my-service.viewdns.net
Open in
urlscan Pro
89.203.249.186
Malicious Activity!
Public Scan
URL:
https://my-service.viewdns.net/new/LoginServices/main/index.html
Submission: On June 27 via automatic, source openphish — Scanned from DE
Submission: On June 27 via automatic, source openphish — Scanned from DE
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 19 HTTP transactions.
The main IP is 89.203.249.186, located in
Czech Republic and
belongs to CDT-AS The Czech Republic, CZ.
The main domain is my-service.viewdns.net.
TLS certificate: Issued by R3 on June 26th 2022. Valid for: 3 months.
This is the only time my-service.viewdns.net was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 26th 2022. Valid for: 3 months.
This is the only time my-service.viewdns.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Australian Government (Government)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 12 | 89.203.249.186 89.203.249.186 | 25512 (CDT-AS Th...) (CDT-AS The Czech Republic) | |
| 6 | 2407:6a00:c00... 2407:6a00:c00:0:161:146:235:225 | 18055 (CENTRELIN...) (CENTRELINK Department of Human Services) | |
| 19 | 3 |
12
89.203.249.186
(Czech Republic)
ASN25512 (CDT-AS The Czech Republic, CZ)
PTR: 186-249-203-89.hicoria.com
ASN25512 (CDT-AS The Czech Republic, CZ)
PTR: 186-249-203-89.hicoria.com
| my-service.viewdns.net |
6
2407:6a00:c00:0:161:146:235:225
(Australia)
ASN18055 (CENTRELINK Department of Human Services, AU)
ASN18055 (CENTRELINK Department of Human Services, AU)
| my.gov.au |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
viewdns.net
my-service.viewdns.net |
1 MB |
| 6 |
my.gov.au
my.gov.au — Cisco Umbrella Rank: 924952 |
192 KB |
| 19 | 2 |
| Domain | Requested by | |
|---|---|---|
| 12 | my-service.viewdns.net |
my-service.viewdns.net
|
| 6 | my.gov.au |
my-service.viewdns.net
|
| 19 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| beta.my.gov.au |
| my.gov.au |
| australia.gov.au |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| my-service.viewdns.net R3 |
2022-06-26 - 2022-09-24 |
3 months | crt.sh |
| www.my.gov.au Entrust Certification Authority - L1M |
2022-06-17 - 2023-06-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://my-service.viewdns.net/new/LoginServices/main/index.html
Frame ID: 41A7DFF657092DEC0CE7E025803E8EA0
Requests: 18 HTTP requests in this frame
11 Outgoing links
These are links going to different origins than the main page.
URL: https://beta.my.gov.au/
Title: myGov Beta
Title: myGov Beta
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov
Search URL Search Domain Scan URL
URL: https://australia.gov.au/
Title: australia.gov.au
Title: australia.gov.au
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov/content/html/about.html
Title: About myGov
Title: About myGov
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov/content/html/contact.html
Title: Contact us
Title: Contact us
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov/content/html/terms.html
Title: Terms of use
Title: Terms of use
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov/content/html/privacy.html
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov/content/html/copyright.html
Title: Copyright
Title: Copyright
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov/content/html/security.html
Title: Security
Title: Security
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov/content/html/accessibility.html
Title: Accessibility
Title: Accessibility
Search URL Search Domain Scan URL
URL: https://my.gov.au/mygov/content/html/help.html
Title: Help
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
index.html
my-service.viewdns.net/new/LoginServices/main/ |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ruxitagentjs_ICA2Vfghjqrux_10235220309135426.js
my-service.viewdns.net/new/LoginServices/main/ |
245 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mgv2-application.css
my-service.viewdns.net/new/mygov/content/mgv2/css/ |
123 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
austgovt-inline-white.svg
my.gov.au/mygov/content/mgv2/icons/ |
113 KB 114 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mygov-logo.svg
my.gov.au/mygov/content/mgv2/icons/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dismiss-x.svg
my.gov.au/mygov/content/mgv2/icons/ |
839 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
test11.png
my-service.viewdns.net/new/LoginServices/main/ |
89 KB 89 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo311.png
my-service.viewdns.net/new/LoginServices/main/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
test80.png
my-service.viewdns.net/new/LoginServices/main/ |
97 KB 98 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
test3.png
my-service.viewdns.net/new/LoginServices/main/ |
530 KB 531 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tesst444.png
my-service.viewdns.net/new/LoginServices/main/ |
135 KB 135 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icon-external-link-blue.svg
my.gov.au/mygov/content/mgv2/icons/ |
742 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
austgovt-inline.svg
my.gov.au/mygov/content/mgv2/icons/ |
71 KB 72 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mgv2-vendor.js
my-service.viewdns.net/new/mygov/content/mgv2/js/ |
148 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mgv2-application.js
my-service.viewdns.net/new/mygov/content/mgv2/js/ |
73 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.js
my-service.viewdns.net/new/mygov/content/mgv2/js/ |
2 KB 716 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H/1.1 |
vagt
my.gov.au/mga/sps/apiauthsvc/policy/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET.html |
vagt
my.gov.au/mga/sps/apiauthsvc/policy/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
rb_6de8e2e9-6719-45b3-86be-7effcb9f6525
my-service.viewdns.net/LoginServices/main/ |
808 B 500 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- my.gov.au
- URL
- https://my.gov.au/mga/sps/apiauthsvc/policy/vagt
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Australian Government (Government)96 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dT_ object| dtrum function| $ function| moment function| cleanDefaultValues function| setMandatoryValues function| findInfoOrErrorParent function| findSuccessParent function| clearMessageType function| setErrorParent object| formHelper function| getGreetingTime function| initPinToggle function| setPinShow function| setPinHide boolean| va_isMaximised boolean| va_isOpen boolean| va_isMobile undefined| va_pushTimeout boolean| va_chatStarted string| titleBarTitle string| headingTitle function| getMobileHeader function| getDesktopHeader function| getAltText function| setAltText function| calcRightMargin function| insertDiv function| insertIframe function| determineContext function| insertIframeSrc function| setIFrameSrc function| sendGoogleAnalyltics function| addTimer function| disableBGScrolling function| enableBGScrolling function| toggleVAMobile function| addOnClickMobile function| isWindowMobile function| responsiveResize function| toggleVADesktop function| addOnClickDesktop function| addOnResize function| resizeVA function| addOnBackwardsTabbing function| loopFocusBackwardWithError function| addSkipToConversationTabListener function| addOnSkipToConversation function| addSkipToBot function| hideSkipToConversation function| skipToSkipToConversation function| skipToResizeIcon function| postMessageToIframe function| addListenerForIframe function| addDigitalAssistant function| scrollPageToBottom function| isIE function| newShowIdentityModal function| ignoreSubmit function| handleKeyboardInput function| trapFocusPrimary function| removeSelection function| trapFocusSecondary function| keyboardDismiss function| enableProgressButton function| summonSecondModal function| hideSecondaryModal function| harshHideIdentityModal function| fadeOutBackground function| newHideIdentityModal undefined| lastInteractionDate undefined| timeoutEventId function| getToken function| isValidToken function| parseToken function| checkAuthenticated function| setDAsource function| recordBotInteraction function| initiateNewConversation object| storage function| isWebView object| global function| priorityLookup function| compareDates function| getTopAlert function| getTopBroadcast function| displayBroadcast8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .viewdns.net/ | Name: dtCookie Value: v_4_srv_-2D57_sn_0LJGRB79N2E5HOIB73AC37NKOJ3CP34P |
|
| .viewdns.net/ | Name: rxVisitor Value: 16563356397175LSSTMFU1MUKJ5CPJ5OA5TLO7IIHUSMV |
|
| .viewdns.net/ | Name: dtLatC Value: 31 |
|
| .viewdns.net/ | Name: dtSa Value: - |
|
| my.gov.au/ | Name: PD_STATEFUL_e8a1d6bc-31d2-11e6-b102-0050568e537f Value: mygov |
|
| my.gov.au/ | Name: BIGipServerU6x0BR21GN7aYi6bmRGLng Value: !YwjlHK5VL4An0RyU6TFomdAxad1I6r+iqEmlrprnYBsNptENWxa39mKoekBQvchyRu189OzGzNaZOQ== |
|
| .viewdns.net/ | Name: rxvt Value: 1656337442150|1656335639718 |
|
| .viewdns.net/ | Name: dtPC Value: -57$335639714_44h-vONKIGJHSMCJAVEIIPOUWABIMACHPPPBP-0e0 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
my-service.viewdns.net
my.gov.au
my.gov.au
2407:6a00:c00:0:161:146:235:225
89.203.249.186
0b4d02519ddde0348aac7002ace7bd7ca8422f2a74a17b4088702fc653d12700
1330e3d8b88f4f0724dc18b84a4356f87fd77ba62e00f08125e09beef991ff27
2bedda083bdbe6820e493159f1e3e27146b96ef6840094bd74447925e8c66e26
3940dae9927947b906bd57c6437f8ff4896865f38de9be7eeca8d9ea4120471f
42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721
5142520dadd78f43a430fc6da66e98a5b27d20f048f00fd25cc9e6d5e0bc8ee4
6a742289a8a2f64034a6326b3fe6e61b20b21654807198c08d81e5ee986a96ef
74ed36e29b3f2af1c5583b8336a9bfb9128fee3eb5207c02c6d203c15e9f162c
7b6cfb258390e4a7213a5e09e3abc2e8b8631c497f8889e8e9e345ef2d0e4f06
91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb
a3e9863b69280adb1c01eb12d33cb2fbaeecd5423e15400caad5ff4a5e4aeac9
b30a4a24687d4ca362c05fdda8d3cfcf2de0dc7b0e5b0f9fab870e15e5695fc0
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
bfbb8c3288312fe27cba0cdd45fe392f7f8af33c3d61c78b133744c7b494c8e8
d2912ef4ed338b067128cd9ac5131514d27c45a4ce3d6fdd4308697103809c11
d46f5235aa2f76acc24ebc83913a8afb41ef44bfb2aa952c3e48a080047cbe34
e470bb1617b294c5f4c8c456278f819d1640b90c2c15e5d237d3c0683aa32a22