cemetery.org.au Open in urlscan Pro
116.0.23.250 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cemetery.org.au/Dhl/shipping/torsion/
Submission: On February 23 via automatic, source openphish (February 23rd 2023, 1:14:30 am UTC) — Scanned from AU

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 32 HTTP transactions. The main IP is 116.0.23.250, located in Australia and belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU. The main domain is cemetery.org.au.
TLS certificate: Issued by R3 on December 17th 2022. Valid for: 3 months.

This is the only time cemetery.org.au was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
27	116.0.23.250 116.0.23.250	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
1	13.33.88.17 13.33.88.17	16509 (AMAZON-02) (AMAZON-02)
2	172.64.168.22 172.64.168.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.155.68.124 18.155.68.124	16509 (AMAZON-02) (AMAZON-02)
32	5

27 116.0.23.250 (Australia)

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: helios.instanthosting.com.au

cemetery.org.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-17.sin2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.168.22 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-124.sin52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cemetery.org.au cemetery.org.au	672 KB
2	fontawesome.com ka-f.fontawesome.com — Cisco Umbrella Rank: 2612	253 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 628 script.hotjar.com — Cisco Umbrella Rank: 767	71 KB
0	Failed function sub() { [native code] }. Failed
32	4

	Domain	Requested by
27	cemetery.org.au	cemetery.org.au
2	ka-f.fontawesome.com	cemetery.org.au
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	cemetery.org.au
0	eofcbnmajmjmplflapaojjnihcjkigck Failed	cemetery.org.au
32	5

This site contains links to these domains. Also see Links.

Domain
lwegatech.info

Subject Issuer	Validity	Valid
mail.cemetery.org.au R3	`2022-12-17` - `2023-03-17`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://cemetery.org.au/Dhl/shipping/torsion/
Frame ID: AD778705986273E2D80567F35FD82DA5
Requests: 30 HTTP requests in this frame

Frame: https://cemetery.org.au/Dhl/shipping/torsion/1_files/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: E3D337C853C30FAAD3BB08B4F3EF1E68
Requests: 1 HTTP requests in this frame

Frame: https://cemetery.org.au/Dhl/shipping/torsion/1_files/saved_resource.html
Frame ID: C170BB76FA2B8FE9F2BABA8D01012915
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

32
Requests

97 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

996 kB
Transfer

1192 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://lwegatech.info/public/Zy4ECJuPp168ec0WJ3CFlUVndKSR00rr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
cemetery.org.au/Dhl/shipping/torsion/ 193 KB
193 KB 299ms
102ms Document
text/html 116.0.23.250
DREAMSCAPE-AS-AP ...

General

Domain/Path	Expires	Name / Value
.cemetery.org.au/	1970-01-20 18:37:30	Name: _hjSessionUser_2895475 Value: eyJpZCI6IjdmZTU2YTE2LTlmZWUtNTIxMC1hMzg1LWNjNDI3YTI3ZGE0MCIsImNyZWF0ZWQiOjE2NzcxMTQ4NjcwOTQsImV4aXN0aW5nIjpmYWxzZX0=
.cemetery.org.au/	1970-01-20 09:51:56	Name: _hjFirstSeen Value: 1
.cemetery.org.au/	1970-01-20 09:51:54	Name: _hjIncludedInSessionSample_2895475 Value: 1
.cemetery.org.au/	1970-01-20 09:51:56	Name: _hjSession_2895475 Value: eyJpZCI6ImNmNzIyOWUyLTFkZmUtNGRhZS1hNDAzLTQwYzY3MTU2YjJmZSIsImNyZWF0ZWQiOjE2NzcxMTQ4NjcxMDQsImluU2FtcGxlIjp0cnVlfQ==
.cemetery.org.au/	1970-01-20 09:51:56	Name: _hjAbsoluteSessionInProgress Value: 0

Source	Level	URL Text
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/f7165dd215.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: chrome-extension://eofcbnmajmjmplflapaojjnihcjkigck/common/ui/fonts/fonts.css Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/main.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/app.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/session-recorder.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/hotjar-2895475.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/logger-1.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/modules.bcd9ade6b0bb9bdd0789.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/foo.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cemetery.org.au/Dhl/shipping/torsion/1_files/logger-1.min.js.t%C3%A9l%C3%A9chargement Message: Failed to load resource: the server responded with a status of 404 (Not Found)

cemetery.org.au Open in urlscan Pro 116.0.23.250 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

996 kBTransfer

1192 kBSize

5 Cookies

1 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cemetery.org.au Open in urlscan Pro
116.0.23.250 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

996 kB
Transfer

1192 kB
Size

5
Cookies

32 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!