Max-Age=86400;
    set-cookie: EZVYz_iWLlvbhdDQ6srqYgYQj1k=NLpnWdrg3IMUX0_b9xggXa02UYo; path=/; expires=Tue, 14-May-24 02:49:36 GMT; Max-Age=86400;
    x-frame-options: SAMEORIGIN
    cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    pragma: no-cache
    expires: 0
    cf-cache-status: DYNAMIC
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPnSvoFTlxPtkIvjPnjh%2B2I%2F40E89eOicbKE4XlLyoG9CEAdMRHOzYhCtz9USZ21cDRb9P954f%2FwBIQE5zoPHaY%2Bgmbi7V4XYzw68yIqFWDpUoKG%2FCeV%2FBxPfyJ9CNm9Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 882f561f0ee694c6-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    POST
    https://mygov-ato.info/
    Remote address:
    172.67.143.125:443
    Request
    POST / HTTP/2.0
    host: mygov-ato.info
    content-length: 22
    x-requested-timestamp-expire:
    x-requested-timestamp-combination:
    x-requested-type-combination: GET
    content-type: application/x-www-form-urlencoded
    x-requested-type: GET
    x-requested-with: XMLHttpRequest
    x-requested-timestamp:
    l1h2kjwi4ke8zozsjk37r-x1oe: 32292536
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: */*
    origin: https://mygov-ato.info
    sec-fetch-site: same-origin
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    referer: https://mygov-ato.info/
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    cookie: cf_clearance=XFnBzxZayCP3_BbIfvyAF5PQlJSXdTK.ZeWcX2CmgnA-1715568549-1.0.1.1-Jf4y67mZjKRDGuOqlq_rLwkCoLwNsbT6D5vG3whKZZApowBPTXUfb6n.P209uIRgaJDVn8YKEzR2xs7P0P6erg
    cookie: ZYavSEAr0DqxQDOmEQxSOq1p7-4=Rq34EmZb88ioXCHEj1rbaAMIBBg
    cookie: uL8PFec57tQ8fibtGbiKw0RYuIQ=1715568576
    cookie: abDMYQZqX-af2GC9tH8-zpd-4_8=1715654976
    cookie: EZVYz_iWLlvbhdDQ6srqYgYQj1k=NLpnWdrg3IMUX0_b9xggXa02UYo
    cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI
    Response
    HTTP/2.0 302
    date: Mon, 13 May 2024 02:49:38 GMT
    content-length: 0
    cache-control: max-age=300, public
    access-control-allow-origin: *
    location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKiVAvHo0SE2%2B8bi9jglxaisNzXBptD1lDUTIhSg6bR1ZAcFP8PnBtUx6KzLrOgW3ekD%2BPGnH5ok%2FkVFAYlV015ismBPdh2o%2BJb9xgY%2BNTIlrf8%2BeaaEZaKij2BJBXW4uw%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 882f5620bfcb94c6-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
    Remote address:
    172.67.143.125:443
    Request
    GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/2.0
    host: mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: */*
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: script
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    cookie: cf_clearance=XFnBzxZayCP3_BbIfvyAF5PQlJSXdTK.ZeWcX2CmgnA-1715568549-1.0.1.1-Jf4y67mZjKRDGuOqlq_rLwkCoLwNsbT6D5vG3whKZZApowBPTXUfb6n.P209uIRgaJDVn8YKEzR2xs7P0P6erg
    cookie: ZYavSEAr0DqxQDOmEQxSOq1p7-4=Rq34EmZb88ioXCHEj1rbaAMIBBg
    cookie: uL8PFec57tQ8fibtGbiKw0RYuIQ=1715568576
    cookie: abDMYQZqX-af2GC9tH8-zpd-4_8=1715654976
    cookie: EZVYz_iWLlvbhdDQ6srqYgYQj1k=NLpnWdrg3IMUX0_b9xggXa02UYo
    cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:38 GMT
    content-type: application/javascript; charset=UTF-8
    cache-control: max-age=14400, public
    x-content-type-options: nosniff
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K54z2VEjkbcthE2ws5yae8Vb3rPOgW70Lbl7b6D7zjxfg4EblnxStxTqUZNYC0%2FI6Z1mp8yd0x%2FUxZRgmtJTcmK91QhBeOSLMrxXKC4S%2BLyJN2C090Ptxdeq91T5%2BC37Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 882f5620ffee94c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/favicon.ico
    Remote address:
    172.67.143.125:443
    Request
    GET /favicon.ico HTTP/2.0
    host: mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: image/webp,image/apng,image/*,*/*;q=0.8
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://mygov-ato.info/
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    cookie: cf_clearance=XFnBzxZayCP3_BbIfvyAF5PQlJSXdTK.ZeWcX2CmgnA-1715568549-1.0.1.1-Jf4y67mZjKRDGuOqlq_rLwkCoLwNsbT6D5vG3whKZZApowBPTXUfb6n.P209uIRgaJDVn8YKEzR2xs7P0P6erg
    cookie: ZYavSEAr0DqxQDOmEQxSOq1p7-4=Rq34EmZb88ioXCHEj1rbaAMIBBg
    cookie: uL8PFec57tQ8fibtGbiKw0RYuIQ=1715568576
    cookie: abDMYQZqX-af2GC9tH8-zpd-4_8=1715654976
    cookie: EZVYz_iWLlvbhdDQ6srqYgYQj1k=NLpnWdrg3IMUX0_b9xggXa02UYo
    cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI
    Response
    HTTP/2.0 204
    date: Mon, 13 May 2024 02:49:38 GMT
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1; mode=block
    x-xss-protection: 1; mode=block
    set-cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI; path=/; expires=Tue, 14-May-24 02:49:37 GMT; Max-Age=86400;
    set-cookie: REG9ygg5Qqgh-0r9ZLIGPGcfHho=1715568577; path=/; expires=Tue, 14-May-24 02:49:37 GMT; Max-Age=86400;
    set-cookie: tZYeddKezrcPHHnbdETWrPwgQbI=1715654977; path=/; expires=Tue, 14-May-24 02:49:37 GMT; Max-Age=86400;
    set-cookie: PV6T5GqMv_xFyfNfR-ZxNoW4GqM=Q64U7sbOE7-Sk0OppPlqumccEgU; path=/; expires=Tue, 14-May-24 02:49:37 GMT; Max-Age=86400;
    x-frame-options: SAMEORIGIN
    cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    pragma: no-cache
    expires: 0
    x-server-powered-by: Engintron
    cf-cache-status: DYNAMIC
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uU%2Ff4IQQrBvReomxCFm8eaDcUhFmujyytYRPVbrPRPtex4dj4DyKRGNrSwGq%2B48S1k1lkRHvKrZX0qRZgxCpojZU5iImA43d5VDi3LyesX1zgZuze768qukBAmU6TuYEfA%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 882f56209fb594c6-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
    Remote address:
    172.67.143.125:443
    Request
    GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/2.0
    host: mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: */*
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: script
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    cookie: cf_clearance=XFnBzxZayCP3_BbIfvyAF5PQlJSXdTK.ZeWcX2CmgnA-1715568549-1.0.1.1-Jf4y67mZjKRDGuOqlq_rLwkCoLwNsbT6D5vG3whKZZApowBPTXUfb6n.P209uIRgaJDVn8YKEzR2xs7P0P6erg
    cookie: ZYavSEAr0DqxQDOmEQxSOq1p7-4=Rq34EmZb88ioXCHEj1rbaAMIBBg
    cookie: uL8PFec57tQ8fibtGbiKw0RYuIQ=1715568576
    cookie: abDMYQZqX-af2GC9tH8-zpd-4_8=1715654976
    cookie: EZVYz_iWLlvbhdDQ6srqYgYQj1k=NLpnWdrg3IMUX0_b9xggXa02UYo
    cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI
    Response
    HTTP/2.0 503
    date: Mon, 13 May 2024 02:49:38 GMT
    content-type: text/html; charset=utf-8
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1; mode=block
    x-xss-protection: 1; mode=block
    cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    pragma: no-cache
    x-frame-options: SAMEORIGIN
    expires: 0
    cf-cache-status: BYPASS
    set-cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI; path=/; expires=Tue, 14-May-24 02:49:37 GMT; Max-Age=86400;
    set-cookie: REG9ygg5Qqgh-0r9ZLIGPGcfHho=1715568577; path=/; expires=Tue, 14-May-24 02:49:37 GMT; Max-Age=86400;
    set-cookie: tZYeddKezrcPHHnbdETWrPwgQbI=1715654977; path=/; expires=Tue, 14-May-24 02:49:37 GMT; Max-Age=86400;
    set-cookie: PV6T5GqMv_xFyfNfR-ZxNoW4GqM=Q64U7sbOE7-Sk0OppPlqumccEgU; path=/; expires=Tue, 14-May-24 02:49:37 GMT; Max-Age=86400;
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxYsUaUx6ElLokoE1R6z%2F2OkvUlajIojIAEtvwM%2FemjRsUH%2Fv5L1y2nzssrCmvaAnRrVwapzVkX7XPlQZEctScpL8f0smdQiQ8vnfoqlq4YcJ5K1iF3F9n85RFHDeHVwfw%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 882f5620dfe594c6-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/
    Remote address:
    172.67.143.125:443
    Request
    GET / HTTP/2.0
    host: mygov-ato.info
    upgrade-insecure-requests: 1
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    sec-fetch-site: same-origin
    sec-fetch-mode: navigate
    sec-fetch-dest: document
    referer: https://mygov-ato.info/
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    cookie: cf_clearance=XFnBzxZayCP3_BbIfvyAF5PQlJSXdTK.ZeWcX2CmgnA-1715568549-1.0.1.1-Jf4y67mZjKRDGuOqlq_rLwkCoLwNsbT6D5vG3whKZZApowBPTXUfb6n.P209uIRgaJDVn8YKEzR2xs7P0P6erg
    cookie: ZYavSEAr0DqxQDOmEQxSOq1p7-4=Rq34EmZb88ioXCHEj1rbaAMIBBg
    cookie: uL8PFec57tQ8fibtGbiKw0RYuIQ=1715568576
    cookie: abDMYQZqX-af2GC9tH8-zpd-4_8=1715654976
    cookie: EZVYz_iWLlvbhdDQ6srqYgYQj1k=NLpnWdrg3IMUX0_b9xggXa02UYo
    cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI
    cookie: REG9ygg5Qqgh-0r9ZLIGPGcfHho=1715568577
    cookie: tZYeddKezrcPHHnbdETWrPwgQbI=1715654977
    cookie: PV6T5GqMv_xFyfNfR-ZxNoW4GqM=Q64U7sbOE7-Sk0OppPlqumccEgU
    Response
    HTTP/2.0 404
    date: Mon, 13 May 2024 02:49:38 GMT
    content-type: text/html
    vary: Accept-Encoding
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1; mode=block
    x-xss-protection: 1; mode=block
    cf-cache-status: DYNAMIC
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYw0pcldqI5uw6Ar3fvdZKUb1%2FYLdAtPRGe7S8%2BN1LEELZMeIpZ92EAO%2FlZ86rfvTTmXxzWpync7rvzIq5PY%2B5ZiMS4RFWlNDLWq0ayK1V9myik1JGGTdcW%2FGfmEq7R2tw%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 882f5621681f94c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    POST
    https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/jsd/r/882f5621681f94c6
    Remote address:
    172.67.143.125:443
    Request
    POST /cdn-cgi/challenge-platform/h/g/jsd/r/882f5621681f94c6 HTTP/2.0
    host: mygov-ato.info
    content-length: 13372
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    content-type: application/json
    accept: */*
    origin: https://mygov-ato.info
    sec-fetch-site: same-origin
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    cookie: cf_clearance=XFnBzxZayCP3_BbIfvyAF5PQlJSXdTK.ZeWcX2CmgnA-1715568549-1.0.1.1-Jf4y67mZjKRDGuOqlq_rLwkCoLwNsbT6D5vG3whKZZApowBPTXUfb6n.P209uIRgaJDVn8YKEzR2xs7P0P6erg
    cookie: ZYavSEAr0DqxQDOmEQxSOq1p7-4=Rq34EmZb88ioXCHEj1rbaAMIBBg
    cookie: uL8PFec57tQ8fibtGbiKw0RYuIQ=1715568576
    cookie: abDMYQZqX-af2GC9tH8-zpd-4_8=1715654976
    cookie: EZVYz_iWLlvbhdDQ6srqYgYQj1k=NLpnWdrg3IMUX0_b9xggXa02UYo
    cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI
    cookie: REG9ygg5Qqgh-0r9ZLIGPGcfHho=1715568577
    cookie: tZYeddKezrcPHHnbdETWrPwgQbI=1715654977
    cookie: PV6T5GqMv_xFyfNfR-ZxNoW4GqM=Q64U7sbOE7-Sk0OppPlqumccEgU
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:39 GMT
    content-type: text/plain; charset=UTF-8
    content-length: 0
    set-cookie: cf_clearance=dMl3zM0RLPiF4XEMx.eWA0Qj6hZ5J_NnyzjllVruQvs-1715568579-1.0.1.1-rKApNkFDdHcEk.0WaNg9aZ40jpUd6i.oEnnNcZxS5BmUinyKk0ncjw.NjBpX5cw9_8zONCeIA3iDi0rW5xUHAA; Path=/; Expires=Tue, 13-May-25 02:49:39 GMT; Domain=.mygov-ato.info; HttpOnly; Secure; SameSite=None; Partitioned
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l7kCIIluN9cUNqAofYYFLly9QmS4y3r9lRnkFmJJ8Ox%2B5sTPoaJ6yU%2FZel%2B21cx1FxhstU1zbZi%2F1sk62LRHXmbTXO8rIQk4Xi92gofbPBd2LhBWG%2BcN0u%2BC1ROApRIQew%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 882f56253a9494c6-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://mygov-ato.info/favicon.ico
    Remote address:
    172.67.143.125:443
    Request
    GET /favicon.ico HTTP/2.0
    host: mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: image/webp,image/apng,image/*,*/*;q=0.8
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://mygov-ato.info/
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    cookie: cf_clearance=XFnBzxZayCP3_BbIfvyAF5PQlJSXdTK.ZeWcX2CmgnA-1715568549-1.0.1.1-Jf4y67mZjKRDGuOqlq_rLwkCoLwNsbT6D5vG3whKZZApowBPTXUfb6n.P209uIRgaJDVn8YKEzR2xs7P0P6erg
    cookie: ZYavSEAr0DqxQDOmEQxSOq1p7-4=Rq34EmZb88ioXCHEj1rbaAMIBBg
    cookie: uL8PFec57tQ8fibtGbiKw0RYuIQ=1715568576
    cookie: abDMYQZqX-af2GC9tH8-zpd-4_8=1715654976
    cookie: EZVYz_iWLlvbhdDQ6srqYgYQj1k=NLpnWdrg3IMUX0_b9xggXa02UYo
    cookie: Op8mAQDGgC8YPzNEiyowm28lOY4=UR0-C-l1GmlBqN6s2Pzv0QlAFNI
    cookie: REG9ygg5Qqgh-0r9ZLIGPGcfHho=1715568577
    cookie: tZYeddKezrcPHHnbdETWrPwgQbI=1715654977
    cookie: PV6T5GqMv_xFyfNfR-ZxNoW4GqM=Q64U7sbOE7-Sk0OppPlqumccEgU
    Response
    HTTP/2.0 404
    date: Mon, 13 May 2024 02:49:39 GMT
    content-type: text/html
    vary: Accept-Encoding
    x-content-type-options: nosniff
    x-content-type-options: nosniff
    x-xss-protection: 1; mode=block
    x-xss-protection: 1; mode=block
    cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
    pragma: public
    cf-cache-status: MISS
    report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8FiDnStPoxeAYSmpx0I0i8hsAHC3vl%2FsyMpjGiCdZ1hhKE8w1scik7T6OJ6DrI7G3GULxdp0Q8iz7Aze6Kwy%2FzOJIFXgG7DmXbD1KxhnREv79nz%2FiEKhvKLUkq%2BpBEA%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
    nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
    server: cloudflare
    cf-ray: 882f56256aab94c6-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    ssl.google-analytics.com
    Remote address:
    1.1.1.1:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    142.250.187.200
  • flag-us
    DNS
    a.nel.cloudflare.com
    Remote address:
    1.1.1.1:53
    Request
    a.nel.cloudflare.com
    IN A
    Response
    a.nel.cloudflare.com
    IN A
    35.190.80.1
  • flag-us
    OPTIONS
    https://a.nel.cloudflare.com/report/v4?s=nw2s%2FFDua8x9IHdw3gspN5dIMJ0DR12W8PpmXbxxgP4buBbDvu4sLSNPY%2BxxtLH9OdUiGH%2BcOO%2BKBW6cYhWPlQAWBBSUEonkoZZJPbA94mkZm1zP0C%2BK8kj9wunWhDAPqg%3D%3D
    Remote address:
    35.190.80.1:443
    Request
    OPTIONS /report/v4?s=nw2s%2FFDua8x9IHdw3gspN5dIMJ0DR12W8PpmXbxxgP4buBbDvu4sLSNPY%2BxxtLH9OdUiGH%2BcOO%2BKBW6cYhWPlQAWBBSUEonkoZZJPbA94mkZm1zP0C%2BK8kj9wunWhDAPqg%3D%3D HTTP/2.0
    host: a.nel.cloudflare.com
    origin: https://mygov-ato.info
    access-control-request-method: POST
    access-control-request-headers: content-type
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
  • flag-us
    POST
    https://a.nel.cloudflare.com/report/v4?s=nw2s%2FFDua8x9IHdw3gspN5dIMJ0DR12W8PpmXbxxgP4buBbDvu4sLSNPY%2BxxtLH9OdUiGH%2BcOO%2BKBW6cYhWPlQAWBBSUEonkoZZJPbA94mkZm1zP0C%2BK8kj9wunWhDAPqg%3D%3D
    Remote address:
    35.190.80.1:443
    Request
    POST /report/v4?s=nw2s%2FFDua8x9IHdw3gspN5dIMJ0DR12W8PpmXbxxgP4buBbDvu4sLSNPY%2BxxtLH9OdUiGH%2BcOO%2BKBW6cYhWPlQAWBBSUEonkoZZJPbA94mkZm1zP0C%2BK8kj9wunWhDAPqg%3D%3D HTTP/2.0
    host: a.nel.cloudflare.com
    content-length: 406
    content-type: application/reports+json
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
  • flag-us
    OPTIONS
    https://a.nel.cloudflare.com/report/v4?s=Q8FiDnStPoxeAYSmpx0I0i8hsAHC3vl%2FsyMpjGiCdZ1hhKE8w1scik7T6OJ6DrI7G3GULxdp0Q8iz7Aze6Kwy%2FzOJIFXgG7DmXbD1KxhnREv79nz%2FiEKhvKLUkq%2BpBEA%2BA%3D%3D
    Remote address:
    35.190.80.1:443
    Request
    OPTIONS /report/v4?s=Q8FiDnStPoxeAYSmpx0I0i8hsAHC3vl%2FsyMpjGiCdZ1hhKE8w1scik7T6OJ6DrI7G3GULxdp0Q8iz7Aze6Kwy%2FzOJIFXgG7DmXbD1KxhnREv79nz%2FiEKhvKLUkq%2BpBEA%2BA%3D%3D HTTP/2.0
    host: a.nel.cloudflare.com
    origin: https://mygov-ato.info
    access-control-request-method: POST
    access-control-request-headers: content-type
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
  • flag-us
    POST
    https://a.nel.cloudflare.com/report/v4?s=Q8FiDnStPoxeAYSmpx0I0i8hsAHC3vl%2FsyMpjGiCdZ1hhKE8w1scik7T6OJ6DrI7G3GULxdp0Q8iz7Aze6Kwy%2FzOJIFXgG7DmXbD1KxhnREv79nz%2FiEKhvKLUkq%2BpBEA%2BA%3D%3D
    Remote address:
    35.190.80.1:443
    Request
    POST /report/v4?s=Q8FiDnStPoxeAYSmpx0I0i8hsAHC3vl%2FsyMpjGiCdZ1hhKE8w1scik7T6OJ6DrI7G3GULxdp0Q8iz7Aze6Kwy%2FzOJIFXgG7DmXbD1KxhnREv79nz%2FiEKhvKLUkq%2BpBEA%2BA%3D%3D HTTP/2.0
    host: a.nel.cloudflare.com
    content-length: 3694
    content-type: application/reports+json
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
  • flag-us
    DNS
    safebrowsing.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    safebrowsing.googleapis.com
    IN A
    Response
    safebrowsing.googleapis.com
    IN A
    216.58.201.106
  • flag-us
    DNS
    challenges.cloudflare.com
    Remote address:
    1.1.1.1:53
    Request
    challenges.cloudflare.com
    IN A
    Response
    challenges.cloudflare.com
    IN A
    104.17.2.184
    challenges.cloudflare.com
    IN A
    104.17.3.184
  • flag-us
    GET
    https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit
    Remote address:
    104.17.2.184:443
    Request
    GET /turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit HTTP/2.0
    host: challenges.cloudflare.com
    origin: https://mygov-ato.info
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: */*
    sec-fetch-site: cross-site
    sec-fetch-mode: cors
    sec-fetch-dest: script
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:10 GMT
    content-type: application/javascript; charset=UTF-8
    cache-control: max-age=604800, public
    cross-origin-resource-policy: cross-origin
    access-control-allow-origin: *
    vary: Accept-Encoding
    server: cloudflare
    cf-ray: 882f557318107772-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
    Remote address:
    104.17.2.184:443
    Request
    GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal HTTP/2.0
    host: challenges.cloudflare.com
    upgrade-insecure-requests: 1
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    sec-fetch-site: cross-site
    sec-fetch-mode: navigate
    sec-fetch-dest: iframe
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:11 GMT
    content-type: text/html; charset=UTF-8
    permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
    accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
    cross-origin-embedder-policy: require-corp
    cross-origin-opener-policy: same-origin
    content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
    critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
    cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    document-policy: js-profiling
    origin-agent-cluster: ?1
    cross-origin-resource-policy: cross-origin
    referrer-policy: same-origin
    server: cloudflare
    cf-ray: 882f55762c84251a-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/1TbiRfESsKcymAr3eCHUM4X%2FuXp47rxJdZPubDuaTsE%3D
    Remote address:
    104.17.2.184:443
    Request
    GET /cdn-cgi/challenge-platform/h/g/cmg/1/1TbiRfESsKcymAr3eCHUM4X%2FuXp47rxJdZPubDuaTsE%3D HTTP/2.0
    host: challenges.cloudflare.com
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: image/webp,image/apng,image/*,*/*;q=0.8
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:11 GMT
    content-type: image/png
    content-length: 61
    cache-control: max-age=2629800, public
    server: cloudflare
    cf-ray: 882f55769cac251a-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=882f55762c84251a
    Remote address:
    104.17.2.184:443
    Request
    GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=882f55762c84251a HTTP/2.0
    host: challenges.cloudflare.com
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: */*
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: script
    referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:11 GMT
    content-type: application/javascript; charset=UTF-8
    cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    server: cloudflare
    cf-ray: 882f5576acaf251a-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    POST
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67
    Remote address:
    104.17.2.184:443
    Request
    POST /cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67 HTTP/2.0
    host: challenges.cloudflare.com
    content-length: 3743
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    cf-challenge: db0280c21975f67
    content-type: application/x-www-form-urlencoded
    accept: */*
    origin: https://challenges.cloudflare.com
    sec-fetch-site: same-origin
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:11 GMT
    content-type: text/plain; charset=UTF-8
    cf-chl-gen: ur2vFUoue5mJyn1/Ab1RY6CA1rgOWuOhBBae37bis6BfIOzeqWLo8RqsWYurefUZcbggtv3qkyXyxxQJAaJqXAy31dWE97sAx085r1aqL+thXW6Am8MWQGpwazCFlPvltzGXynTLapOi8/XI6AW44cS1uC7RpMEpp+lYg1VJgXCtObJYkh04sgAg1PSZTD+zYQ3nZe5C4991twjtZAAHWm6RKbxTgnui08BO/kNWAFFmLSzj8YYEjHPcX2P+IOLSxIDViME9hNAoIo62ret2/FEivKou5bMMmHeJEn7O/5y92U05T3SNuAYkeLiX1LnKS/GwofiOUIbPzagO6ajtJ7O9TQ4jEkXxltViPkBKHcwuRUuOVgdDlzqb9I7oIHHQIiexYKwBeimHKJ6JeR0YEeL0ZDG/0kn4In8vLUR9qZn1DcbjVLxCYfYnDrRxl1l0UFj6mGWjUoOSjUrOKe8Hwl4YKOQuR5PsqFrrCRJX0wg=$5N/yFqGiX6sNZUA+NQDJ4Q==
    server: cloudflare
    cf-ray: 882f55788d79251a-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/882f55762c84251a/1715568551818/jJg5IsxA9HIi2PO
    Remote address:
    104.17.2.184:443
    Request
    GET /cdn-cgi/challenge-platform/h/g/i/882f55762c84251a/1715568551818/jJg5IsxA9HIi2PO HTTP/2.0
    host: challenges.cloudflare.com
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: image/webp,image/apng,image/*,*/*;q=0.8
    sec-fetch-site: same-origin
    sec-fetch-mode: no-cors
    sec-fetch-dest: image
    referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:12 GMT
    content-type: image/png
    content-length: 61
    server: cloudflare
    cf-ray: 882f557fe91b251a-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    GET
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/882f55762c84251a/1715568551827/4db09d2c95c1e95c2c30d0c9f3bfba6601df7e43bfdb241698212cedd0fe9672/xghSMsqSBYHX88V
    Remote address:
    104.17.2.184:443
    Request
    GET /cdn-cgi/challenge-platform/h/g/pat/882f55762c84251a/1715568551827/4db09d2c95c1e95c2c30d0c9f3bfba6601df7e43bfdb241698212cedd0fe9672/xghSMsqSBYHX88V HTTP/2.0
    host: challenges.cloudflare.com
    cache-control: max-age=0
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept: */*
    sec-fetch-site: same-origin
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 401
    date: Mon, 13 May 2024 02:49:13 GMT
    content-type: text/plain; charset=UTF-8
    content-length: 1
    www-authenticate: PrivateToken challenge="AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gTbCdLJXB6VwsMNDJ87-6ZgHffkO_2yQWmCEs7dD-lnIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAwJNLx-F--HQ4G6w81Lqhm55Wqle9iE4E64E37YL7QkK_ylJ-Dsmf1v3knq_MpBi8JncpUaWMssdL2Aha6xVtTuit-n3zEDZCW0VR_73N-Mc6DxdptQ_jsmIxis7apwux2f5L0gN0Z4K9C36tRcIL-chm-gijHvxrbhcCYusNwrgAlFaiqNWBqxKTiuPduHX4CNzNb7BAiNPz7ppY7Xn1WjmxSB-BaqSVLCYtDy-Mw41UBzE3QEcVUcRH9er-MksFvohzvhlnTTonFaMyAUYx3d_uCdDannmVQhRsm-aJs_P_GGe1TX3e9g5Sy-NmhGrro0kncbPlfTwFxa8SwJ5-8QIDAQAB", max-age=20, PrivateToken challenge="AAIALHBwLWlzc3Vlci1wcm9kdWN0aW9uLnJlc2VhcmNoLmNsb3VkZmxhcmUuY29tIE2wnSyVwelcLDDQyfO_umYB335Dv9skFpghLO3Q_pZyABljaGFsbGVuZ2VzLmNsb3VkZmxhcmUuY29t", token-key="MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAi_Bv1vvWWnyuOfVJgRV-AQLxEJECUUmMRrMnYz-gJA-oMd79ajvP3atoTZqB_EsZIq7SMmpbCRFhPolqzIrtXh7AF1Q-ZWY2RoRVRgKr7d6iJMZ49iZUmbz837eqBZJrEMuXftZmY35str5sb0GjzklF8z_hcQJC9vancYXncsYoiMDaROW0tLwSQA9BGfbmA6GlbVj4XH8DH19cKifxmO6RlIPPKlL1KmZbrRakkpuqvJO2-x1Zc2S5GCpponuvQTqJQH8Ud9loZLI75e-Xa9KAUNtBTM0t9WSEsv8cSJLV1BPBVTy1lOnwghofw4fqmlYv6CXClzAUqWouSTJ7uwIDAQAB", max-age=20
    server: cloudflare
    cf-ray: 882f5583aa9f251a-LHR
    alt-svc: h3=":443"; ma=86400
  • flag-us
    POST
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67
    Remote address:
    104.17.2.184:443
    Request
    POST /cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67 HTTP/2.0
    host: challenges.cloudflare.com
    content-length: 29532
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    cf-challenge: db0280c21975f67
    content-type: application/x-www-form-urlencoded
    accept: */*
    origin: https://challenges.cloudflare.com
    sec-fetch-site: same-origin
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:18 GMT
    content-type: text/plain; charset=UTF-8
    cf-chl-gen: jCBUAZiNbzVCGSZM73LRsoq6MByCIAvosaajwtp9gmMx1RBatoXmrYsKabuwd4S7$Jp7kucMyghNFahCb/NJxXg==
    server: cloudflare
    cf-ray: 882f559f2e85251a-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    POST
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67
    Remote address:
    104.17.2.184:443
    Request
    POST /cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67 HTTP/2.0
    host: challenges.cloudflare.com
    content-length: 32564
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    cf-challenge: db0280c21975f67
    content-type: application/x-www-form-urlencoded
    accept: */*
    origin: https://challenges.cloudflare.com
    sec-fetch-site: same-origin
    sec-fetch-mode: cors
    sec-fetch-dest: empty
    referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
    accept-encoding: gzip, deflate, br
    accept-language: en-US,en;q=0.9
    Response
    HTTP/2.0 200
    date: Mon, 13 May 2024 02:49:38 GMT
    content-type: text/html; charset=UTF-8
    cf-chl-out: RZrPVj78ZTbshPPZof22+3/wp1/UcJKXmvmkxmYab7vT5+NlJYTfLer71UBJLl/nqemnzrgIdZrouWrAtP85jXYjBBmnNGOzxgXfakAQeqOI+ejM7V2VAF56Nt1nQvUk$PS9iGFtPRZYz/TDe5Q2h2A==
    cf-chl-out-s: biTTwKW10HZFJTKzyMKyHQ==$0pIxAQ2cpli9mgvGrCCkeA==
    server: cloudflare
    cf-ray: 882f561c9e29251a-LHR
    content-encoding: br
    alt-svc: h3=":443"; ma=86400
  • flag-us
    DNS
    update.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    update.googleapis.com
    IN A
    Response
    update.googleapis.com
    IN A
    142.250.200.3
  • flag-gb
    POST
    https://update.googleapis.com/service/update2
    Remote address:
    142.250.200.3:443
    Request
    POST /service/update2 HTTP/1.1
    Content-Length: 673
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; Pixel 2 Build/RSR1.210722.013)
    Host: update.googleapis.com
    Connection: Keep-Alive
    Accept-Encoding: gzip
    Response
    HTTP/1.1 200 OK
    Content-Security-Policy: script-src 'report-sample' 'nonce-eYfXIUK9t9aIGw2VgfPmJQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Mon, 13 May 2024 02:49:14 GMT
    Content-Type: text/xml; charset=UTF-8
    X-Daynum: 6341
    X-Daystart: 71354
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-gb
    POST
    https://update.googleapis.com/service/update2
    Remote address:
    142.250.200.3:443
    Request
    POST /service/update2 HTTP/1.1
    Content-Length: 687
    Content-Type: application/x-www-form-urlencoded
    User-Agent: Dalvik/2.1.0 (Linux; U; Android 11; Pixel 2 Build/RSR1.210722.013)
    Host: update.googleapis.com
    Connection: Keep-Alive
    Accept-Encoding: gzip
    Response
    HTTP/1.1 200 OK
    Content-Security-Policy: script-src 'report-sample' 'nonce-i0JBi8zjYEyqaU3EpE8JTw' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/clientupdate-aus/1
    Cache-Control: no-cache, no-store, max-age=0, must-revalidate
    Pragma: no-cache
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Date: Mon, 13 May 2024 02:49:15 GMT
    Content-Type: text/xml; charset=UTF-8
    X-Daynum: 6341
    X-Daystart: 71355
    Content-Encoding: gzip
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    Server: GSE
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    Transfer-Encoding: chunked
  • flag-us
    DNS
    fqjlvqyu
    Remote address:
    1.1.1.1:53
    Request
    fqjlvqyu
    IN A
    Response
  • flag-us
    DNS
    lcnpdbyltdn
    Remote address:
    1.1.1.1:53
    Request
    lcnpdbyltdn
    IN A
    Response
  • flag-us
    DNS
    tpmzatbmfibe
    Remote address:
    1.1.1.1:53
    Request
    tpmzatbmfibe
    IN A
    Response
  • flag-us
    DNS
    update.googleapis.com
    Remote address:
    1.1.1.1:53
    Request
    update.googleapis.com
    IN A
    Response
    update.googleapis.com
    IN A
    216.58.201.99
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json?cup2key=10:2372277283&cup2hreq=4bf6e4718548c504fef956f312b06e35c201eaf9a47c3b340d9f68e184cb757e
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json?cup2key=10:2372277283&cup2hreq=4bf6e4718548c504fef956f312b06e35c201eaf9a47c3b340d9f68e184cb757e HTTP/2.0
    host: update.googleapis.com
    content-length: 1314
    x-goog-update-appid: gcmjkmgdlgnkkcocmoeiminaijmmjnii,llkgjffcdpffmhiakmfcdcblohccpfmo,giekcmmlnklenlaomppkphknjmnnpneh,jflookgnkcckhobaglndicnbbgbonegd,khaoiebndkojlmppeemjhbpbandiljpe,ggkkehgbnfjpeggfpleeakpidbkibbmn,hfnkpimlhhgieaddgfemjhofmfblmnib,bklopemakmnopmghhmccadeonafabnal
    x-goog-update-interactivity: bg
    x-goog-update-updater: chrome-83.0.4103.106
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json HTTP/2.0
    host: update.googleapis.com
    content-length: 985
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json HTTP/2.0
    host: update.googleapis.com
    content-length: 979
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json HTTP/2.0
    host: update.googleapis.com
    content-length: 899
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json HTTP/2.0
    host: update.googleapis.com
    content-length: 975
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json HTTP/2.0
    host: update.googleapis.com
    content-length: 969
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json HTTP/2.0
    host: update.googleapis.com
    content-length: 1032
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json HTTP/2.0
    host: update.googleapis.com
    content-length: 975
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • flag-gb
    POST
    https://update.googleapis.com/service/update2/json
    Remote address:
    216.58.201.99:443
    Request
    POST /service/update2/json HTTP/2.0
    host: update.googleapis.com
    content-length: 904
    content-type: application/json
    sec-fetch-site: none
    sec-fetch-mode: no-cors
    sec-fetch-dest: empty
    user-agent: Mozilla/5.0 (Linux; Android 11; sdk_gphone_x86_64_arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.106 Mobile Safari/537.36
    accept-encoding: gzip, deflate, br
  • 172.217.16.238:443
    tls, https
    695 B
     40 B
     1
    1
  • 172.217.16.238:443
    tls, https
    695 B
     40 B
     1
    1
  • 172.217.16.238:443
    android.apis.google.com
    tls
    6.5kB
     10.4kB
     31
    31
  • 64.233.184.84:443
    accounts.google.com
    tls
    889 B
     4.6kB
     7
    6
  • 172.67.143.125:80
    mygov-ato.info
    216 B
     112 B
     4
    2
  • 172.67.143.125:80
    mygov-ato.info
    216 B
     164 B
     4
    3
  • 74.125.206.84:443
    https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
    tls, http2
    2.2kB
     7.8kB
     20
    16

    HTTP Request

    POST https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
  • 172.67.143.125:80
    http://mygov-ato.info/
    http
    660 B
     1.0kB
     4
    3

    HTTP Request

    GET http://mygov-ato.info/

    HTTP Response

    301
  • 172.67.143.125:443
    https://mygov-ato.info/favicon.ico
    tls, http2
    35.3kB
     206.9kB
     169
    203

    HTTP Request

    GET https://mygov-ato.info/

    HTTP Response

    403

    HTTP Request

    GET https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=882f556a1bcf94c6

    HTTP Response

    200

    HTTP Request

    GET https://mygov-ato.info/favicon.ico

    HTTP Response

    403

    HTTP Request

    GET https://mygov-ato.info/favicon.ico

    HTTP Response

    403

    HTTP Request

    POST https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/flow/ov1/216795345:1715566208:jN9hdTP6S9HJbFnEKJ_3RI_1bD5xbffbtRqwQf4laFk/882f556a1bcf94c6/44c887844a03f93

    HTTP Response

    200

    HTTP Request

    POST https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/flow/ov1/216795345:1715566208:jN9hdTP6S9HJbFnEKJ_3RI_1bD5xbffbtRqwQf4laFk/882f556a1bcf94c6/44c887844a03f93

    HTTP Response

    200

    HTTP Request

    GET https://mygov-ato.info/favicon.ico

    HTTP Request

    POST https://mygov-ato.info/

    HTTP Response

    403

    HTTP Response

    503

    HTTP Request

    POST https://mygov-ato.info/

    HTTP Request

    GET https://mygov-ato.info/cdn-cgi/challenge-platform/scripts/jsd/main.js

    HTTP Request

    GET https://mygov-ato.info/favicon.ico

    HTTP Response

    302

    HTTP Request

    GET https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

    HTTP Response

    200

    HTTP Response

    204

    HTTP Request

    GET https://mygov-ato.info/

    HTTP Response

    503

    HTTP Response

    404

    HTTP Request

    POST https://mygov-ato.info/cdn-cgi/challenge-platform/h/g/jsd/r/882f5621681f94c6

    HTTP Request

    GET https://mygov-ato.info/favicon.ico

    HTTP Response

    200

    HTTP Response

    404
  • 142.250.187.200:443
    ssl.google-analytics.com
    tls
    1.3kB
     6.0kB
     9
    8
  • 35.190.80.1:443
    https://a.nel.cloudflare.com/report/v4?s=Q8FiDnStPoxeAYSmpx0I0i8hsAHC3vl%2FsyMpjGiCdZ1hhKE8w1scik7T6OJ6DrI7G3GULxdp0Q8iz7Aze6Kwy%2FzOJIFXgG7DmXbD1KxhnREv79nz%2FiEKhvKLUkq%2BpBEA%2BA%3D%3D
    tls, http2
    7.8kB
     5.6kB
     31
    26

    HTTP Request

    OPTIONS https://a.nel.cloudflare.com/report/v4?s=nw2s%2FFDua8x9IHdw3gspN5dIMJ0DR12W8PpmXbxxgP4buBbDvu4sLSNPY%2BxxtLH9OdUiGH%2BcOO%2BKBW6cYhWPlQAWBBSUEonkoZZJPbA94mkZm1zP0C%2BK8kj9wunWhDAPqg%3D%3D

    HTTP Request

    POST https://a.nel.cloudflare.com/report/v4?s=nw2s%2FFDua8x9IHdw3gspN5dIMJ0DR12W8PpmXbxxgP4buBbDvu4sLSNPY%2BxxtLH9OdUiGH%2BcOO%2BKBW6cYhWPlQAWBBSUEonkoZZJPbA94mkZm1zP0C%2BK8kj9wunWhDAPqg%3D%3D

    HTTP Request

    OPTIONS https://a.nel.cloudflare.com/report/v4?s=Q8FiDnStPoxeAYSmpx0I0i8hsAHC3vl%2FsyMpjGiCdZ1hhKE8w1scik7T6OJ6DrI7G3GULxdp0Q8iz7Aze6Kwy%2FzOJIFXgG7DmXbD1KxhnREv79nz%2FiEKhvKLUkq%2BpBEA%2BA%3D%3D

    HTTP Request

    POST https://a.nel.cloudflare.com/report/v4?s=Q8FiDnStPoxeAYSmpx0I0i8hsAHC3vl%2FsyMpjGiCdZ1hhKE8w1scik7T6OJ6DrI7G3GULxdp0Q8iz7Aze6Kwy%2FzOJIFXgG7DmXbD1KxhnREv79nz%2FiEKhvKLUkq%2BpBEA%2BA%3D%3D
  • 216.58.201.106:443
    safebrowsing.googleapis.com
    tls
    9.0kB
     381.2kB
     156
    270
  • 104.17.2.184:443
    https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit
    tls, http2
    1.9kB
     18.8kB
     17
    24

    HTTP Request

    GET https://challenges.cloudflare.com/turnstile/v0/g/1b3559406bc8/api.js?onload=KtsCKf7&render=explicit

    HTTP Response

    200
  • 104.17.2.184:443
    https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67
    tls, http2
    77.8kB
     278.4kB
     167
    267

    HTTP Request

    GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/t49cw/0x4AAAAAAAAjq6WYeRDKmebM/light/normal

    HTTP Response

    200

    HTTP Request

    GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/1TbiRfESsKcymAr3eCHUM4X%2FuXp47rxJdZPubDuaTsE%3D

    HTTP Request

    GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=882f55762c84251a

    HTTP Response

    200

    HTTP Response

    200

    HTTP Request

    POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67

    HTTP Response

    200

    HTTP Request

    GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/882f55762c84251a/1715568551818/jJg5IsxA9HIi2PO

    HTTP Response

    200

    HTTP Request

    GET https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/882f55762c84251a/1715568551827/4db09d2c95c1e95c2c30d0c9f3bfba6601df7e43bfdb241698212cedd0fe9672/xghSMsqSBYHX88V

    HTTP Response

    401

    HTTP Request

    POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67

    HTTP Response

    200

    HTTP Request

    POST https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/272233844:1715566362:Q-YMNBv2gCNEEdu_fs3o34oOTsN7h6RVHgc7euD70mg/882f55762c84251a/db0280c21975f67

    HTTP Response

    200
  • 142.250.200.3:443
    https://update.googleapis.com/service/update2
    tls, http
    3.2kB
     8.3kB
     14
    15

    HTTP Request

    POST https://update.googleapis.com/service/update2

    HTTP Response

    200

    HTTP Request

    POST https://update.googleapis.com/service/update2

    HTTP Response

    200
  • 216.58.204.68:443
    tls, https
    928 B
     40 B
     2
    1
  • 216.58.204.68:443
    www.google.com
    tls
    11.5kB
     10.1kB
     33
    39
  • 172.217.169.46:443
    520 B
     10
  • 216.58.201.99:443
    https://update.googleapis.com/service/update2/json
    tls, http2
    14.2kB
     18.5kB
     51
    72

    HTTP Request

    POST https://update.googleapis.com/service/update2/json?cup2key=10:2372277283&cup2hreq=4bf6e4718548c504fef956f312b06e35c201eaf9a47c3b340d9f68e184cb757e

    HTTP Request

    POST https://update.googleapis.com/service/update2/json

    HTTP Request

    POST https://update.googleapis.com/service/update2/json

    HTTP Request

    POST https://update.googleapis.com/service/update2/json

    HTTP Request

    POST https://update.googleapis.com/service/update2/json

    HTTP Request

    POST https://update.googleapis.com/service/update2/json

    HTTP Request

    POST https://update.googleapis.com/service/update2/json

    HTTP Request

    POST https://update.googleapis.com/service/update2/json

    HTTP Request

    POST https://update.googleapis.com/service/update2/json
  • 1.1.1.1:53
    android.apis.google.com
    dns
    69 B
     109 B
     1
    1

    DNS Request

    android.apis.google.com

    DNS Response

    172.217.16.238

  • 224.0.0.251:5353
    3.7kB
     11
  • 1.1.1.1:53
    mygov-ato.info
    dns
    60 B
     92 B
     1
    1

    DNS Request

    mygov-ato.info

    DNS Response

    172.67.143.125
    104.21.95.69

  • 1.1.1.1:53
    accounts.google.com
    dns
    65 B
     81 B
     1
    1

    DNS Request

    accounts.google.com

    DNS Response

    64.233.184.84

  • 1.1.1.1:53
    accounts.google.com
    dns
    65 B
     81 B
     1
    1

    DNS Request

    accounts.google.com

    DNS Response

    74.125.206.84

  • 1.1.1.1:53
    mygov-ato.info
    dns
    60 B
     92 B
     1
    1

    DNS Request

    mygov-ato.info

    DNS Response

    172.67.143.125
    104.21.95.69

  • 1.1.1.1:53
    ssl.google-analytics.com
    dns
    70 B
     86 B
     1
    1

    DNS Request

    ssl.google-analytics.com

    DNS Response

    142.250.187.200

  • 1.1.1.1:53
    a.nel.cloudflare.com
    dns
    66 B
     82 B
     1
    1

    DNS Request

    a.nel.cloudflare.com

    DNS Response

    35.190.80.1

  • 1.1.1.1:53
    safebrowsing.googleapis.com
    dns
    73 B
     89 B
     1
    1

    DNS Request

    safebrowsing.googleapis.com

    DNS Response

    216.58.201.106

  • 1.1.1.1:53
    challenges.cloudflare.com
    dns
    71 B
     103 B
     1
    1

    DNS Request

    challenges.cloudflare.com

    DNS Response

    104.17.2.184
    104.17.3.184

  • 1.1.1.1:53
    update.googleapis.com
    dns
    67 B
     83 B
     1
    1

    DNS Request

    update.googleapis.com

    DNS Response

    142.250.200.3

  • 1.1.1.1:53
    fqjlvqyu
    dns
    54 B
     129 B
     1
    1

    DNS Request

    fqjlvqyu

  • 1.1.1.1:53
    lcnpdbyltdn
    dns
    57 B
     132 B
     1
    1

    DNS Request

    lcnpdbyltdn

  • 1.1.1.1:53
    tpmzatbmfibe
    dns
    58 B
     133 B
     1
    1

    DNS Request

    tpmzatbmfibe

  • 1.1.1.1:53
    update.googleapis.com
    dns
    67 B
     83 B
     1
    1

    DNS Request

    update.googleapis.com

    DNS Response

    216.58.201.99

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • files/dom-0.html

    Filesize

    1KB

    MD5

    50539f1d4ec618bf6892ae80fb321fbb

    SHA1

    e28d098c4d3d37b1387996c34b33f18f165faa47

    SHA256

    7a130d25c8ee15f49087f2fb655d2ee030665da7244ffc0b61b20fad27ee8ad8

    SHA512

    77ce3391b8607f5a16e5dcf0ddfb438ca396e20573882c0d79052eea69d6407a7014cbbc277a83f05d7093d63ca0f6d70df2cb3e0036e1720c563639199b3457

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.