Report - itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9

Report Overview

Visited public
2024-12-18 07:18:38
Tags
URL
itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Finishing URL
itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
IP / ASN
103.42.108.46
#45638 SYNERGY WHOLESALE PTY LTD
Title
Your Domains

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
static.synergywholesale.com	649648	2013-08-08	2015-05-25	2024-12-16	854 B	17 kB	103.42.108.78
static.ventraip.com.au	939024	unknown	2012-11-16	2024-12-17	417 B	5.8 kB	103.42.108.77
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-12-18	461 B	5.2 kB	151.101.193.229
manage.synergywholesale.com	unknown	2013-08-08	2015-04-20	2024-12-16	1.4 kB	4.8 kB	103.42.108.64
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-18	1.1 kB	45 kB	216.58.207.227
itsn.com.au	unknown	unknown	2017-06-23	2024-02-15	1.9 kB	3.4 kB	103.42.108.46
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-18	434 B	1.5 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-18	medium	itsn.com.au	Sinkholed
2024-12-18	medium	itsn.com.au	Sinkholed
2024-12-18	medium	itsn.com.au	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	static.ventraip.com.au/wholesale/js/fancybox.js	ScriptElement	16 kB	2023-03-07	2025-05-08
Pretty URL static.ventraip.com.au/wholesale/js/fancybox.js IP 103.42.108.77 ASN #45638 SYNERGY WHOLESALE PTY LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-05-08 03:05 Times Seen478 Hash 8bc36a08c46719377528d962966ce37c caeb31e930068ce5820b239d44d8415f95957138 d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561 Loading...

	static.synergywholesale.com/manage/js/core.js?v=29	ScriptElement	12 kB	2023-03-07	2025-04-13
Pretty URL static.synergywholesale.com/manage/js/core.js?v=29 IP 103.42.108.78 ASN #45638 SYNERGY WHOLESALE PTY LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:41 Last Seen2025-04-13 13:08 Times Seen28 Hash bcc0f9133608f945fa5e134705a9427d 33ff38b6441bec136112a3dc77e9ce99d6930187 f08f2b439d866179b748a4216f30d519bdce54bb8464867e416963c8e7e9650d Loading...

HTTP Transactions (13)

URL IP Response Size

itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9

103.42.108.46

200 OK

891 B

URL User Request GET HTTP/2
itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
IP
103.42.108.46:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Certificate
IssuerZeroSSL
Subjectitsn.com.au
Fingerprint2B:45:5E:45:64:35:DB:65:34:CB:E0:7C:E8:35:FD:47:4C:AE:C7:E4
ValidityWed, 20 Nov 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
891 B (891 bytes)
Hash
b913e2490d2de07950aba30cf304e6f8
ad2a417d161869d3229e7f780cf2c4991b1eeb81
1e2a6635d8308ce418e276dfa38ddf6419e727c85d5fce87979fde811755c942

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9 HTTP/1.1
Host: itsn.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Dec 2024 07:18:14 GMT
vary: Accept-Encoding
content-length: 891
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Droid+Sans:400,700

142.250.74.106

200 OK

814 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Droid+Sans:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintD4:A3:E0:67:E1:FB:D8:0C:7B:58:AE:DA:81:4F:CA:47:9A:07:6E:5B
ValidityMon, 04 Nov 2024 08:38:51 GMT - Mon, 27 Jan 2025 08:38:50 GMT

File type
gzip compressed data, max compression
Size
814 B (814 bytes)
Hash
9851314294f64eff3431dda683bcbac7
74998a2e88849c889844bfc49c2687a8d22a9065
233c7b46b7748aa4f2737a745ab634cc3f80a3a6e1b196213056b121541e3243

HTTP Headers

GET /css?family=Droid+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itsn.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 18 Dec 2024 07:18:14 GMT
date: Wed, 18 Dec 2024 07:18:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

itsn.com.au/inc/js/components/jquery-3.5.1.min.js

103.42.108.46

200 OK

891 B

URL GET HTTP/2
itsn.com.au/inc/js/components/jquery-3.5.1.min.js
IP
103.42.108.46:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerZeroSSL
Subjectitsn.com.au
Fingerprint2B:45:5E:45:64:35:DB:65:34:CB:E0:7C:E8:35:FD:47:4C:AE:C7:E4
ValidityWed, 20 Nov 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
891 B (891 bytes)
Hash
b913e2490d2de07950aba30cf304e6f8
ad2a417d161869d3229e7f780cf2c4991b1eeb81
1e2a6635d8308ce418e276dfa38ddf6419e727c85d5fce87979fde811755c942

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /inc/js/components/jquery-3.5.1.min.js HTTP/1.1
Host: itsn.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Dec 2024 07:18:15 GMT
vary: Accept-Encoding
content-length: 891
X-Firefox-Spdy: h2

static.synergywholesale.com/manage/style.css?v=563

103.42.108.78

200 OK

13 kB

URL GET HTTP/2
static.synergywholesale.com/manage/style.css?v=563
IP
103.42.108.78:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerLet's Encrypt
Subject*.static.synergywholesale.com
Fingerprint81:21:82:7A:A4:A3:31:3A:72:BC:59:7A:34:7B:21:A9:E0:55:A7:EE
ValidityMon, 11 Nov 2024 14:26:18 GMT - Sun, 09 Feb 2025 14:26:17 GMT

File type
ASCII text, with very long lines (2089)
Size
13 kB (13155 bytes)
Hash
302c380f8f04694ee9ca39682a185594
657265046d5938fc99e31cbedb06aaecc140d9f4
d1d18277c107857af89e104d8de04d55223d76e6962ea73bee16905a6b00888b

HTTP Headers

GET /manage/style.css?v=563 HTTP/1.1
Host: static.synergywholesale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itsn.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 07:18:15 GMT
content-type: text/css
last-modified: Tue, 28 Feb 2023 04:48:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13155
date: Wed, 18 Dec 2024 07:18:15 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2

static.ventraip.com.au/wholesale/js/fancybox.js

103.42.108.77

200 OK

5.2 kB

URL GET HTTP/2
static.ventraip.com.au/wholesale/js/fancybox.js
IP
103.42.108.77:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerLet's Encrypt
Subjectstatic.ventraip.com.au
FingerprintB5:21:81:68:B5:95:8B:18:36:FF:B2:AC:DB:57:14:71:54:08:DD:61
ValidityThu, 21 Nov 2024 14:25:59 GMT - Wed, 19 Feb 2025 14:25:58 GMT

File type
JavaScript source, ASCII text, with very long lines (752)
Size
5.2 kB (5227 bytes)
Hash
8bc36a08c46719377528d962966ce37c
caeb31e930068ce5820b239d44d8415f95957138
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561

HTTP Headers

GET /wholesale/js/fancybox.js HTTP/1.1
Host: static.ventraip.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itsn.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 07:18:15 GMT
content-type: application/javascript
last-modified: Mon, 24 Sep 2012 01:12:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5227
date: Wed, 18 Dec 2024 07:18:15 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@sweetalert2/theme-default@4/default.css

151.101.193.229

200 OK

4.5 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@sweetalert2/theme-default@4/default.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
ASCII text, with very long lines (377)
Size
4.5 kB (4493 bytes)
Hash
ba4b53211e0aefdb2711e56fc13bfaff
3732c6e16b6f2048db64c052612cee9b78eea47b
bbfac7a3ba7357febdeea5f08ff09ac75c8ea3dd3e686a569fd803e637b76410

HTTP Headers

GET /npm/@sweetalert2/theme-default@4/default.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.synergywholesale.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.5
x-jsd-version-type: version
etag: W/"79d8-NzLG4WtvIEjbZMBSYSzum3jupHs"
content-encoding: br
accept-ranges: bytes
date: Wed, 18 Dec 2024 07:18:15 GMT
age: 17264
x-served-by: cache-fra-eddf8230063-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4493
X-Firefox-Spdy: h2

manage.synergywholesale.com/images/default.png

103.42.108.64

301 Moved Permanently

707 B

URL GET HTTP/2
manage.synergywholesale.com/images/default.png
IP
103.42.108.64:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuercPanel, LLC
Subjectmanage.synergywholesale.com
Fingerprint57:9A:61:B4:FC:AA:D2:DE:35:03:98:67:24:35:47:22:84:FF:8B:29
ValiditySun, 20 Oct 2024 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

HTTP Headers

GET /images/default.png HTTP/1.1
Host: manage.synergywholesale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itsn.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Wed, 18 Dec 2024 07:18:15 GMT
server: LiteSpeed
location: https://manage.synergywholesale.com/img/default.png
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://*.livechatinc.com 'self'
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2

static.synergywholesale.com/manage/js/core.js?v=29

103.42.108.78

200 OK

3.2 kB

URL GET HTTP/2
static.synergywholesale.com/manage/js/core.js?v=29
IP
103.42.108.78:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerLet's Encrypt
Subject*.static.synergywholesale.com
Fingerprint81:21:82:7A:A4:A3:31:3A:72:BC:59:7A:34:7B:21:A9:E0:55:A7:EE
ValidityMon, 11 Nov 2024 14:26:18 GMT - Sun, 09 Feb 2025 14:26:17 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
3.2 kB (3232 bytes)
Hash
bcc0f9133608f945fa5e134705a9427d
33ff38b6441bec136112a3dc77e9ce99d6930187
f08f2b439d866179b748a4216f30d519bdce54bb8464867e416963c8e7e9650d

HTTP Headers

GET /manage/js/core.js?v=29 HTTP/1.1
Host: static.synergywholesale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itsn.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 07:18:15 GMT
content-type: application/javascript
last-modified: Mon, 30 Jun 2014 04:35:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3232
date: Wed, 18 Dec 2024 07:18:15 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

manage.synergywholesale.com/inc/style/scss/toastr.css

103.42.108.64

200 OK

77 B

URL GET HTTP/2
manage.synergywholesale.com/inc/style/scss/toastr.css
IP
103.42.108.64:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuercPanel, LLC
Subjectmanage.synergywholesale.com
Fingerprint57:9A:61:B4:FC:AA:D2:DE:35:03:98:67:24:35:47:22:84:FF:8B:29
ValiditySun, 20 Oct 2024 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
72777a030e89ab0cbb0f10c799c2e4d9
2309eb028a2143fa452012323ecca5a81144c981
b485d5d45c1640635565f95d484795f28dac0a250e1ce1db3c31281a221669b8

HTTP Headers

GET /inc/style/scss/toastr.css HTTP/1.1
Host: manage.synergywholesale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.synergywholesale.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
set-cookie: synws=kb9h8lnuqstlvvlaamk3h45hop; expires=Wed, 18 Dec 2024 07:33:15 GMT; Max-Age=900; path=/; domain=manage.synergywholesale.com; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-length: 77
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Dec 2024 07:18:15 GMT
server: LiteSpeed
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://*.livechatinc.com 'self'
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

manage.synergywholesale.com/img/default.png

103.42.108.64

200 OK

2.4 kB

URL GET HTTP/2
manage.synergywholesale.com/img/default.png
IP
103.42.108.64:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuercPanel, LLC
Subjectmanage.synergywholesale.com
Fingerprint57:9A:61:B4:FC:AA:D2:DE:35:03:98:67:24:35:47:22:84:FF:8B:29
ValiditySun, 20 Oct 2024 00:00:00 GMT - Sat, 18 Jan 2025 23:59:59 GMT

File type
PNG image data, 410 x 30, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2354 bytes)
Hash
be8d5b2623fe74bf0016e149a0e63069
a76a223858b80a63962ebdb066f0b39d8ab0ab64
515fe162dcf5893f32b31a3982ae60c1b271e5e1c926aac94dbf5d5bd3f9d11c

HTTP Headers

GET /img/default.png HTTP/1.1
Host: manage.synergywholesale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://itsn.com.au/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Wed, 25 Dec 2024 07:18:16 GMT
content-type: image/png
last-modified: Tue, 13 Aug 2024 02:08:07 GMT
accept-ranges: bytes
content-length: 2354
date: Wed, 18 Dec 2024 07:18:16 GMT
server: LiteSpeed
x-frame-options: DENY
x-content-type-options: nosniff
content-security-policy: frame-ancestors https://*.livechatinc.com 'self'
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

216.58.207.227

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21224, version 1.0
Size
21 kB (21224 bytes)
Hash
13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

HTTP Headers

GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://itsn.com.au
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Dec 2024 04:18:21 GMT
expires: Sun, 14 Dec 2025 04:18:21 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
age: 356395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint5E:64:A9:4C:59:5A:8F:EC:57:D9:7F:C4:7E:70:AC:88:F2:67:F1:79
ValidityMon, 04 Nov 2024 08:38:50 GMT - Mon, 27 Jan 2025 08:38:49 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22376, version 1.0
Size
22 kB (22376 bytes)
Hash
e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

HTTP Headers

GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://itsn.com.au
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Dec 2024 19:03:42 GMT
expires: Sat, 13 Dec 2025 19:03:42 GMT
cache-control: public, max-age=31536000
age: 389674
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

itsn.com.au/favicon.ico

103.42.108.46

200 OK

891 B

URL GET HTTP/3
itsn.com.au/favicon.ico
IP
103.42.108.46:443
ASN
#45638 SYNERGY WHOLESALE PTY LTD

Requested by
https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Certificate
IssuerZeroSSL
Subjectitsn.com.au
Fingerprint2B:45:5E:45:64:35:DB:65:34:CB:E0:7C:E8:35:FD:47:4C:AE:C7:E4
ValidityWed, 20 Nov 2024 00:00:00 GMT - Tue, 18 Feb 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
891 B (891 bytes)
Hash
b913e2490d2de07950aba30cf304e6f8
ad2a417d161869d3229e7f780cf2c4991b1eeb81
1e2a6635d8308ce418e276dfa38ddf6419e727c85d5fce87979fde811755c942

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: itsn.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://itsn.com.au/new/wp-content/plugins/ubh/tf/li/login.php?cmd=login_submit&id=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9&session=086bfbbeb672105eb9fefe3d19301ee9086bfbbeb672105eb9fefe3d19301ee9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 891
cache-control: no-cache, private
date: Wed, 18 Dec 2024 07:18:16 GMT

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size