urlscan.io logo urlscan.io
SecurityTrails logo

account-mygov-au.click Open in urlscan Pro
172.67.190.82  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://account-mygov-au.click/
Effective URL: https://account-mygov-au.click/index.html
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 10 via api from SG — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 172.67.190.82, located in United States and belongs to CLOUDFLARENET, US. The main domain is account-mygov-au.click.
TLS certificate: Issued by GTS CA 1P5 on August 10th 2023. Valid for: 3 months.
This is the only time account-mygov-au.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.76.60 13335 (CLOUDFLAR...)
2 11 172.67.190.82 13335 (CLOUDFLAR...)
1 74.125.68.95 15169 (GOOGLE)
2 64.233.170.94 ()
14 4
Apex Domain
Subdomains		 Transfer
12 account-mygov-au.click
account-mygov-au.click
88 KB
2 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
14 3
Domain Requested by
12 account-mygov-au.click 3 redirects account-mygov-au.click
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com account-mygov-au.click
14 3

This site contains links to these domains. Also see Links.

Domain
my.gov.au
Subject Issuer Validity Valid
account-mygov-au.click
GTS CA 1P5		 2023-08-10 -
2023-11-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://account-mygov-au.click/index.html
Frame ID: 79FEA138314D0B77C51A4E3F683C51AD
Requests: 12 HTTP requests in this frame

Frame: https://account-mygov-au.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Frame ID: 4B04D8641E9B6B4F427E12A56CA3692E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in with myGov - myGov

Page URL History Show full URLs

  1. http://account-mygov-au.click/ HTTP 301
    https://account-mygov-au.click/ Page URL
  2. https://account-mygov-au.click/ HTTP 302
    https://account-mygov-au.click/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

79 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

104 kB
Transfer

372 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://account-mygov-au.click/ HTTP 301
    https://account-mygov-au.click/ Page URL
  2. https://account-mygov-au.click/ HTTP 302
    https://account-mygov-au.click/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://account-mygov-au.click/ HTTP 301
  • https://account-mygov-au.click/
Request Chain 2
  • https://account-mygov-au.click/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://account-mygov-au.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
account-mygov-au.click/
Redirect Chain
  • http://account-mygov-au.click/
  • https://account-mygov-au.click/
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-mygov-au.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af382075701092429237b150cb44960219d0830b5008aa79e666697ab6e4941e
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7f47a5e06869a949-SYD
content-type
text/html; charset=utf-8
date
Thu, 10 Aug 2023 10:45:12 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yf2hWM1wqjdzAEgyImZicYkmthZYKS3DGuNoa%2Fs%2FvjnAGckKBnj3ud6%2Bm%2FLuzTMupj5Mu%2B4dPXOLgsXhQauodee8Xc%2FADfYcuce6WcdjIM9rMrrPnpTRZmuDgSQrgsBuYBPRdBH7R0ZR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

CF-RAY
7f47a5dcaf20a89a-SYD
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 10 Aug 2023 10:45:11 GMT
Expires
Thu, 10 Aug 2023 11:45:11 GMT
Location
https://account-mygov-au.click/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOgAaYdjFKWxW8%2F1kx1FfM2A%2FHCN97w52izA0d6f3JBy%2BaoCIDuw1DTCU50SfcrY9jss%2BSaXKPxv0ZBpKLaq5plESrOwlv28Lip%2F9ulSHpmLRJRS49wrX%2B7xYMm4d7uGGmZ%2ByiIPnN2K"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
/
account-mygov-au.click/ 		0
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://account-mygov-au.click/
Requested by
Host: account-mygov-au.click
URL: https://account-mygov-au.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
gUMeWMv-PZDlpUGuDLGYIWh-lg
29312832
accept-language
en-AU,en;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Referer
https://account-mygov-au.click/
tA6HPYVBSSES8Dq02ASXSylBCe4
ObfqxCMeUbnwjLpr16Ev1cyzzZc
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma
no-cache
date
Thu, 10 Aug 2023 10:45:13 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Te3RrSy0LiVjPSB7TttNkn1xW5E3WODV9Mzvxke%2F9s0wOZz9i9BkUdrjNpHEiuWaw5s2h%2FwDxFgJpaF7ksTRUhXEBrybxvjNsGW3OPUDcVF218Thgd86428aZKDyAfixgtvRHIaazCzI"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f47a5e4fe7da949-SYD
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
invisible.js
account-mygov-au.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/ Frame 4B04
Redirect Chain
  • https://account-mygov-au.click/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://account-mygov-au.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account-mygov-au.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
Protocol
H2
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67cb1dff14b50174449ceea4015ac1b2035b84449190f0d8d2508faea8b17622
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 10:45:13 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVq9bo6dJOmdrWAOU76cQ%2FPW7mgdYhRttPd%2B%2Fq0INm0hLaM5byrJaVHK3TYo0D4WT0l38kjsUluzpcHuWvZmJ3naR8%2FXjpv%2BwLGIrFsANzQk9Jh7tiZKbvDKRcV73j1ikJBsxxYvwfGl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7f47a5e5af6aa949-SYD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 10 Aug 2023 10:45:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFoYW414R6VXJqkFg1BhA5WUE6Ok6xyEhKWUJez9ppnd6Pyem3JAXsN1fh2qqlHM3w6R3wiH%2F2%2FK9YHDvglZFPU4TxN2RW8pUlg23ZQp5BwPYIshUP%2FiQnr1%2Bz9F8M%2FtxRKu2rDwK%2Fr1"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/7186c00a/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7f47a5e50e95a949-SYD
alt-svc
h3=":443"; ma=86400
7f47a5e06869a949
account-mygov-au.click/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4B04 		0
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://account-mygov-au.click/cdn-cgi/challenge-platform/h/b/cv/result/7f47a5e06869a949
Requested by
Host: account-mygov-au.click
URL: https://account-mygov-au.click/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 10 Aug 2023 10:45:13 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6RcuPlxGs3qT7fXgsvACLXnnrDuddOAk7ZECRks4pP0xln%2BSQZMO0siCYhubo5PEA1BcOcyzZgKI2HgGen9wZ34j%2BEr2Z%2BuelornYvVoJRZ0EHPkXd98kXu%2FKFKqQKbTuliCaX%2FUrTf"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7f47a5e70965a949-SYD
alt-svc
h3=":443"; ma=86400
Primary Request index.html
account-mygov-au.click/
Redirect Chain
  • https://account-mygov-au.click/
  • https://account-mygov-au.click/index.html
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account-mygov-au.click/index.html
Requested by
Host: account-mygov-au.click
URL: https://account-mygov-au.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3739f6b90b1b0b9e21921cb6665e6991824264e7b109412c548aac4294634a79
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://account-mygov-au.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f47a5ee0be0a949-SYD
content-encoding
br
content-type
text/html
date
Thu, 10 Aug 2023 10:45:14 GMT
last-modified
Sat, 18 Feb 2023 21:36:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7dfvyYM%2B4bwd0dmdLl9ScQDJm9sSsPOuhgkNesA8BSUw9GwynQIANJX0pO6VO%2Buf8giQlL17Kem%2FJlRfG9xcvlYByJq4fAI%2FhOmHXfer4y96NJpMBAYT60q9grlEiVfULfz2aQYfd2X"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f47a5e94c8ba949-SYD
content-type
text/html; charset=UTF-8
date
Thu, 10 Aug 2023 10:45:14 GMT
location
./index.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uW4ks1egUNCWktaYTL5wGtSBNrtWIlhu9AiLsNYbHwbkUHRVsl4vl7vk5x8%2FPeDIFA4HLHt6Z2LoPMCJUWMn0ATvAa9XgJJ%2FZOGiPxCs3%2BZ3PM0omnQ8be1jmEYL%2FuFJl5CioF4BGCb6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
Requested by
Host: account-mygov-au.click
URL: https://account-mygov-au.click/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
83d30b24fd278efcd6e840357edfcc795acf6fdf3ae77c9aad6037d26a9c9075
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://account-mygov-au.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 10 Aug 2023 10:45:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 09:01:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 10 Aug 2023 10:45:15 GMT
mgv2-application.css
account-mygov-au.click/css/ 		123 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account-mygov-au.click/css/mgv2-application.css
Requested by
Host: account-mygov-au.click
URL: https://account-mygov-au.click/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f820184b143520527fa900eb1d53900501f71106be05c653f6c2b81534f3801f
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://account-mygov-au.click/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 10:45:15 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Thu, 22 Dec 2022 12:50:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zjph0IaP0fOCia8ADzviKpDEhGf6pq4oyvaAgSI2XDYL%2Fgz6jZM%2FGJ%2FBj90wvzssUXYNjYycT95dJPds035PuP5IMHJkPJHbSv4ycR8hBpSkAIYtxneFTnpbDKKSwt6jrzxwuz7m%2FU0Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7f47a5f0982da949-SYD
expires
Sat, 09 Sep 2023 10:45:14 GMT
blugov.css
account-mygov-au.click/css/ 		69 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account-mygov-au.click/css/blugov.css
Requested by
Host: account-mygov-au.click
URL: https://account-mygov-au.click/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4217794b756a7de5f436ce268788f5f5ec0d457fbba048d13aa6addf30135b14
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://account-mygov-au.click/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 10:45:15 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Wed, 21 Dec 2022 11:24:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3jITsS0mPbi3I0rLK0i3PGpEwmbr%2BWzM6b%2F2BJUGhhZ6GFMn%2FhFWt2BD8GivRMvlLbFpGhqluV9nEM%2BaUf7HXYiHDteETwpk0MmsqvYEWSXFuXqgKGBT089XVq3goIYuoV32UVP3jSI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
7f47a5f0982ea949-SYD
expires
Sat, 09 Sep 2023 10:45:14 GMT
myGov-cobranded-logo-black.svg
account-mygov-au.click/images/ 		63 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account-mygov-au.click/images/myGov-cobranded-logo-black.svg
Requested by
Host: account-mygov-au.click
URL: https://account-mygov-au.click/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://account-mygov-au.click/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 10:45:16 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Wed, 21 Dec 2022 11:22:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATucvAh%2FEkOmGMtTddLGE8ZkmoSAuduWaHsWNv35bNhCCrSAxvyVe1lp5rSZkBbNpbaXlyQkUK9SukmWOacrRrF3l8t09Gz8rQUQVCXW2FI%2F1J8SuDKwmFOiw1ytTrG8QyE9bC6yfSaW"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=5184000
cf-ray
7f47a5f4bf2aa949-SYD
expires
Mon, 09 Oct 2023 10:45:15 GMT
myGov-cobranded-logo-white.svg
account-mygov-au.click/images/ 		63 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account-mygov-au.click/images/myGov-cobranded-logo-white.svg
Requested by
Host: account-mygov-au.click
URL: https://account-mygov-au.click/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.190.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://account-mygov-au.click/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 10:45:16 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Wed, 21 Dec 2022 11:22:04 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUc8ZAMM6PpUqLrnO0n8imFes%2FbUfDZgQsacH1puN3v%2FGHgnojJPffpNFp%2FSB%2Bi9Lv9GhmtoQM5GmnykPySCnKpTUZ6aLn0h3%2FhA3ZSh0Rcb7X1ZdKc29iGRN9lqGhdXx5bs5NlwJyXU"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=5184000
cf-ray
7f47a5f4bf2ca949-SYD
expires
Mon, 09 Oct 2023 10:45:15 GMT
icon-blugov-info.svg
account-mygov-au.click/icons/ 		0
0
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		5 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://account-mygov-au.click
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 13:43:37 GMT
x-content-type-options
nosniff
age
507702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 13:43:37 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:200,400,700|Roboto:300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://account-mygov-au.click
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 16:44:58 GMT
x-content-type-options
nosniff
age
496821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 16:44:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
account-mygov-au.click
URL
https://account-mygov-au.click/icons/icon-blugov-info.svg
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Domain/Path Name / Value
account-mygov-au.click/ Name: YowhvcdF9uq1m9lbOTqvmTZVHL4
Value: aDCrja0JdvtSkyx66XvD8k_OTIg
account-mygov-au.click/ Name: pXj_UJFsk9CCdGzvMM1YZOmgiqk
Value: 1691664275
account-mygov-au.click/ Name: 51NnjcFb67D_yrBQLX0Jbl5gUyU
Value: 1691750675
account-mygov-au.click/ Name: FcXq8eXvbdL4Y52ydUSzHv2r9BY
Value: neaON86r6zCJgxsul8ND96Hlllc
account-mygov-au.click/ Name: Yn--au9j0vhTOsqSFGKgQ4Y8eb0
Value: qv_2rr1rMb0s2igVuXpUQmO7nQ0
.account-mygov-au.click/ Name: cf_clearance
Value: WkvbWOx7noKiABz5v.2GJnpmONN_5BLvPO4l6gh9y9g-1691664313-0-1-9fa03b86.736846cb.c8a16466-0.2.1691664313
account-mygov-au.click/ Name: ngSIrqhno3L_U53tE0a_7rPsiks
Value: C5sB9jVvSha3Evj09iEW0OUwcMk
account-mygov-au.click/ Name: yZ6HRcTb9Zdo0xmgHv9XEsKUGog
Value: 1691664312
account-mygov-au.click/ Name: 3oHg_GN1qP42_6yCVVXYjCO1SN4
Value: 1691750712
account-mygov-au.click/ Name: YknSoxAmCRd0tXo57Pz1Y7i68zY
Value: T1FpM-yAgOt_4-EDAIa_tw4hUGc
account-mygov-au.click/ Name: pAk4pby8vrplRckXSlJK6ODFTnI
Value: TSkgNgx6-FmCNLZPlYwmpPGepgU

2 Console Messages

Source Level URL
Text
network error URL: https://account-mygov-au.click/
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://account-mygov-au.click/icons/icon-blugov-info.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block