spot.hydrauhose.com Open in urlscan Pro
141.95.147.190 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://spot.hydrauhose.com/dashboard.php?reference=fb5f7ac49e5a91537913
Submission: On June 07 via api (June 7th 2024, 1:06:33 am UTC) from US — Scanned from FR

Summary HTTP 15 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 141.95.147.190, located in France and belongs to OVH, FR. The main domain is spot.hydrauhose.com.
TLS certificate: Issued by R3 on April 26th 2024. Valid for: 3 months.

This is the only time spot.hydrauhose.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Qantas (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
5	141.95.147.190 141.95.147.190	16276 (OVH) (OVH)
1	54.164.86.209 54.164.86.209	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
15	4

5 141.95.147.190 (France)

ASN16276 (OVH, FR)
PTR: serveur.fra13.ex2.cloud

spot.hydrauhose.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.86.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-86-209.compute-1.amazonaws.com

qantas.resultspage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	hydrauhose.com spot.hydrauhose.com	225 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 461	33 KB
1	resultspage.com qantas.resultspage.com — Cisco Umbrella Rank: 455999	1 KB
0	qantas.com Failed www.qantas.com Failed
0	qantasloyalty.com Failed cdn.qantasloyalty.com Failed
15	5

	Domain	Requested by
5	spot.hydrauhose.com	spot.hydrauhose.com
1	ajax.googleapis.com	spot.hydrauhose.com
1	qantas.resultspage.com	spot.hydrauhose.com
0	www.qantas.com Failed	spot.hydrauhose.com
0	cdn.qantasloyalty.com Failed	spot.hydrauhose.com
15	5

This site contains links to these domains. Also see Links.

Domain
www.qantas.com
travelinsider.qantas.com.au
help.qantas.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
instagram.com
www.jetstar.com

Subject Issuer	Validity	Valid
www.spot.hydrauhose.com R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
*.resultspage.com Starfield Secure Certificate Authority - G2	`2024-05-05` - `2025-05-21`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://spot.hydrauhose.com/dashboard.php?reference=fb5f7ac49e5a91537913
Frame ID: C41AAA2939683D6BDF33F7DACC5AB1AA
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

47 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

259 kB
Transfer

946 kB
Size

0
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://www.qantas.com/travel/airlines/viewing/global/en
Title: Upgrade my browser

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en.html

Search URL Search Domain Scan URL

URL: https://www.qantas.com/au/en/qantas-experience/network-and-partner-airlines/oneworld.html
Title: Oneworld

Search URL Search Domain Scan URL

URL: https://www.qantas.com/travelinsider/en.html
Title: Travel Insider

Search URL Search Domain Scan URL

URL: https://www.qantas.com/directconnect/affinity
Title: Where can I go?

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/travel-guides/australia.html?int_cam=us:en:travel-guides-au:nav:en:flights

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/flight-deals/flights-to-australia.html/au
Title: Flights to Australia

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/flight-deals/flights-to-new-zealand.html/nz
Title: Flights to New Zealand

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/flight-deals.html
Title: Flights to Japan

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/flight-deals/flights-to-singapore.html/sin
Title: Flights to Singapore

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/flight-deals/flights-to-vanuatu.html/nou
Title: Flights to New Caledonia

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/flight-deals/international/flights-to-australia.html/economy/all/lowest?int_cam=us:en:flight-deals-au:nav:en:flights

Search URL Search Domain Scan URL

URL: http://travelinsider.qantas.com.au/qantas-magazine
Title: Qantas magazineOpens external site

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/book-a-trip/flights/qantas-explorer.html?int_cam=us:en:qantas-explorer:nav:en:flights

Search URL Search Domain Scan URL

URL: http://www.qantas.com/travel/airlines/flight-deals/us/en
Title: Flights to Australia

Search URL Search Domain Scan URL

URL: https://www.qantas.com/detect-site/coronavirus.html
Title: COVID-19 information

Search URL Search Domain Scan URL

URL: https://www.qantas.com/detect-site/manage-booking.html
Title: Manage booking

Search URL Search Domain Scan URL

URL: https://www.qantas.com/travel/airlines/baggage/global/en
Title: baggage allowances

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/qantas-experience/australian-domestic-flight-network.html?int_cam=us:en:mega-nav:domestic-network:en:flights

Search URL Search Domain Scan URL

URL: https://help.qantas.com/support/s/
Title: Help Opens external site

Search URL Search Domain Scan URL

URL: https://www.qantas.com/au/en/frequent-flyer/discover-and-join/terms-and-conditions.html
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/travel-info/baggage/allowance-and-fees.html
Title: Baggage & Optional Service Fees

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/support/customer-service-plan.html
Title: Customer Service Plan

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/qantas-group.html
Title: Qantas Group

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/about-us/news-room.html
Title: News Room

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/about-us/qantas-careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/about-us/our-company/our-airline-partners/oneworld.html
Title: oneworld

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/about-us.html
Title: More about Qantas

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/100-years-of-the-spirit-of-australia.html
Title: Qantas Centenary

Search URL Search Domain Scan URL

URL: https://www.qantas.com/content/dam/qantas/pdfs/about-us/corporate-governance/modern-slavery-and-human-trafficking-statement.pdf
Title: Modern Slavery Act Statement

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Qantas/
Title: 1.4m+ likesOpens external site in a new window

Search URL Search Domain Scan URL

URL: https://twitter.com/Qantas
Title: 483k+ followersOpens external site in a new window

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/qantas
Title: 287k+ followersOpens external site in a new window

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Qantas
Title: 93k+ subscribersOpens external site in a new window

Search URL Search Domain Scan URL

URL: http://instagram.com/Qantas
Title: 933k+ followersOpens external site in a new window

Search URL Search Domain Scan URL

URL: https://www.jetstar.com/
Title: JetstarOpens external site in a new window

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/support/essential-accessibility.html
Title: eSSENTIAL AccessibilityTM

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/support/privacy-and-security.html
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/support/terms-of-use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/book-a-trip/flights/conditions-of-carriage.html
Title: Conditions of Carriage

Search URL Search Domain Scan URL

URL: https://www.qantas.com/us/en/book-a-trip/flights/fare-types.html
Title: Fare types

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request dashboard.php Show response
spot.hydrauhose.com/ 543 KB
99 KB 131ms
60ms Document
text/html 141.95.147.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://spot.hydrauhose.com/dashboard.php?reference=fb5f7ac49e5a91537913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.147.190 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur.fra13.ex2.cloud
Software: LiteSpeed /
Resource Hash: 6e88910311e34daae354507c74ab2fa0640b474e96400bcab8344fd689cc5bf0

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 01:06:28 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent

GET
H2 200 main.css
spot.hydrauhose.com/ 210 KB
27 KB 16ms
14ms Stylesheet
text/css 141.95.147.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://spot.hydrauhose.com/main.css
Requested by: Host: spot.hydrauhose.com
URL: https://spot.hydrauhose.com/dashboard.php?reference=fb5f7ac49e5a91537913
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.147.190 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur.fra13.ex2.cloud
Software: LiteSpeed /
Resource Hash: e33bf0e24ad4a7482d68c48aa84a576e57bd3d8cdd3256de1e72f3b08bff4fed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://spot.hydrauhose.com/dashboard.php?reference=fb5f7ac49e5a91537913
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:06:28 GMT
content-encoding: br
last-modified: Sun, 06 Nov 2022 16:58:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 27931
expires: Fri, 14 Jun 2024 01:06:28 GMT

GET
H2 200 sli-rac.css
qantas.resultspage.com/autocomplete/ 4 KB
1 KB 315ms
93ms Stylesheet
text/css 54.164.86.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://qantas.resultspage.com/autocomplete/sli-rac.css
Requested by: Host: spot.hydrauhose.com
URL: https://spot.hydrauhose.com/dashboard.php?reference=fb5f7ac49e5a91537913
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.164.86.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-86-209.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 763a86d3b22b56dc063a25ec601d018d501c38aed49034fde8e2d3351f614f81

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://spot.hydrauhose.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:06:29 GMT
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 10:42:56 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=432000
accept-ranges: bytes
content-length: 1063
expires: Wed, 12 Jun 2024 01:06:29 GMT

GET login.bundle.css
cdn.qantasloyalty.com/assets/widgets/login/v2/ 0
0

GET main-noncritical.min.39f8b7e771e1f7442c41e2b0eb8c5459.css
www.qantas.com/etc/designs/qcom/site/ 0
0

GET qantas-masterbrand-logo-40px.svg
www.qantas.com/content/dam/qantas/logos/ 0
0

GET escape-au.jpg
www.qantas.com/images/imb/img/190x440/ 0
0

GET Australia-flight-deals-190x135.jpg
www.qantas.com/images/imb/img/ 0
0

GET qantas-explorer.jpg
www.qantas.com/images/imb/img/190x440/ 0
0

GET australian-domestic-network-190x440.jpg
www.qantas.com/images/imb/img/190x440/ 0
0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 81ms
24ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: spot.hydrauhose.com
URL: https://spot.hydrauhose.com/dashboard.php?reference=fb5f7ac49e5a91537913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://spot.hydrauhose.com/
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 23:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jun 2025 23:47:34 GMT

GET spritesheet-9632fb7044385395ce89846b873ea4e3.png
www.qantas.com/etc/designs/qantas/global/img/ 0
0

GET
H3 200 315CA1_3_0.woff2
spot.hydrauhose.com/ 48 KB
48 KB 19ms
19ms Font
font/woff2 141.95.147.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://spot.hydrauhose.com/315CA1_3_0.woff2
Requested by: Host: spot.hydrauhose.com
URL: https://spot.hydrauhose.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.95.147.190 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur.fra13.ex2.cloud
Software: LiteSpeed /
Resource Hash: b2b64e5d45e5f4911d34343f60b7d15ba57d7ce1e4cc5dd69ac424bb79d84455

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://spot.hydrauhose.com/main.css
Origin: https://spot.hydrauhose.com
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:06:29 GMT
last-modified: Sun, 06 Nov 2022 01:09:34 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49421
expires: Fri, 14 Jun 2024 01:06:29 GMT

GET
DATA 200
OK truncated
/ 736 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445b7df4c1fa8a4f1847e39edc7476fb8bec4c9e7aa3c4127ce4e61a300f6e00

Request headers

Accept-Language: fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 315CA1_1_0.woff2
spot.hydrauhose.com/ 49 KB
49 KB 15ms
15ms Font
font/woff2 141.95.147.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://spot.hydrauhose.com/315CA1_1_0.woff2
Requested by: Host: spot.hydrauhose.com
URL: https://spot.hydrauhose.com/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.95.147.190 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur.fra13.ex2.cloud
Software: LiteSpeed /
Resource Hash: b964d246defe2ccf6dd3a0d3887ac9d09325a866b94bd57732219406654698a2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://spot.hydrauhose.com/main.css
Origin: https://spot.hydrauhose.com
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:06:29 GMT
last-modified: Sun, 06 Nov 2022 01:10:02 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49864
expires: Fri, 14 Jun 2024 01:06:29 GMT

GET
H3 404 favicon.ico
spot.hydrauhose.com/ 1 KB
1 KB 14ms
13ms Other
text/html 141.95.147.190
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://spot.hydrauhose.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.95.147.190 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur.fra13.ex2.cloud
Software: LiteSpeed /
Resource Hash: 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://spot.hydrauhose.com/dashboard.php?reference=fb5f7ac49e5a91537913
Accept-Language: fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 01:06:29 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
vary: User-Agent
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.qantasloyalty.com
URL: https://cdn.qantasloyalty.com/assets/widgets/login/v2/login.bundle.css

Domain: www.qantas.com
URL: https://www.qantas.com/etc/designs/qcom/site/main-noncritical.min.39f8b7e771e1f7442c41e2b0eb8c5459.css

Domain: www.qantas.com
URL: https://www.qantas.com/content/dam/qantas/logos/qantas-masterbrand-logo-40px.svg

Domain: www.qantas.com
URL: https://www.qantas.com/images/imb/img/190x440/escape-au.jpg

Domain: www.qantas.com
URL: https://www.qantas.com/images/imb/img/Australia-flight-deals-190x135.jpg

Domain: www.qantas.com
URL: https://www.qantas.com/images/imb/img/190x440/qantas-explorer.jpg

Domain: www.qantas.com
URL: https://www.qantas.com/images/imb/img/190x440/australian-domestic-network-190x440.jpg

Domain: www.qantas.com
URL: https://www.qantas.com/etc/designs/qantas/global/img/spritesheet-9632fb7044385395ce89846b873ea4e3.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Qantas (Transportation)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.qantasloyalty.com/assets/widgets/login/v2/login.bundle.css Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.qantas.com/images/imb/img/190x440/australian-domestic-network-190x440.jpg Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.qantas.com/images/imb/img/190x440/qantas-explorer.jpg Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.qantas.com/images/imb/img/190x440/escape-au.jpg Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.qantas.com/content/dam/qantas/logos/qantas-masterbrand-logo-40px.svg Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.qantas.com/images/imb/img/Australia-flight-deals-190x135.jpg Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.qantas.com/etc/designs/qcom/site/main-noncritical.min.39f8b7e771e1f7442c41e2b0eb8c5459.css Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.qantas.com/etc/designs/qantas/global/img/spritesheet-9632fb7044385395ce89846b873ea4e3.png Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://spot.hydrauhose.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.qantasloyalty.com
qantas.resultspage.com
spot.hydrauhose.com
www.qantas.com
cdn.qantasloyalty.com
www.qantas.com
141.95.147.190
2a00:1450:4001:811::200a
54.164.86.209
445b7df4c1fa8a4f1847e39edc7476fb8bec4c9e7aa3c4127ce4e61a300f6e00
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
6e88910311e34daae354507c74ab2fa0640b474e96400bcab8344fd689cc5bf0
763a86d3b22b56dc063a25ec601d018d501c38aed49034fde8e2d3351f614f81
b2b64e5d45e5f4911d34343f60b7d15ba57d7ce1e4cc5dd69ac424bb79d84455
b964d246defe2ccf6dd3a0d3887ac9d09325a866b94bd57732219406654698a2
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e33bf0e24ad4a7482d68c48aa84a576e57bd3d8cdd3256de1e72f3b08bff4fed

spot.hydrauhose.com Open in urlscan Pro 141.95.147.190 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

47 %HTTPS

33 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

259 kBTransfer

946 kBSize

0 Cookies

41 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

29 JavaScript Global Variables

0 Cookies

9 Console Messages

Indicators

spot.hydrauhose.com Open in urlscan Pro
141.95.147.190 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

47 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

259 kB
Transfer

946 kB
Size

0
Cookies

15 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!