dashing-reindeer.10web.site Open in urlscan Pro
34.70.139.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://urlz.fr/lcbu
Effective URL:
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
Submission: On March 31 via manual (March 31st 2023, 4:53:43 am UTC) from AU — Scanned from SG

Summary HTTP 18 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 18 HTTP transactions. The main IP is 34.70.139.72, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is dashing-reindeer.10web.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 3rd 2022. Valid for: a year.

This is the only time dashing-reindeer.10web.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3038::6815:ead6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.245.105.165 77.245.105.165	35104 (KTC-AS) (KTC-AS)
2 15	34.70.139.72 34.70.139.72	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

1 2606:4700:3038::6815:ead6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.105.165 (Astana, Kazakhstan)

ASN35104 (KTC-AS, KZ)

qujat.kz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 34.70.139.72 (Council Bluffs, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 72.139.70.34.bc.googleusercontent.com

dashing-reindeer.10web.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	10web.site 2 redirects dashing-reindeer.10web.site	437 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	28 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	29 KB
1	qujat.kz qujat.kz	464 B
1	urlz.fr 1 redirects urlz.fr — Cisco Umbrella Rank: 869226	510 B
18	5

	Domain	Requested by
15	dashing-reindeer.10web.site	2 redirects dashing-reindeer.10web.site cdnjs.cloudflare.com
1	cdnjs.cloudflare.com	dashing-reindeer.10web.site
1	code.jquery.com	dashing-reindeer.10web.site
1	qujat.kz
1	urlz.fr	1 redirects
18	5

This site contains links to these domains. Also see Links.

Domain
login.my.gov.au
beta.my.gov.au
www.digitalidentity.gov.au
www.mygovid.gov.au
australia.gov.au

Subject Issuer	Validity	Valid
qujat.kz R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.10web.site Sectigo RSA Domain Validation Secure Server CA	`2022-10-03` - `2023-09-18`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
Frame ID: 7C09042DADFB0B72F7B0D657ED48546B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign-in - myGov

Page URL History Show full URLs

https://urlz.fr/lcbu HTTP 302
https://qujat.kz/mygoo.html Page URL
https://dashing-reindeer.10web.site/cpsess9100303772/ HTTP 302
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed HTTP 301
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/ Page URL
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

89 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

494 kB
Transfer

1184 kB
Size

1
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://login.my.gov.au/LoginServices/main/login?execution=e2s1
Title: Skip to Ask a question

Search URL Search Domain Scan URL

URL: https://beta.my.gov.au/?utm_source=blue&utm_medium=banner&utm_campaign=myGov&utm_id=beta&cid=mygovbeta_banner_green_unauth
Title: myGov Beta

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/CredentialManager/recoverUserId.jsp?Origin=&Return=/sps/auth&Login=true
Title: Forgot username

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/CredentialManager/resetPassword.jsp?Origin=&Return=/sps/auth&Login=true
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/LoginServices/main/login?execution=e2s1&_eventId=digitalIdentity
Title: Continue with Digital Identity

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/EnrolService/register.jsp?login=true&Return=/mga/sps/auth
Title: create a myGov account

Search URL Search Domain Scan URL

URL: https://www.digitalidentity.gov.au/
Title: Digital Identity

Search URL Search Domain Scan URL

URL: https://www.mygovid.gov.au/
Title: myGovID

Search URL Search Domain Scan URL

URL: https://australia.gov.au/
Title: australia.gov.au

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/about.html
Title: About myGov

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/contact.html
Title: Contact us

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/terms.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/copyright.html
Title: Copyright

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/security.html
Title: Security

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/mygov/content/html/help.html
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://urlz.fr/lcbu HTTP 302
https://qujat.kz/mygoo.html Page URL
https://dashing-reindeer.10web.site/cpsess9100303772/ HTTP 302
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed HTTP 301
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/ Page URL
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://urlz.fr/lcbu HTTP 302
https://qujat.kz/mygoo.html

Request Chain 1

https://dashing-reindeer.10web.site/cpsess9100303772/ HTTP 302
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed HTTP 301
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

mygoo.html
qujat.kz/
Redirect Chain

https://urlz.fr/lcbu
https://qujat.kz/mygoo.html

201 B
464 B

1034ms
215ms

Document
text/html

77.245.105.165
KTC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://qujat.kz/mygoo.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.245.105.165 Astana, Kazakhstan, ASN35104 (KTC-AS, KZ),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 31 Mar 2023 04:53:38 GMT
ETag: W/"64266263-c9"
Last-Modified: Fri, 31 Mar 2023 04:32:35 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=60
cf-cache-status: DYNAMIC
cf-ray: 7b05fd58be7b4a3b-SIN
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 04:53:37 GMT
expires: Fri, 31 Mar 2023 04:54:37 GMT
location: https://qujat.kz/mygoo.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKPluNM%2Fk5M%2BrXwO3FMqW%2B8cRFggj7Oc1ian95dpmRtHBoLXUh1d%2BFNfOgjHzESoxdeElE0xivKOFeA%2F6BPlY9sdOoLVb%2FZgCBReo1zMtxExyIwHWCR%2FtKQ5fdrygPE1D%2BSIOA56"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-fastcgi-cache: HIT

GET
H2

200

/ Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
Redirect Chain

https://dashing-reindeer.10web.site/cpsess9100303772/
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed
https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

432 KB
18 KB

473ms
473ms

Document
text/html

34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0d472332432a3ec50696c125faf9874c9db399c9194b5fbbd3d64b11766f989e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qujat.kz/mygoo.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 04:53:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-length: 162
content-type: text/html
date: Fri, 31 Mar 2023 04:53:39 GMT
location: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 m3d.css
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/ 151 B
408 B 219ms
218ms Stylesheet
text/css 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/m3d.css

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

c113ebc50cb4d96a2b7829a0aaca2fe5a01b36197859283dab10767d6a267072

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:39 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-97"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:53:39 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 565ms
186ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://dashing-reindeer.10web.site/
Origin: https://dashing-reindeer.10web.site
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:40 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e4a"
vary: Accept-Encoding
x-hw: 1680238420.dop107.la3.t,1680238420.cds284.la3.hn,1680238420.cds238.la3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/ 87 KB
28 KB 53ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 717532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27964
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15d95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jll33mmVI7yz8IKL8SMu6QwV9N%2B254mq2yGvMP3U1AM30isEnYdRPG0FSI9AcPaH6t9rLVPkDDpgXFbVVoE69LUYz4cZRixkeYCh86N32uPNQ4UOFXWnJyzoQgcDmPgEC%2BE5MYFpZR%2Bn5XV2lIxnGU72"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b05fd6c68ed4bb0-SIN
expires: Wed, 20 Mar 2024 04:53:39 GMT

GET
H2 200 ajax.php
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/m3dularbh/ 0
237 B 227ms
226ms XHR
text/html 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/m3dularbh/ajax.php?n=m3d

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:40 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
content-encoding: br
server: nginx
vary: Accept-Encoding
x-cache: BYPASS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request / Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ 15 KB
4 KB 223ms
223ms Document
text/html 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

50b65fed0f479fd543a6285bfd56a1980e119b600d23302d5f95dbb17417108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 31 Mar 2023 04:53:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ruxitagentjs_ICA2Vfghjqrux_10239220408103229.js.download Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 243 KB
243 KB 441ms
441ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ruxitagentjs_ICA2Vfghjqrux_10239220408103229.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

0fb5ae1c24514ad48f8e743a87eee447b573a30aeb7d8ce16cebf4d5ead810b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:41 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-3cb60"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 248672
x-xss-protection: 1; mode=block

GET
H2 200 mgv2-application.css
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 122 KB
19 KB 684ms
684ms Stylesheet
text/css 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.css

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e8d0781b70b1c2db3eb0ac367588de1c4e9a8d6126f1c8695a08580d83cd2683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:41 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-1e7f4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:53:41 GMT

GET
H2 200 austgovt-inline-white.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 0
0 653ms
650ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/austgovt-inline-white.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-1c460"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:53:42 GMT

GET
H2 200 mygov-logo.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 2 KB
1 KB 653ms
651ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mygov-logo.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-8a1"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:53:42 GMT

GET
H2 200 dismiss-x.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 839 B
702 B 654ms
652ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/dismiss-x.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a3e9863b69280adb1c01eb12d33cb2fbaeecd5423e15400caad5ff4a5e4aeac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-347"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:53:42 GMT

GET
H2 200 icon-external-link-blue.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 742 B
764 B 655ms
653ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/icon-external-link-blue.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e470bb1617b294c5f4c8c456278f819d1640b90c2c15e5d237d3c0683aa32a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-2e6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:53:42 GMT

GET
H2 200 austgovt-inline.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 0
0 655ms
653ms Image
image/svg+xml 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/austgovt-inline.svg

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
content-encoding: br
etag: W/"6426410c-11a6c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000
x-xss-protection: 1; mode=block
expires: Mon, 25 Mar 2024 04:53:42 GMT

GET
H2 200 mgv2-vendor.js.download Show response
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 148 KB
149 KB 952ms
952ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-vendor.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2bedda083bdbe6820e493159f1e3e27146b96ef6840094bd74447925e8c66e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-251cf"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 152015
x-xss-protection: 1; mode=block

GET
H2 200 mgv2-application.js.download
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 48 KB
0 652ms
652ms Script
application/octet-stream 34.70.139.72
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-application.js.download

Requested by

Host: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.70.139.72 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

72.139.70.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 04:53:42 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Fri, 31 Mar 2023 02:10:20 GMT
server: nginx
etag: "6426410c-1262d"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 75309
x-xss-protection: 1; mode=block

GET login.js.download
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ 0
0

GET link-arrow.svg
dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/login.js.download

Domain: dashing-reindeer.10web.site
URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/link-arrow.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dashing-reindeer.10web.site/	1969-12-31 23:59:59	Name: PHPSESSID Value: 201a0655da8df42515cc2684a65d8c27

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Message: Refused to execute script from 'https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/ruxitagentjs_ICA2Vfghjqrux_10239220408103229.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/ Message: Refused to execute script from 'https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/Sign-in%20-%20myGov_files/mgv2-vendor.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://dashing-reindeer.10web.site/cpsess9100303772/f3e1a87bde92d0b4dcadf75dcff048ed/main/icons/link-arrow.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
dashing-reindeer.10web.site
qujat.kz
urlz.fr
dashing-reindeer.10web.site
2001:4de0:ac18::1:a:3a
2606:4700:3038::6815:ead6
2606:4700::6811:190e
34.70.139.72
77.245.105.165
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0d472332432a3ec50696c125faf9874c9db399c9194b5fbbd3d64b11766f989e
0fb5ae1c24514ad48f8e743a87eee447b573a30aeb7d8ce16cebf4d5ead810b0
2bedda083bdbe6820e493159f1e3e27146b96ef6840094bd74447925e8c66e26
50b65fed0f479fd543a6285bfd56a1980e119b600d23302d5f95dbb17417108f
91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb
a3e9863b69280adb1c01eb12d33cb2fbaeecd5423e15400caad5ff4a5e4aeac9
c113ebc50cb4d96a2b7829a0aaca2fe5a01b36197859283dab10767d6a267072
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
e470bb1617b294c5f4c8c456278f819d1640b90c2c15e5d237d3c0683aa32a22
e8d0781b70b1c2db3eb0ac367588de1c4e9a8d6126f1c8695a08580d83cd2683

dashing-reindeer.10web.site Open in urlscan Pro 34.70.139.72 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

89 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

494 kBTransfer

1184 kBSize

1 Cookies

18 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

dashing-reindeer.10web.site Open in urlscan Pro
34.70.139.72 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

494 kB
Transfer

1184 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!