mygoau.com
Open in
urlscan Pro
156.67.222.218
Malicious Activity!
Public Scan
Effective URL: https://mygoau.com/
Submission: On October 28 via manual from AU
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 25th 2019. Valid for: 3 months.
This is the only time mygoau.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Australian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 66.96.147.159 66.96.147.159 | 29873 (BIZLAND-SD) (BIZLAND-SD - The Endurance International Group) | |
1 1 | 104.109.69.194 104.109.69.194 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
11 | 156.67.222.218 156.67.222.218 | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 2a00:1450:400... 2a00:1450:4001:81e::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
12 | 2 |
ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US)
PTR: 159.147.96.66.static.eigbox.net
taxau.info |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-69-194.deploy.static.akamaitechnologies.com
www.taxau.info |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
mygoau.com
mygoau.com |
107 KB |
2 |
taxau.info
2 redirects
taxau.info www.taxau.info |
573 B |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
12 | 3 |
Domain | Requested by | |
---|---|---|
11 | mygoau.com |
mygoau.com
|
1 | ajax.googleapis.com |
mygoau.com
|
1 | www.taxau.info | 1 redirects |
1 | taxau.info | 1 redirects |
12 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mygoau.com Let's Encrypt Authority X3 |
2019-10-25 - 2020-01-23 |
3 months | crt.sh |
*.googleapis.com GTS CA 1O1 |
2019-10-10 - 2020-01-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mygoau.com/
Frame ID: E546FF605C0A20384C77A3C800699D2F
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://taxau.info/
HTTP 301
https://www.taxau.info/ HTTP 302
https://mygoau.com/ Page URL
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://taxau.info/
HTTP 301
https://www.taxau.info/ HTTP 302
https://mygoau.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mygoau.com/ Redirect Chain
|
31 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.css
mygoau.com/file/ |
91 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax.js
mygoau.com/file/ |
275 B 352 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
austgovt-inline-white.svg
mygoau.com/file/ |
113 KB 33 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mygov-logo.svg
mygoau.com/file/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hand-code-device.svg
mygoau.com/file/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
austgovt-inline.svg
mygoau.com/file/ |
113 KB 33 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creditly.js
mygoau.com/file/ |
15 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie.js
mygoau.com/file/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ato.png
mygoau.com/file/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ok.png
mygoau.com/file/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Australian Government (Government)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| createObject object| http function| $ function| jQuery object| Creditly function| insertReply string| pattl string| pattp string| patts function| OnSelectionChange0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
mygoau.com
taxau.info
www.taxau.info
104.109.69.194
156.67.222.218
2a00:1450:4001:81e::200a
66.96.147.159
02e5bd3b761f313f3385750d1faaff500db7967e1179afdba3e22c69f3322db2
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721
4fe25ba82974e388b37b9d893dd5cbb15f3c88a1f705d337d95101e5598062bd
575661b1c2f4b45afbb9c5563cc20aaad23df9e4f52aa6be6075213209c0d722
6306d770e953b2e63511520ca1479569190e2eba3eb90622dc4c1912a5468525
631ea2bc942c1791920270ba02eef37774aa10db3994b4936a2b5f891a970ff7
6aa2ea0d5937fdfb1e2bcf536e4a080832c589a72d3a458ff2aec12807eaedff
83d3b344987357613e7ef52d236efce5089be65576eb26a8214e4db362e12ed6
91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb
f123bda4af8b57bf1a683920703c7841ba38aa4a98c02ef01b92d2b1d2696132
f6dc7be2a78fd6362c0a423cac506f278f56077dfe8cb06b232770b2dfe8b6ff