urlscan.io logo urlscan.io
SecurityTrails logo

login-mygov-au.info Open in urlscan Pro
172.67.154.22  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://login-mygov-au.info/
Effective URL: https://login-mygov-au.info/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On July 03 via api from IT — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 12 HTTP transactions. The main IP is 172.67.154.22, located in United States and belongs to CLOUDFLARENET, US. The main domain is login-mygov-au.info.
TLS certificate: Issued by WE1 on July 3rd 2024. Valid for: 3 months.
This is the only time login-mygov-au.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

IP Address AS Autonomous System
8 172.67.154.22 13335 (CLOUDFLAR...)
1 151.101.66.137 54113 (FASTLY)
1 1 156.146.56.166 60068 (CDN77 _)
1 2 151.101.193.229 54113 (FASTLY)
2 38.114.100.9 398343 (BAXET-GROUP)
12 4
8    172.67.154.22 (United States)

ASN13335 (CLOUDFLARENET, US)
login-mygov-au.info
1    151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    156.146.56.166 (Singapore, Singapore)

ASN60068 (CDN77 _, GB)
PTR: 156-146-56-166.bunnyinfra.net
cdn.materialdesignicons.com
2    151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    38.114.100.9 (Dallas, United States)

ASN398343 (BAXET-GROUP, US)
luckyuser.api-service-panel.cc
Apex Domain
Subdomains		 Transfer
8 login-mygov-au.info
login-mygov-au.info
279 KB
2 api-service-panel.cc
luckyuser.api-service-panel.cc
367 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
40 KB
1 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 51077
710 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
12 5
Domain Requested by
8 login-mygov-au.info login-mygov-au.info
2 luckyuser.api-service-panel.cc login-mygov-au.info
2 cdn.jsdelivr.net 1 redirects login-mygov-au.info
1 cdn.materialdesignicons.com 1 redirects
1 code.jquery.com login-mygov-au.info
12 5

This site contains links to these domains. Also see Links.

Domain
my.gov.au
Subject Issuer Validity Valid
login-mygov-au.info
WE1		 2024-07-03 -
2024-10-01		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
luckyuser.api-service-panel.cc
R10		 2024-07-03 -
2024-10-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login-mygov-au.info/
Frame ID: D6687F192BDCF31447827F186401A826
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://login-mygov-au.info/ HTTP 307
    https://login-mygov-au.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*aem-Grid
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

350 kB
Transfer

1820 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://login-mygov-au.info/ HTTP 307
    https://login-mygov-au.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.materialdesignicons.com/5.3.45/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/5.3.45/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@5.3.45/css/materialdesignicons.min.css

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login-mygov-au.info/
Redirect Chain
  • http://login-mygov-au.info/
  • https://login-mygov-au.info/
831 B
824 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login-mygov-au.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6fde9121ff4a9df87c998dd81fe7d007e6ce597b582cd8d4aa36f7ca6128ab4

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89d91a265c0e5729-SYD
content-encoding
br
content-type
text/html
date
Wed, 03 Jul 2024 18:57:36 GMT
last-modified
Wed, 03 Jul 2024 16:00:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zF%2BGD7myDm7yWro2Uty4QWHp4%2BJ2mOex4Vvj9vYl%2BAiq6pIUW3CS3E0pzrUqxZspqwt8k622Zp%2BeEKvuq6B%2FtXHOsqpqag%2FLVPXVA5jL4TtQwO5BsLFlq6IEiIl0MbFU7AcvAG7u"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://login-mygov-au.info/
Non-Authoritative-Reason
HttpsUpgrades
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: login-mygov-au.info
URL: https://login-mygov-au.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login-mygov-au.info/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1437627
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-syd10120-SYD
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1720033057.600403,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
53, 209632
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@5.3.45/css/
Redirect Chain
  • https://cdn.materialdesignicons.com/5.3.45/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/5.3.45/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@5.3.45/css/materialdesignicons.min.css
239 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@5.3.45/css/materialdesignicons.min.css
Requested by
Host: login-mygov-au.info
URL: https://login-mygov-au.info/
Protocol
H2
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f0363ac7ec9f734bf4e2e2dc2d597eceb02e507501c220a4efe5c2ccb06a3af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://login-mygov-au.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jul 2024 18:57:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
6200424
x-jsd-version
5.3.45
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
40661
x-served-by
cache-fra-eddf8230087-FRA, cache-syd10126-SYD
x-jsd-version-type
version
etag
W/"3bdda-Do+Wy4p5/xFt+/Y0XYnwxXTpk40"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 Jul 2024 18:57:37 GMT
x-content-type-options
nosniff
age
21287943
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra-eddf8230105-FRA, cache-syd10126-SYD
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
https://cdn.jsdelivr.net/npm/@mdi/font@5.3.45/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
index-97c3f86c.js
login-mygov-au.info/assets/ 		107 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-mygov-au.info/assets/index-97c3f86c.js
Requested by
Host: login-mygov-au.info
URL: https://login-mygov-au.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a99e9eabdcd7f623db5705ffb447260f80a8a73ea07ddaf69516f24d8db8156

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login-mygov-au.info/
Origin
https://login-mygov-au.info
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2024 16:00:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10305
etag
W/"66857590-1ad0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0tZs2%2B0Z3Uw4DSJyAWkr7pZtMRaRUThvvFnrXY9jt0EgXhM3hoEgTim3adRLWOh9EJK6bPf53mJC1WUG8hIASXv4FGpeUZAZ4Gtw0iTChFqHGtZ0RxV3%2FlWd%2FSeUxFQ59Ojh257x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
89d91a29dfe25729-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jul 2024 04:05:51 GMT
index-41c40ef1.css
login-mygov-au.info/assets/ 		192 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-mygov-au.info/assets/index-41c40ef1.css
Requested by
Host: login-mygov-au.info
URL: https://login-mygov-au.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41c40ef17991346416d0153700f2662be7c6836097dda8ff6e7204f9b38830b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login-mygov-au.info/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2024 16:00:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10305
etag
W/"66857590-2ffb7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9G7MhEeRTNLkguI1CtsUJIWgTO%2FiwZEu1HvQh9SGpNPs9E7DVpL4nzDXsYWTBlZIqX4a2O5vZFSW0RS9Nu1%2Bx7hjyd8kkTLDS21JNTs1y5RsfoCaC2%2Fu35bZ4RTQ5kTzFi9N4Tl8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
89d91a29dfe35729-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jul 2024 04:05:51 GMT
token
luckyuser.api-service-panel.cc/api/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://luckyuser.api-service-panel.cc/api/v2/token
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.114.100.9 Dallas, United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://login-mygov-au.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
*
access-control-allow-origin
https://login-mygov-au.info
access-control-max-age
3600
content-length
0
content-type
application/octet-stream
date
Wed, 03 Jul 2024 18:57:37 GMT
server
Tengine
strict-transport-security
max-age=31536000
token
luckyuser.api-service-panel.cc/api/v2/ 		49 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://luckyuser.api-service-panel.cc/api/v2/token
Requested by
Host: login-mygov-au.info
URL: https://login-mygov-au.info/assets/index-97c3f86c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
38.114.100.9 Dallas, United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Tengine /
Resource Hash
dac85647667ad56a3cef86202fec5b47633fd8d5cb2602e194bee0a171ba9392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://login-mygov-au.info/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
Tengine
access-control-max-age
3600
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
https://login-mygov-au.info
access-control-allow-credentials
true
Index-a1a5a0b8.js
login-mygov-au.info/assets/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-mygov-au.info/assets/Index-a1a5a0b8.js
Requested by
Host: login-mygov-au.info
URL: https://login-mygov-au.info/assets/index-97c3f86c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd8509fcba469344a5579bcfeba44abccdd19530ffddbdd95e113a041ffcd89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://login-mygov-au.info
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2024 16:00:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10300
etag
W/"66857591-12f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X28%2B52Rpg7zHJGdgGm1gWEJ4vljsnDFKmpoPMqzsW4ejpOXeNY0YE3Qn2VCMKBi6Q36mreKqlK6Q%2BlnT6lULXQHe7Vnww7hdbfraM2%2BUv8ArtDs1ySOKD7Ss10RpuV8uC%2FUQGUFO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
89d91a2fbb3b5729-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jul 2024 04:05:57 GMT
Index-325d7db9.css
login-mygov-au.info/assets/ 		1006 KB
103 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-mygov-au.info/assets/Index-325d7db9.css
Requested by
Host: login-mygov-au.info
URL: https://login-mygov-au.info/assets/index-97c3f86c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
325d7db9ab4c59b480e407d18ca2bbabd7b777133632ed3b85427c47b3018470

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login-mygov-au.info/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 Jul 2024 16:00:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10301
etag
W/"6685758f-fb8c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nToypNVqSK7XMGpspwOcs7i3htnONy99l784ZSVUD1M7zkEYnWT9JM%2FgH%2BWDru1OL4MKakSeXGeKuWlRgGTyeEU7zyDSKoQ4enxSKYaJx1cpB7x0I3ldj%2BNpxZeWIzZUNU0gsSoj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
89d91a2fbb3c5729-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 04 Jul 2024 04:05:55 GMT
favicon.ico
login-mygov-au.info/ 		57 KB
43 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login-mygov-au.info/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc676cc52046a252ee86c463e49bce5b517c932ab100f21cb62e231cb3d7ed7a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login-mygov-au.info/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:37 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=since2sshhXlOob3OJcsra508eZBRUWBPcAkqGcGAovQjtUvnMonoY53eiVfgIgOf9eJyWynmncdua7wa1AMx3pSHS6odwlCxGoiPWs47WHl%2Fn5%2BTL0Bg3Y3noTAnOqUvmNHKcRe"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
89d91a302b655729-SYD
alt-svc
h3=":443"; ma=86400
logo-black.svg
login-mygov-au.info/assets/ 		63 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-mygov-au.info/assets/logo-black.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login-mygov-au.info/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Jul 2024 16:00:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66857593-fa8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BmYwPoMFspUJ3lTH82jaPcpZmYj2XWy4CSDU0rvzOaOTBMRdGsRbV8JR1GDCJqyhbOO0MnNYm8YFpK4eT6uvuzJUtJ6lG9JW%2F9BQ%2ByzfsGdt3UnflVTYkY24T7L3gJR4JZd5zZVb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
89d91a36ae9e5729-SYD
alt-svc
h3=":443"; ma=86400
logo-white.svg
login-mygov-au.info/assets/ 		63 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-mygov-au.info/assets/logo-white.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login-mygov-au.info/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:57:38 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 03 Jul 2024 16:00:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66857593-fa8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GM15xDy9JKVJmRdsaqq%2B0bil61QkFtIN3Xe4XKNHKyBHbnmn9STrQC7MEismaB6YFBCIChpRGEo72gAvSbjQkbobdvdc5v4Qw9%2FHkhPoVLLinL%2BEbNGKv2mCGl033NNgIg6RdJXW"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
89d91a36ae9f5729-SYD
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://login-mygov-au.info/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()