arrowsofthethunderdragon.com.au Open in urlscan Pro
122.201.127.169 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3...
Submission: On March 28 via automatic, source openphish (March 28th 2023, 2:36:18 am UTC) — Scanned from AU

Summary HTTP 13 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 122.201.127.169, located in Australia and belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU. The main domain is arrowsofthethunderdragon.com.au.

This is the only time arrowsofthethunderdragon.com.au was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Charles Schwab (Financial)

Domain & IP information

	IP Address		AS Autonomous System
13	122.201.127.169 122.201.127.169		38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
13	2

13 122.201.127.169 (Australia)

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: ip7ac97fa9.ipv4.syd02.ds.network

arrowsofthethunderdragon.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	arrowsofthethunderdragon.com.au arrowsofthethunderdragon.com.au	76 KB
13	1

	Domain	Requested by
13	arrowsofthethunderdragon.com.au	arrowsofthethunderdragon.com.au
13	1

This site contains links to these domains. Also see Links.

Domain
invest.ameritrade.com
www.tdameritrade.com
auth.tdameritrade.com
www.finra.org
www.sipc.org

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e=
Frame ID: 7E25F4227CCE2E2EC1F898529BAFAD70
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TD Ameritrade

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

13
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

76 kB
Transfer

219 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://invest.ameritrade.com/grid/p/forgotUsername
Title: Forgot user ID?

Search URL Search Domain Scan URL

URL: https://invest.ameritrade.com/grid/p/forgotPassword
Title: Forgot password?

Search URL Search Domain Scan URL

URL: https://invest.ameritrade.com/grid/p/createUserId
Title: Create user ID

Search URL Search Domain Scan URL

URL: https://www.tdameritrade.com/openanaccount.html?cid=MOBI@AMER.OAUTHAP
Title: Open a new account

Search URL Search Domain Scan URL

URL: https://www.tdameritrade.com/logon-help.page
Title: Log-in help

Search URL Search Domain Scan URL

URL: https://www.tdameritrade.com/why-td-ameritrade/contact-us.page
Title: Contact us

Search URL Search Domain Scan URL

URL: https://auth.tdameritrade.com/security-center
Title: Security settings

Search URL Search Domain Scan URL

URL: https://www.finra.org/
Title: FINRA

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response arrowsofthethunderdragon.com.au/td/	5 KB 2 KB	869ms 112ms	Document text/html	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `0ff20d5a6ac2b992dab3f94d3e52811909daef86371708f3a8834590e5e72a0d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Content-Encoding gzip Content-Length 2125 Content-Type text/html; charset=UTF-8 Date Tue, 28 Mar 2023 02:36:13 GMT Server nginx Upgrade h2,h2c Vary Accept-Encoding
GET H/1.1	200 OK	tdasans_remote.css arrowsofthethunderdragon.com.au/td/css/	4 KB 752 B	103ms 103ms	Stylesheet text/css	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `f9583f9709cda6506cb1f30e7420f6c8f03d8ec2c843d9007d1d92bfc99dd681` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:13 GMT Content-Encoding gzip Last-Modified Thu, 09 Feb 2023 04:05:42 GMT Server nginx Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Accept-Ranges bytes Content-Length 504
GET H/1.1	200 OK	verde-components-0.1.0.css arrowsofthethunderdragon.com.au/td/css/	58 KB 18 KB	108ms 104ms	Stylesheet text/css	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/css/verde-components-0.1.0.css Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `63952f93e27100bd5758410ed43996ad09523c932311072bb6d17f79a5373faa` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:13 GMT Content-Encoding gzip Last-Modified Thu, 09 Feb 2023 04:05:42 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css
GET H/1.1	200 OK	verde-global-0.1.0.css arrowsofthethunderdragon.com.au/td/css/	85 KB 31 KB	206ms 103ms	Stylesheet text/css	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/css/verde-global-0.1.0.css Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `019eb78081e4a0a7716ceef2117c0a1d34204cbb1a64cb4e5244ddfd359a85d7` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:13 GMT Content-Encoding gzip Last-Modified Thu, 09 Feb 2023 04:05:42 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css
GET H/1.1	200 OK	authorize_tdspec.css arrowsofthethunderdragon.com.au/td/css/	52 KB 18 KB	208ms 103ms	Stylesheet text/css	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/css/authorize_tdspec.css Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `a864aa29ae6fbce400a8332e002523f473cd7df81ad306a2f69f5fc05daefd01` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:13 GMT Content-Encoding gzip Last-Modified Thu, 09 Feb 2023 04:05:42 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css
GET H/1.1	200 OK	breakpoints.css arrowsofthethunderdragon.com.au/td/css/	3 KB 1 KB	208ms 104ms	Stylesheet text/css	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/css/breakpoints.css Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `9b2872155bd1a64e04332cfd04603c2d3b97233be0da9c303e0b67ea7744c9a5` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:13 GMT Content-Encoding gzip Last-Modified Thu, 09 Feb 2023 04:05:42 GMT Server nginx Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Accept-Ranges bytes Content-Length 992
GET H/1.1	200 OK	retailweb.css arrowsofthethunderdragon.com.au/td/css/	272 B 408 B	209ms 105ms	Stylesheet text/css	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/css/retailweb.css Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `d4787b2530af8d439de32f005eeb10b9be772412418c75f7ef1644b8a0d24507` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:13 GMT Content-Encoding gzip Last-Modified Thu, 09 Feb 2023 04:05:42 GMT Server nginx Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Accept-Ranges bytes Content-Length 160
GET H/1.1	200 OK	details-shim.min.css arrowsofthethunderdragon.com.au/td/css/	441 B 429 B	206ms 103ms	Stylesheet text/css	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/css/details-shim.min.css Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `bcc1197e8910e9555167790b1162ddd6276733001966535181a4af3462d89c01` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:13 GMT Content-Encoding gzip Last-Modified Thu, 09 Feb 2023 04:05:42 GMT Server nginx Vary Accept-Encoding Upgrade h2,h2c Content-Type text/css Accept-Ranges bytes Content-Length 181
GET H/1.1	200 OK	logo.svg arrowsofthethunderdragon.com.au/td/css/	8 KB 3 KB	109ms 108ms	Image image/svg+xml	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Show image Full URL http://arrowsofthethunderdragon.com.au/td/css/logo.svg Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash `ec2f139f3484ff80d9515e425d3573b49024b78ca8dc313dcd2617676b204424` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/td/login.php?sesionid=wl0gkv6invm7vxvvpxpmoggz70dtlx4zq72fla5n11ky2v94wy0pvh3bzeujm2bbaee580lar3t301hn7u8e38tu58edyxf1xv55&e= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:14 GMT Content-Encoding gzip Last-Modified Thu, 09 Feb 2023 04:05:42 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Upgrade h2,h2c Content-Type image/svg+xml
GET DATA	200 OK	truncated /	611 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0376e1284d59c310ce07d9ff2261410bee8e134e54dcb2e3f7f56ce4b4238fe0` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	359 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `29796b23228e2aba0364fafbbdc9e3f555da9f68a802c79bdfd3ca6cc4955e3c` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	515 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ac01dd3756ac512c994a05f53cd6fe84ac7d1a80b862850182a19f95be8b4b4c` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	405 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ae3dbefd29009c6e2193e1f9bd4928689816ff7979dc18ef9cb4d856219ce18c` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	663 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5a8c2b0f92724a70f77364e00fdc492ffe7dd4c73e485cc0f3886e66d1eb82b0` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `53b811cd00e1321f0e93209b3f0e6800bfc84e37708c9d43a82bee492ba382fb` Request headers accept-language en-AU,en;q=0.9 Referer http://arrowsofthethunderdragon.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H/1.1	404 Not Found	TDAmeritradeSans-Regular_v1-12.woff2 arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/	0 0	109ms 109ms	Font text/html	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/TDAmeritradeSans-Regular_v1-12.woff2 Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash Request headers Referer http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Origin http://arrowsofthethunderdragon.com.au accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:14 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	TDAmeritradeSans-Medium_v1-12.woff2 arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/	0 0	109ms 108ms	Font text/html	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/TDAmeritradeSans-Medium_v1-12.woff2 Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash Request headers Referer http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Origin http://arrowsofthethunderdragon.com.au accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:14 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	TDAmeritradeSans-Medium_v1-12.woff arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/	0 0	108ms 108ms	Font text/html	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/TDAmeritradeSans-Medium_v1-12.woff Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash Request headers Referer http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Origin http://arrowsofthethunderdragon.com.au accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:14 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	TDAmeritradeSans-Regular_v1-12.woff arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/	0 0	108ms 108ms	Font text/html	122.201.127.169 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/TDAmeritradeSans-Regular_v1-12.woff Requested by Host: arrowsofthethunderdragon.com.au URL: http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Protocol HTTP/1.1 Server 122.201.127.169 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fa9.ipv4.syd02.ds.network Software nginx / Resource Hash Request headers Referer http://arrowsofthethunderdragon.com.au/td/css/tdasans_remote.css Origin http://arrowsofthethunderdragon.com.au accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Tue, 28 Mar 2023 02:36:14 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Charles Schwab (Financial)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| clientId boolean| activeactive

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/TDAmeritradeSans-Medium_v1-12.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/TDAmeritradeSans-Regular_v1-12.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/TDAmeritradeSans-Medium_v1-12.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://arrowsofthethunderdragon.com.au/td/fonts/tdasans-display/TDAmeritradeSans-Regular_v1-12.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arrowsofthethunderdragon.com.au
122.201.127.169
019eb78081e4a0a7716ceef2117c0a1d34204cbb1a64cb4e5244ddfd359a85d7
0376e1284d59c310ce07d9ff2261410bee8e134e54dcb2e3f7f56ce4b4238fe0
0ff20d5a6ac2b992dab3f94d3e52811909daef86371708f3a8834590e5e72a0d
29796b23228e2aba0364fafbbdc9e3f555da9f68a802c79bdfd3ca6cc4955e3c
53b811cd00e1321f0e93209b3f0e6800bfc84e37708c9d43a82bee492ba382fb
5a8c2b0f92724a70f77364e00fdc492ffe7dd4c73e485cc0f3886e66d1eb82b0
63952f93e27100bd5758410ed43996ad09523c932311072bb6d17f79a5373faa
9b2872155bd1a64e04332cfd04603c2d3b97233be0da9c303e0b67ea7744c9a5
a864aa29ae6fbce400a8332e002523f473cd7df81ad306a2f69f5fc05daefd01
ac01dd3756ac512c994a05f53cd6fe84ac7d1a80b862850182a19f95be8b4b4c
ae3dbefd29009c6e2193e1f9bd4928689816ff7979dc18ef9cb4d856219ce18c
bcc1197e8910e9555167790b1162ddd6276733001966535181a4af3462d89c01
d4787b2530af8d439de32f005eeb10b9be772412418c75f7ef1644b8a0d24507
ec2f139f3484ff80d9515e425d3573b49024b78ca8dc313dcd2617676b204424
f9583f9709cda6506cb1f30e7420f6c8f03d8ec2c843d9007d1d92bfc99dd681

arrowsofthethunderdragon.com.au Open in urlscan Pro 122.201.127.169 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

76 kBTransfer

219 kBSize

0 Cookies

9 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

arrowsofthethunderdragon.com.au Open in urlscan Pro
122.201.127.169 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

76 kB
Transfer

219 kB
Size

0
Cookies

13 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!