suspicious phishing

government

malicious

other

English

PD-S-SESSION-ID

The domain 'g5.gov' uses the United States government-restricted top-level domain (.gov) and has no subdomain. The core label 'g5' covers 2 characters holding 0 vowels versus one consonant; bonus characters include 1 digit. Segmentation suggests 2 words: g, 5. Median word length comes out to one character. 'g' is most common in Croatian usage. You may catch it in Chinese (Zhuyin) and Slovenian as well. Net impression: Croatian phrase with character flair.

html/2d/f8/2df8ee4c-c47b-4964-9caf-e3e2208f5f4b_fallback.html.gz

Welcome to G5 - Department of Education

html/2d/f8/2df8ee4c-c47b-4964-9caf-e3e2208f5f4b.html.gz

frame-ancestors 'self'; default-src 'self';style-src 'unsafe-inline' 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://www2.ed.gov/ https://ssl.google-analytics.com;img-src 'self' https://ssl.google-analytics.com;

frame-ancestors 'self'; default-src 'self';style-src 'unsafe-inline' 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://www2.ed.gov/ https://ssl.google-analytics.com;img-src 'self' https://ssl.google-analytics.com;,  frame-ancestors 'self'; default-src 'self';style-src 'unsafe-inline' 'self'; script-src 'unsafe-inline' 'self' 'unsafe-eval' https://www.googletagmanager.com https://dap.digitalgov.gov https://www2.ed.gov/ https://ssl.google-analytics.com;img-src 'self' https://ssl.google-analytics.com;

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

Requests	IP Address	Location	AS Autonomous System
3	165.224.131.167	Washington, District of Columbia, United States	AS3423ATTIS-ASN3423
0	165.224.131.174	Washington, District of Columbia, United States	AS3423ATTIS-ASN3423
0	2610:e8:3190:c1::100	United States	AS3423ATTIS-ASN3423
0	2610:e8:3190:c2::100	United States	AS3423ATTIS-ASN3423
3	4	-	-

Security Scan Report: g5.gov

Summary

AI Security Verdict

Safe Website

Safety Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History