![](/screenshots/618cba63-0ccc-4811-8fde-961ca00cc152.png)
account-mygov-au.click
Open in
urlscan Pro
172.67.190.82
Malicious Activity!
Public Scan
Effective URL: https://account-mygov-au.click/index.html
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 10 via api from SG — Scanned from AU
Summary
TLS certificate: Issued by GTS CA 1P5 on August 10th 2023. Valid for: 3 months.
This is the only time account-mygov-au.click was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Australian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.21.76.60 104.21.76.60 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 11 | 172.67.190.82 172.67.190.82 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 74.125.68.95 74.125.68.95 | 15169 (GOOGLE) (GOOGLE) | |
2 | 64.233.170.94 64.233.170.94 | () () | |
14 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
account-mygov-au.click
3 redirects
account-mygov-au.click |
88 KB |
2 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67 |
1 KB |
14 | 3 |
Domain | Requested by | |
---|---|---|
12 | account-mygov-au.click |
3 redirects
account-mygov-au.click
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
account-mygov-au.click
|
14 | 3 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
account-mygov-au.click GTS CA 1P5 |
2023-08-10 - 2023-11-08 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://account-mygov-au.click/index.html
Frame ID: 79FEA138314D0B77C51A4E3F683C51AD
Requests: 12 HTTP requests in this frame
Frame:
https://account-mygov-au.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Frame ID: 4B04D8641E9B6B4F427E12A56CA3692E
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/618cba63-0ccc-4811-8fde-961ca00cc152.png)
Page Title
Sign in with myGov - myGovPage URL History Show full URLs
-
http://account-mygov-au.click/
HTTP 301
https://account-mygov-au.click/ Page URL
-
https://account-mygov-au.click/
HTTP 302
https://account-mygov-au.click/index.html Page URL
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Create a myGov account
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://account-mygov-au.click/
HTTP 301
https://account-mygov-au.click/ Page URL
-
https://account-mygov-au.click/
HTTP 302
https://account-mygov-au.click/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://account-mygov-au.click/ HTTP 301
- https://account-mygov-au.click/
- https://account-mygov-au.click/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://account-mygov-au.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
account-mygov-au.click/ Redirect Chain
|
7 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
account-mygov-au.click/ |
0 687 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
account-mygov-au.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/ Frame 4B04 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
7f47a5e06869a949
account-mygov-au.click/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4B04 |
0 462 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
account-mygov-au.click/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mgv2-application.css
account-mygov-au.click/css/ |
123 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blugov.css
account-mygov-au.click/css/ |
69 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
myGov-cobranded-logo-black.svg
account-mygov-au.click/images/ |
63 KB 20 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
myGov-cobranded-logo-white.svg
account-mygov-au.click/images/ |
63 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon-blugov-info.svg
account-mygov-au.click/icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
5 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- account-mygov-au.click
- URL
- https://account-mygov-au.click/icons/icon-blugov-info.svg
- Domain
- fonts.gstatic.com
- URL
- https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Australian Government (Government)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
account-mygov-au.click/ | Name: YowhvcdF9uq1m9lbOTqvmTZVHL4 Value: aDCrja0JdvtSkyx66XvD8k_OTIg |
|
account-mygov-au.click/ | Name: pXj_UJFsk9CCdGzvMM1YZOmgiqk Value: 1691664275 |
|
account-mygov-au.click/ | Name: 51NnjcFb67D_yrBQLX0Jbl5gUyU Value: 1691750675 |
|
account-mygov-au.click/ | Name: FcXq8eXvbdL4Y52ydUSzHv2r9BY Value: neaON86r6zCJgxsul8ND96Hlllc |
|
account-mygov-au.click/ | Name: Yn--au9j0vhTOsqSFGKgQ4Y8eb0 Value: qv_2rr1rMb0s2igVuXpUQmO7nQ0 |
|
.account-mygov-au.click/ | Name: cf_clearance Value: WkvbWOx7noKiABz5v.2GJnpmONN_5BLvPO4l6gh9y9g-1691664313-0-1-9fa03b86.736846cb.c8a16466-0.2.1691664313 |
|
account-mygov-au.click/ | Name: ngSIrqhno3L_U53tE0a_7rPsiks Value: C5sB9jVvSha3Evj09iEW0OUwcMk |
|
account-mygov-au.click/ | Name: yZ6HRcTb9Zdo0xmgHv9XEsKUGog Value: 1691664312 |
|
account-mygov-au.click/ | Name: 3oHg_GN1qP42_6yCVVXYjCO1SN4 Value: 1691750712 |
|
account-mygov-au.click/ | Name: YknSoxAmCRd0tXo57Pz1Y7i68zY Value: T1FpM-yAgOt_4-EDAIa_tw4hUGc |
|
account-mygov-au.click/ | Name: pAk4pby8vrplRckXSlJK6ODFTnI Value: TSkgNgx6-FmCNLZPlYwmpPGepgU |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account-mygov-au.click
fonts.googleapis.com
fonts.gstatic.com
account-mygov-au.click
fonts.gstatic.com
104.21.76.60
172.67.190.82
64.233.170.94
74.125.68.95
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
3739f6b90b1b0b9e21921cb6665e6991824264e7b109412c548aac4294634a79
4217794b756a7de5f436ce268788f5f5ec0d457fbba048d13aa6addf30135b14
67cb1dff14b50174449ceea4015ac1b2035b84449190f0d8d2508faea8b17622
83d30b24fd278efcd6e840357edfcc795acf6fdf3ae77c9aad6037d26a9c9075
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
af382075701092429237b150cb44960219d0830b5008aa79e666697ab6e4941e
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f820184b143520527fa900eb1d53900501f71106be05c653f6c2b81534f3801f