Report - govausinbox-secureaccess.com/myGovLogin.php

Report Overview

Visited public
2025-05-02 06:59:07
Tags
australia government phishing
URL
govausinbox-secureaccess.com/myGovLogin.php
Finishing URL
govausinbox-secureaccess.com/myGovLogin.php
IP / ASN
144.172.104.21
#0
Title
Sign in with myGov - myGov
Phishing - Australian Government

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
govausinbox-secureaccess.com	unknown	2025-05-02	2025-05-02	2025-05-02	5.9 kB	489 kB	144.172.104.21
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-30	1.7 kB	58 kB	142.250.178.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	govausinbox-secureaccess.com/myGovLogin.php	Function	37 B	2023-04-11	2025-05-10
Pretty URL govausinbox-secureaccess.com/myGovLogin.php IP 144.172.104.21 ASN #0 Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-05-10 03:48 Times Seen263451 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	govausinbox-secureaccess.com/myGovLogin.php	ScriptElement	35 kB	2024-11-25	2025-05-07
Pretty URL govausinbox-secureaccess.com/myGovLogin.php IP 144.172.104.21 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-25 06:10 Last Seen2025-05-07 07:00 Times Seen20 Hash 2d27f229906d885f5422a75480b15336 6e7516e01b2180684281ee7a5f1198c17631773c e390251e1f3aa7cf68a55ce1e1b58a88369c42961a92759985ce4d160e8869fd Loading...

	govausinbox-secureaccess.com/myGovLogin.php	Eval	16 kB	2024-11-25	2025-05-07
Pretty URL govausinbox-secureaccess.com/myGovLogin.php IP 144.172.104.21 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2024-11-25 06:10 Last Seen2025-05-07 07:00 Times Seen20 Hash 3971e33d086ad8f4c01371fee43fa873 10ae188ea39f2b352245ec092f4a03f9573c8e10 c8961e3129cea26a23b50145310002a085b5f2057636bcc8b63562fae8fb4488 Loading...

	govausinbox-secureaccess.com/psWR7TtZ/js/jquery-3.7.1.min.js	ScriptElement	88 kB	2023-10-23	2025-05-09
Pretty URL govausinbox-secureaccess.com/psWR7TtZ/js/jquery-3.7.1.min.js IP 144.172.104.21 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-23 00:47 Last Seen2025-05-09 07:00 Times Seen935 Hash b83db83a1d89113ee03ab730efa48c7a 2fccdd3e43db21bbc8448ed6d6311c4a6eea1166 99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a Loading...

	govausinbox-secureaccess.com/myGovLogin.php	Eval	33 kB	2024-11-25	2025-05-07
Pretty URL govausinbox-secureaccess.com/myGovLogin.php IP 144.172.104.21 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2024-11-25 06:10 Last Seen2025-05-07 07:00 Times Seen20 Hash a7ad944a743ff9c8bb7c33b73f94e46d c0ca9be1f486f8c9c52c7e7ed83950059231103c 243f4e9c067636d7513431604a4dc63373e32841ffea4675da78be1570d71511 Loading...

HTTP Transactions (14)

URL IP Response Size

govausinbox-secureaccess.com/psWR7TtZ/css/css.css

144.172.104.21

200 OK

18 kB

URL GET
govausinbox-secureaccess.com/psWR7TtZ/css/css.css
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
ASCII text
Size
18 kB (17638 bytes)
Hash
ec5a2e49b171cac0c9bb74bf22c80ad9
fa64d6176f607cc1c3c060c49538cdde8732b540
61ab17811800bf3a770d54fb8fa5c3995277977582e5b2797cae80e50c0fd269

HTTP Headers

GET /psWR7TtZ/css/css.css HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/myGovLogin.php
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 May 2025 06:58:36 GMT
etag: "44e6-672df17a-17a161;br"
last-modified: Fri, 08 Nov 2024 11:09:46 GMT
content-type: text/css
content-length: 848
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 May 2025 06:58:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

govausinbox-secureaccess.com/psWR7TtZ/css/blugov.css

144.172.104.21

200 OK

72 kB

URL GET
govausinbox-secureaccess.com/psWR7TtZ/css/blugov.css
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71995 bytes)
Hash
2caa00f01ae989b33edfee7cc1970053
7ce1d824279a1a930de510af7138d9937927a922
8b729f4bd91763e8201d517308533ffb158083f09037ce0d53c4831091d9c006

HTTP Headers

GET /psWR7TtZ/css/blugov.css HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/myGovLogin.php
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 May 2025 06:58:36 GMT
etag: "1193b-672dfd9b-17a160;br"
last-modified: Fri, 08 Nov 2024 12:01:31 GMT
content-type: text/css
content-length: 9490
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 May 2025 06:58:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

govausinbox-secureaccess.com/psWR7TtZ/img/FIDO_Passkey_mark_A_black.svg

144.172.104.21

200 OK

1.8 kB

URL GET
govausinbox-secureaccess.com/psWR7TtZ/img/FIDO_Passkey_mark_A_black.svg
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1839 bytes)
Hash
892ded589ebf01cadc1f3f0481d66a42
1ecdcb9be6f17ed2579d09a6dd54ef5c34dd417b
525f354955509f0e68d1de9b4a59e83919c7a1624aaf100a4754fa72eb508f49

HTTP Headers

GET /psWR7TtZ/img/FIDO_Passkey_mark_A_black.svg HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/myGovLogin.php
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 May 2025 06:58:36 GMT
etag: "72f-672b24ba-17a17d;br"
last-modified: Wed, 06 Nov 2024 08:11:38 GMT
content-type: image/svg+xml
content-length: 890
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 May 2025 06:58:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.178.67

200 OK

19 kB

URL GET
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.178.67:443
ASN
#15169 GOOGLE

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Size
19 kB (18596 bytes)
Hash
c83e4437a53d7f849f9d32df3d6b68f3
fabea5ad92ed3e2431659b02e7624df30d0c6bbc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://govausinbox-secureaccess.com
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 May 2025 18:05:45 GMT
expires: Fri, 01 May 2026 18:05:45 GMT
cache-control: public, max-age=31536000
age: 46372
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

govausinbox-secureaccess.com/psWR7TtZ/img/favicon-32x32.png

144.172.104.21

200 OK

360 B

URL GET
govausinbox-secureaccess.com/psWR7TtZ/img/favicon-32x32.png
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
360 B (360 bytes)
Hash
5710683f193422a2633fbfeb7739727e
72ba18310ee285af53d07b96b0a4bbbe395dd5bc
72d85defa53d08b2e7976209ec80d86c3fd416b85bd1a78d79620217963acb3e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Australian Government

HTTP Headers

GET /psWR7TtZ/img/favicon-32x32.png HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/myGovLogin.php
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 May 2025 06:58:37 GMT
etag: "168-672b2de5-17a17c;;;"
last-modified: Wed, 06 Nov 2024 08:50:45 GMT
content-type: image/png
content-length: 360
accept-ranges: bytes
date: Fri, 02 May 2025 06:58:37 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

govausinbox-secureaccess.com/psWR7TtZ/img/myGov-cobranded-logo-black.svg

144.172.104.21

200 OK

64 kB

URL GET
govausinbox-secureaccess.com/psWR7TtZ/img/myGov-cobranded-logo-black.svg
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
SVG Scalable Vector Graphics image
Size
64 kB (64143 bytes)
Hash
b53f20300babca4ebb422e59b888be1f
699c5898c6dd9d2b8b949db2e13c8f0b0d29e26b
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Australian Government

HTTP Headers

GET /psWR7TtZ/img/myGov-cobranded-logo-black.svg HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/myGovLogin.php
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 May 2025 06:58:36 GMT
etag: "fa8f-672df17b-17a181;br"
last-modified: Fri, 08 Nov 2024 11:09:47 GMT
content-type: image/svg+xml
content-length: 20310
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 May 2025 06:58:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.178.67

200 OK

18 kB

URL GET
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.178.67:443
ASN
#15169 GOOGLE

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://govausinbox-secureaccess.com
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Apr 2025 13:08:11 GMT
expires: Tue, 28 Apr 2026 13:08:11 GMT
cache-control: public, max-age=31536000
age: 323426
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.178.67

200 OK

19 kB

URL GET
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.178.67:443
ASN
#15169 GOOGLE

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint62:05:36:C2:8E:4C:CD:95:1E:1C:75:06:44:A3:57:E5:C0:17:02:80
ValidityMon, 31 Mar 2025 08:55:35 GMT - Mon, 23 Jun 2025 08:55:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18588, version 1.0
Size
19 kB (18588 bytes)
Hash
115c2d84727b41da5e9b4394887a8c40
44f495a7f32620e51acca2e78f7e0615cb305781
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://govausinbox-secureaccess.com
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 May 2025 18:19:17 GMT
expires: Fri, 01 May 2026 18:19:17 GMT
cache-control: public, max-age=31536000
age: 45560
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

govausinbox-secureaccess.com/myGovLogin.php

144.172.104.21

200 OK

44 kB

URL User Request GET
govausinbox-secureaccess.com/myGovLogin.php
IP
144.172.104.21:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
HTML document, ASCII text, with very long lines (35258), with CRLF line terminators
Size
44 kB (44124 bytes)
Hash
41d3edc121ba50969d557856a15a4fb3
c723efca01bf046f59c01c0caf615b1e689d3193
3155498a4e3be86d157e8ea01edcaab2b984a1645dd0ef46cfb24baa69b456d6

HTTP Headers

GET /myGovLogin.php HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
set-cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 13446
date: Fri, 02 May 2025 06:58:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

govausinbox-secureaccess.com/psWR7TtZ/css/mgv2-application.css

144.172.104.21

200 OK

130 kB

URL GET
govausinbox-secureaccess.com/psWR7TtZ/css/mgv2-application.css
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
ASCII text, with very long lines (59825)
Size
130 kB (129821 bytes)
Hash
9a35d84a87a2efc12ab7bb943e16b5da
d7b083965b88e6387fd47960c4be9d6a83b82d21
3c0267c7737f97fce8425ca552db300b05214f26173c2ae66ce0d26d987ddc07

HTTP Headers

GET /psWR7TtZ/css/mgv2-application.css HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/myGovLogin.php
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 May 2025 06:58:36 GMT
etag: "1fb1d-672df17a-17a16d;br"
last-modified: Fri, 08 Nov 2024 11:09:46 GMT
content-type: text/css
content-length: 19948
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 May 2025 06:58:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

govausinbox-secureaccess.com/psWR7TtZ/img/myGov-cobranded-logo-white.svg

144.172.104.21

200 OK

64 kB

URL GET
govausinbox-secureaccess.com/psWR7TtZ/img/myGov-cobranded-logo-white.svg
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
SVG Scalable Vector Graphics image
Size
64 kB (64140 bytes)
Hash
de646b2f77f5fa27d55a01bbb9cf584e
33316eb871adf6e08af7c780eb15872549d08dc3
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Australian Government

HTTP Headers

GET /psWR7TtZ/img/myGov-cobranded-logo-white.svg HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/myGovLogin.php
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 May 2025 06:58:36 GMT
etag: "fa8c-672df17b-17a182;br"
last-modified: Fri, 08 Nov 2024 11:09:47 GMT
content-type: image/svg+xml
content-length: 20312
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 May 2025 06:58:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

govausinbox-secureaccess.com/psWR7TtZ/js/jquery-3.7.1.min.js

144.172.104.21

200 OK

88 kB

URL GET
govausinbox-secureaccess.com/psWR7TtZ/js/jquery-3.7.1.min.js
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators
Size
88 kB (87533 bytes)
Hash
b83db83a1d89113ee03ab730efa48c7a
2fccdd3e43db21bbc8448ed6d6311c4a6eea1166
99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a

HTTP Headers

GET /psWR7TtZ/js/jquery-3.7.1.min.js HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/myGovLogin.php
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
etag: "155ed-66d4e37c-17a186;br"
last-modified: Sun, 01 Sep 2024 21:58:20 GMT
content-type: text/javascript
content-length: 29590
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 May 2025 06:58:36 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

govausinbox-secureaccess.com/psWR7TtZ/img/blugov-left-chevron-dark.svg

144.172.104.21

200 OK

256 B

URL GET
govausinbox-secureaccess.com/psWR7TtZ/img/blugov-left-chevron-dark.svg
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
SVG Scalable Vector Graphics image
Size
256 B (256 bytes)
Hash
3bd6778c09920983d0500e04b69dd3f9
0628af7455f8e55e3e98588ff57bc51d45be07e4
af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Australian Government

HTTP Headers

GET /psWR7TtZ/img/blugov-left-chevron-dark.svg HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/psWR7TtZ/css/blugov.css
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 May 2025 06:58:37 GMT
etag: "100-672df41b-17a17b;gz"
last-modified: Fri, 08 Nov 2024 11:20:59 GMT
content-type: image/svg+xml
accept-ranges: bytes
date: Fri, 02 May 2025 06:58:37 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

govausinbox-secureaccess.com/psWR7TtZ/icons/icon-blugov-info.svg

144.172.104.21

404 Not Found

1.2 kB

URL GET
govausinbox-secureaccess.com/psWR7TtZ/icons/icon-blugov-info.svg
IP
144.172.104.21:443
ASN
#0

Requested by
https://govausinbox-secureaccess.com/myGovLogin.php
Certificate
IssuerLet's Encrypt
Subjectgovausinbox-secureaccess.com
Fingerprint06:5F:23:2E:84:DE:8D:B2:DB:85:EC:D6:05:5F:E5:77:AA:30:EC:21
ValidityFri, 02 May 2025 04:55:31 GMT - Thu, 31 Jul 2025 04:55:30 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1249 bytes)
Hash
f58515dfe987f7e027c8a71bbc884621
bec6aebf5940ea88fbbff5748d539453d49fa284
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43

HTTP Headers

GET /psWR7TtZ/icons/icon-blugov-info.svg HTTP/1.1
Host: govausinbox-secureaccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://govausinbox-secureaccess.com/psWR7TtZ/css/blugov.css
Cookie: PHPSESSID=c3jtp7cqlm482r439fvcemgpbv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Fri, 02 May 2025 06:58:37 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate