lee-johnson.co.nz Open in urlscan Pro
185.184.154.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e399693...
Effective URL:
https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e399693...
Submission: On May 30 via api (May 30th 2024, 9:05:30 pm UTC) from US — Scanned from NZ

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 185.184.154.65, located in Sydney, Australia and belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU. The main domain is lee-johnson.co.nz.
TLS certificate: Issued by R3 on April 24th 2024. Valid for: 3 months.

This is the only time lee-johnson.co.nz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2	185.184.154.65 185.184.154.65	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	34.197.227.58 34.197.227.58	14618 (AMAZON-AES) (AMAZON-AES)
9	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
3	163.172.253.37 163.172.253.37	12876 (Online SAS) (Online SAS)
18	5

2 185.184.154.65 (Sydney, Australia)

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: ipb9b89a41.ipv4.syd02.ds.network

lee-johnson.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.197.227.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-227-58.compute-1.amazonaws.com

pacific-iridescent-lunge.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.glitch.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.172.253.37 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-253-37.rev.poneytelecom.eu

www.sado-sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	glitch.global cdn.glitch.global — Cisco Umbrella Rank: 218303	134 KB
3	sado-sa.com www.sado-sa.com	13 KB
2	glitch.me pacific-iridescent-lunge.glitch.me	90 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	50 KB
2	lee-johnson.co.nz lee-johnson.co.nz	2 KB
18	5

	Domain	Requested by
9	cdn.glitch.global	lee-johnson.co.nz
3	www.sado-sa.com	lee-johnson.co.nz
2	pacific-iridescent-lunge.glitch.me	lee-johnson.co.nz
2	cdn.jsdelivr.net	lee-johnson.co.nz
2	lee-johnson.co.nz
18	5

This site contains no links.

Subject Issuer	Validity	Valid
webdisk.lee-johnson.co.nz R3	`2024-04-24` - `2024-07-23`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
cdn.glitch.global R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
*.sado-sa.com R3	`2024-05-22` - `2024-08-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Frame ID: 11E46493AE78C337A2DC5715AF60643A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft | SharePoint

Page URL History Show full URLs

http://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkh... HTTP 307
https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkh... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

18
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

289 kB
Transfer

477 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html HTTP 307
https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html Show response
lee-johnson.co.nz/mn/
Redirect Chain

http://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html

9 KB
2 KB

229ms
64ms

Document
text/html

185.184.154.65
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.154.65 Sydney, Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb9b89a41.ipv4.syd02.ds.network
Software: Apache /
Resource Hash: 4f039c50843b6612b0dd48bfacd50e6fcd784630e4bd2be9f41ad4fc3f46df92

Request headers

Accept-Language: en-NZ,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 2146
content-type: text/html
date: Thu, 30 May 2024 21:05:23 GMT
last-modified: Tue, 28 May 2024 22:49:52 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Location: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
26 KB 101ms
32ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: lee-johnson.co.nz
URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 May 2024 21:05:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3862866
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26333
x-served-by: cache-fra-etou8220101-FRA, cache-akl10327-AKL
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
pacific-iridescent-lunge.glitch.me/ 1 KB
2 KB 1473ms
975ms Stylesheet
text/css 34.197.227.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pacific-iridescent-lunge.glitch.me/style.css
Requested by: Host: lee-johnson.co.nz
URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.227.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-227-58.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b48a7a21cfe1c5ada20a91b04bcb21a71bc831023e454322d4ee59e5a87a030d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 21:05:24 GMT
x-amz-version-id: EUxRFf5vL34wwqq6iPKo4I2dBUdGNYUK
last-modified: Wed, 17 Apr 2024 03:19:25 GMT
server: AmazonS3
x-amz-request-id: 20FQPVFM0JWNB8YA
etag: "de8f3941759229e1f95a842f8fa38106"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 1439
x-amz-id-2: Zig0ac2B6x+qgIicrJ5xh5ASi8eMKhl81qrzZXouZjsZX5VoYAX9WsUWD9x/V62YR9b4OkCWWi5H6NmsVB5kkI9cehfDlSU/40FjuN3oZWs=

GET
H2 200 jquery.min.js Show response
pacific-iridescent-lunge.glitch.me/ 87 KB
88 KB 985ms
488ms Script
application/javascript 34.197.227.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pacific-iridescent-lunge.glitch.me/jquery.min.js
Requested by: Host: lee-johnson.co.nz
URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.227.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-227-58.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 21:05:24 GMT
x-amz-version-id: gQ30omWSr.cAbqCiFoRs9QCqdu5sJVVK
last-modified: Wed, 17 Apr 2024 03:19:25 GMT
server: AmazonS3
x-amz-request-id: 20FQQHFR6ZBTWXZ7
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 89476
x-amz-id-2: /7cz/NtTbuvd3PDXYHn2GyIWqZaEwNtsHozcNR1PC6LfoyYsc+/nppkfFuuzIJAMFk3b01H8upA=

GET
H2 200 logo.jpg
cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ 11 KB
11 KB 106ms
34ms Image
image/jpeg 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/logo.jpg?v=1680500403618

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0f0f236b6976b62009da78c47443764ede550fc5041dfbb3a68d2eddea735ab3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: YVMS43S7B38WNK50
age: 887069
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 11021
x-amz-id-2: VVkgkKTJpBhSsh0D0w1aMl52AVnCjsT2uaahUO+l6Weusk9UnkBURue3nlrfv4gp69jyv8JzVy8=
x-served-by: cache-iad-kjyo7100157-IAD, cache-akl10329-AKL
last-modified: Mon, 03 Apr 2023 05:40:05 GMT
server: AmazonS3
x-timer: S1717103123.439546,VS0,VE1
etag: "c0f6cc3bbb0dd7d6fa53fcc144815b8b"
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 124, 0

GET
H/1.1 200
OK 1.png
www.sado-sa.com/images/ 4 KB
4 KB 2567ms
352ms Image
image/png 163.172.253.37
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sado-sa.com/images/1.png
Requested by: Host: lee-johnson.co.nz
URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.172.253.37 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-253-37.rev.poneytelecom.eu
Software: Apache /
Resource Hash: c43e087c9c0c699cc387124d0273f2fd40f8e087a4e65b207f9fd7de6dbde252

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 21:05:25 GMT
Last-Modified: Tue, 28 May 2024 22:43:07 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4234

GET
H2 200 a.png
cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ 402 B
657 B 104ms
32ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/a.png?v=1680500371356

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

148f106fc77f420a9002cdf65bd26ce8812ef97bcaf994db31fdeb212013cdb5

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: 8EZFB4NVJFZH79MN
age: 1039150
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 402
x-amz-id-2: 5QUkChMid03B5J+rAcoFX7JI62Dsf+woVbgMqI+Q7QkT6EakW5LbUdv5XBRlfvSjSMrkzIsv3w47y3ZCAhRkwA==
x-served-by: cache-iad-kjyo7100057-IAD, cache-akl10329-AKL
last-modified: Mon, 03 Apr 2023 05:39:32 GMT
server: AmazonS3
x-timer: S1717103123.439521,VS0,VE1
etag: "350bd2f9be2c4606335d4524262e9cff"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 124, 0

GET
H2 200 d.png
cdn.glitch.global/bf730a63-df78-4244-8a93-304b5ab441ae/ 479 B
948 B 102ms
31ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/bf730a63-df78-4244-8a93-304b5ab441ae/d.png?v=1675926689265

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

119191f22ea22ff461d6f4f4a13a451072aa736d31db3b11f99379305e014d1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: MSRC5RKETZPJ9JR2
age: 410415
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 479
x-amz-id-2: HGQ9fF1N9FNNaBGfeZHrJkWwdcPfXh0naRYz+pgFkXLQrkIAeceYTYgn72Mms8duGYBgJFsZoxY=
x-served-by: cache-iad-kcgs7200171-IAD, cache-akl10329-AKL
last-modified: Thu, 09 Feb 2023 07:11:29 GMT
server: AmazonS3
x-timer: S1717103123.439233,VS0,VE1
etag: "8f154da726c6ba8bc249af82fec33250"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 33, 0

GET
H/1.1 200
OK 2.png
www.sado-sa.com/images/ 5 KB
5 KB 2565ms
351ms Image
image/png 163.172.253.37
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sado-sa.com/images/2.png
Requested by: Host: lee-johnson.co.nz
URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.172.253.37 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-253-37.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 80489c2ddb2533b0357e28c70524b678d73b06f409f7e7e300554df7851798fd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 21:05:25 GMT
Last-Modified: Tue, 28 May 2024 22:43:07 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5059

GET
H2 200 b.png
cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ 356 B
608 B 102ms
32ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/b.png?v=1680500377655

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9eeb371fbff81af820deb5db9a1c8c9e5ac9700fb594ed07c717afb7ab992315

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: 4TXWHMYW03A5CW7H
age: 346654
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 356
x-amz-id-2: Wn2M3Thqp7ChDXFE6Mb62TAAKxm3RidggYeAB/eXAzLYcEpEFFfxUflHlyC+yc5r5LhL3XQ5EiB0tHwMaAIo1w==
x-served-by: cache-iad-kiad7000142-IAD, cache-akl10329-AKL
last-modified: Mon, 03 Apr 2023 05:39:39 GMT
server: AmazonS3
x-timer: S1717103123.439328,VS0,VE1
etag: "37f919b2847b617763e8e404a0d3a4ee"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 29, 0

GET
H/1.1 200
OK 4.png
www.sado-sa.com/images/ 3 KB
3 KB 2565ms
352ms Image
image/png 163.172.253.37
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sado-sa.com/images/4.png
Requested by: Host: lee-johnson.co.nz
URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.172.253.37 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-253-37.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d4ba02dae3549e42d98d680f9b8c534eddc60c1b284200a0669a00119a4b572b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 21:05:25 GMT
Last-Modified: Tue, 28 May 2024 22:43:07 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2876

GET
H2 200 c.png
cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ 405 B
646 B 103ms
33ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/c.png?v=1680500382155

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d509a86793135d9691726e796b0263f49df5187d7061755cb237e1ebb0b443a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: 29VY615A2S8ZDCTG
age: 1311685
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 405
x-amz-id-2: Ho0fzpRqzbE/8oJB6VFklvssfxvh8qY3H0xLSjCsBsvEUdK/DRHchTfPJoSUPfgs94Pu2ZNTObY=
x-served-by: cache-iad-kiad7000134-IAD, cache-akl10329-AKL
last-modified: Mon, 03 Apr 2023 05:39:43 GMT
server: AmazonS3
x-timer: S1717103123.439578,VS0,VE1
etag: "75ca17434579a6a886ed6021f143e16c"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 170, 0

GET
H2 200 d.png
cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ 479 B
906 B 103ms
33ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/d.png?v=1680500388038

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

119191f22ea22ff461d6f4f4a13a451072aa736d31db3b11f99379305e014d1b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: ZR2TPX9D6PRB6PRJ
age: 799453
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 479
x-amz-id-2: TG38P3xeZOEFfAueDqRlTOJUEdfYvrfN73nMI0cnbyVjjgIogriZH1T5PxJMlVs3C+3XlkQZ8zo=
x-served-by: cache-iad-kcgs7200127-IAD, cache-akl10329-AKL
last-modified: Mon, 03 Apr 2023 05:39:49 GMT
server: AmazonS3
x-timer: S1717103123.439551,VS0,VE1
etag: "8f154da726c6ba8bc249af82fec33250"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 101, 0

GET
H2 200 aa.png
cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ 687 B
1 KB 32ms
32ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/aa.png?v=1680500374566

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a5699544c0922f1d41f3b41e98bebb052f37058bfb1bb452edb3279a87ab3f70

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: FGD230BEVGTMSXE7
age: 569086
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 687
x-amz-id-2: DUIyUah57xpPfs5bJUREtggPBCJRUijizV0elyfF4L71S1++OAwLHIA7FJhZfxlaiEWUU3ekEnY=
x-served-by: cache-iad-kiad7000072-IAD, cache-akl10329-AKL
last-modified: Mon, 03 Apr 2023 05:39:35 GMT
server: AmazonS3
x-timer: S1717103123.474131,VS0,VE1
etag: "9b0aa1b1e750e19a610e901fd4e3bf09"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 38, 0

GET
H2 200 ss.png
cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ 83 KB
83 KB 33ms
33ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ss.png?v=1680500407243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c399d6d1fa6493f765d33c90e71e5569fdcdc0623ddcfd69f8ad88a9ef6a4ed0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: QM9XKV3501QTJF7K
age: 918460
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 85125
x-amz-id-2: hBxxa4FgCLDDHyHS+jvKSejzmleWeBg+yBsYDe2NbGCyf2ZKIVTWlz17EaF3eGWw9aNNbGapj9gF42Mw5/YouDQZyAVagfBB
x-served-by: cache-iad-kcgs7200165-IAD, cache-akl10329-AKL
last-modified: Mon, 03 Apr 2023 05:40:08 GMT
server: AmazonS3
x-timer: S1717103123.474116,VS0,VE1
etag: "9db9743da7fce16c80669e0dabaf8e18"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 114, 0

GET
H2 200 to.png
cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/ 35 KB
35 KB 32ms
32ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/a31a7d01-ebad-4498-99ee-ba6977e57fac/to.png?v=1680500411508

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b14b9d44fefc148919ad878a273e3f8a65a020cd333ee93e90db2db435aca304

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 30 May 2024 21:05:23 GMT
x-amz-request-id: 3YKT9NKGQJ6AZXKF
age: 1614630
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 35688
x-amz-id-2: JfAGWWxNrpXxc2rnOJ8xOpzwpT0cMWVoIKIdKd0LqvK8KO650AkHqQSJVaLlvMV96WtVGdPnf6E=
x-served-by: cache-iad-kjyo7100021-IAD, cache-akl10329-AKL
last-modified: Mon, 03 Apr 2023 05:40:12 GMT
server: AmazonS3
x-timer: S1717103123.474211,VS0,VE1
etag: "7b92c4367dccc207947b1d7634a831b9"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 203, 0

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 96ms
31ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 30 May 2024 21:05:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 8352940
x-jsd-version: 5.1.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24376
x-served-by: cache-fra-eddf8230075-FRA, cache-akl10327-AKL
x-jsd-version-type: version
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 404 favicon.ico
lee-johnson.co.nz/ 0
79 B 66ms
65ms Other
text/html 185.184.154.65
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://lee-johnson.co.nz/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.154.65 Sydney, Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS: ipb9b89a41.ipv4.syd02.ds.network
Software: Apache / PHP/5.6.40
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html
Accept-Language: en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 21:05:25 GMT
server: Apache
x-powered-by: PHP/5.6.40
content-length: 0
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pacific-iridescent-lunge.glitch.me/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pacific-iridescent-lunge.glitch.me/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://lee-johnson.co.nz/mn/i9nv68xb7e9615d244ed1b7465211cfb44c6499g8hdsgm4t497zf7mzxn464hfn5fh784dkhj39048oiwo598e3996932bnedjnd9498329932n5j2902985nmsbnc89496092nsmj94929050k72ol3959037d90mc57.html(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://lee-johnson.co.nz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.glitch.global
cdn.jsdelivr.net
lee-johnson.co.nz
pacific-iridescent-lunge.glitch.me
www.sado-sa.com
151.101.66.132
163.172.253.37
185.184.154.65
2a04:4e42::485
34.197.227.58
0f0f236b6976b62009da78c47443764ede550fc5041dfbb3a68d2eddea735ab3
119191f22ea22ff461d6f4f4a13a451072aa736d31db3b11f99379305e014d1b
148f106fc77f420a9002cdf65bd26ce8812ef97bcaf994db31fdeb212013cdb5
4f039c50843b6612b0dd48bfacd50e6fcd784630e4bd2be9f41ad4fc3f46df92
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
80489c2ddb2533b0357e28c70524b678d73b06f409f7e7e300554df7851798fd
9eeb371fbff81af820deb5db9a1c8c9e5ac9700fb594ed07c717afb7ab992315
a5699544c0922f1d41f3b41e98bebb052f37058bfb1bb452edb3279a87ab3f70
b14b9d44fefc148919ad878a273e3f8a65a020cd333ee93e90db2db435aca304
b48a7a21cfe1c5ada20a91b04bcb21a71bc831023e454322d4ee59e5a87a030d
c399d6d1fa6493f765d33c90e71e5569fdcdc0623ddcfd69f8ad88a9ef6a4ed0
c43e087c9c0c699cc387124d0273f2fd40f8e087a4e65b207f9fd7de6dbde252
d4ba02dae3549e42d98d680f9b8c534eddc60c1b284200a0669a00119a4b572b
d509a86793135d9691726e796b0263f49df5187d7061755cb237e1ebb0b443a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

lee-johnson.co.nz Open in urlscan Pro 185.184.154.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

289 kBTransfer

477 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

lee-johnson.co.nz Open in urlscan Pro
185.184.154.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

289 kB
Transfer

477 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!