Report - support.scars.org.au/

Report Overview

Visited public
2023-11-30 22:45:20
Tags
URL
support.scars.org.au/
Finishing URL
support.scars.org.au/
IP / ASN
185.184.154.193
#38719 Dreamscape Networks Limited
Title
Login to Customer Portals and Tools | DHL |

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
support.scars.org.au	unknown	unknown	No data	No data	6.0 kB	2.1 MB	185.184.154.193
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-11-30 05:09:24	1.1 kB	101 kB	151.101.193.229
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-11-30 08:44:14	477 B	32 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed
2023-11-30	medium	scars.org.au	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	support.scars.org.au/js/jquery-3.5.1.min.js	ScriptElement	218 kB	2023-03-29	2024-12-07
Pretty URL support.scars.org.au/js/jquery-3.5.1.min.js IP 185.184.154.193 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:38 Last Seen2024-12-07 10:56 Times Seen10 Hash 9d635bf35ca7480b33d763c16be412ec 3d2be87c8b4635cc7df3b9fe4cb24df643d37345 65b4b0f15c2ff1ee7ebcd6e01d2a2933b32c859c363c0715de58748eb4852b87 Loading...

	support.scars.org.au/js/jquery.mask.js	ScriptElement	18 kB	2023-03-29	2025-05-06
Pretty URL support.scars.org.au/js/jquery.mask.js IP 185.184.154.193 ASN #38719 Dreamscape Networks Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:38 Last Seen2025-05-06 20:56 Times Seen14 Hash 111fa435753549e96be05c5786e40374 001ba57e2c9805140bbf47714b12456e2daf4760 bd0fde99ca2baed2db43f34c82168dc7707f893c19a5658a115a2488b84a5f0e Loading...

HTTP Transactions (15)

URL IP Response Size

support.scars.org.au/

185.184.154.193

200 OK

2.0 kB

URL User Request GET HTTP/2
support.scars.org.au/
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
2.0 kB (2013 bytes)
Hash
6e9295ee1ced4a05235887a0d792ed2e
3e090562b25e2eaceb6b4aec4e25fbbda46ddd1d
c87a0c4d6075c23d55921476fe95a0afbe02fe7f75a3b5e578484f592e7b400b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/8.2.11
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 2013
content-type: text/html; charset=UTF-8
date: Thu, 30 Nov 2023 22:45:03 GMT
server: Apache
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css

151.101.193.229

200 OK

8.8 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://support.scars.org.au/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text
Size
8.8 kB (8770 bytes)
Hash
ea83ae92c684331d2096c4d3306a04de
1865dddcbb7b67dcef4250e590cc9a9574aba673
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

HTTP Headers

GET /npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.5.0
x-jsd-version-type: version
etag: W/"100a0-GGXd3Lt7Z9zvQlDlkMyalXSrpnM"
content-encoding: br
accept-ranges: bytes
date: Thu, 30 Nov 2023 22:45:05 GMT
age: 631512
x-served-by: cache-fra-eddf8230101-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8770
X-Firefox-Spdy: h2

support.scars.org.au/image/dhl-logo.svg

185.184.154.193

200 OK

1.6 kB

URL GET HTTP/2
support.scars.org.au/image/dhl-logo.svg
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.6 kB (1603 bytes)
Hash
3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/dhl-logo.svg HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 11:33:32 GMT
accept-ranges: bytes
content-length: 1603
content-type: image/svg+xml
date: Thu, 30 Nov 2023 22:45:05 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/image/camion.png

185.184.154.193

200 OK

6.8 kB

URL GET HTTP/2
support.scars.org.au/image/camion.png
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6755 bytes)
Hash
4d6c500f19032f9ad24f0c20751eb16c
41e562ed29a58274f0871409bc4dc29e07ab0314
9749654bdfcce79bc06740ed18ce854c5bc56fd419a8d59fc590777ba942105e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/camion.png HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 12:55:54 GMT
accept-ranges: bytes
content-length: 6755
content-type: image/png
date: Thu, 30 Nov 2023 22:45:05 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/css/posta.css

185.184.154.193

200 OK

3.4 kB

URL GET HTTP/2
support.scars.org.au/css/posta.css
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
ASCII text, with CRLF line terminators
Size
3.4 kB (3447 bytes)
Hash
8032556c410648f8f96a289cc0132d2e
40acb20d480cff0b8934c941937435555933eb1f
f0eb6184e61b43f0812f2faa5fbb50b7a42eaeec67ca1194d74a2dedd7960f98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/posta.css HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 28 Feb 2023 00:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3447
content-type: text/css
date: Thu, 30 Nov 2023 22:45:05 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/image/group.svg

185.184.154.193

200 OK

12 kB

URL GET HTTP/2
support.scars.org.au/image/group.svg
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656)
Size
12 kB (11968 bytes)
Hash
d1b0e043744fd642282117a03d308b17
d8abe7a0887b804e516c45a344c542e291a1a84b
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/group.svg HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:05:48 GMT
accept-ranges: bytes
content-length: 11968
content-type: image/svg+xml
date: Thu, 30 Nov 2023 22:45:05 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/image/socio.png

185.184.154.193

200 OK

1.3 kB

URL GET HTTP/2
support.scars.org.au/image/socio.png
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
PNG image data, 172 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1292 bytes)
Hash
85fcc8db797ded15a1e7736d80a98026
6167fd8c4ea5bc75ad6e668cd967d0a3715bec20
39b5e1fdc845a00e044f1d5136d4d365e319d79caae542b2abef7e9a7eb7d786

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/socio.png HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 23 Sep 2022 13:19:30 GMT
accept-ranges: bytes
content-length: 1292
content-type: image/png
date: Thu, 30 Nov 2023 22:45:05 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/js/jquery.mask.js

185.184.154.193

200 OK

6.3 kB

URL GET HTTP/2
support.scars.org.au/js/jquery.mask.js
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
ASCII text, with very long lines (18459), with no line terminators
Size
6.3 kB (6349 bytes)
Hash
111fa435753549e96be05c5786e40374
001ba57e2c9805140bbf47714b12456e2daf4760
bd0fde99ca2baed2db43f34c82168dc7707f893c19a5658a115a2488b84a5f0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.mask.js HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 28 Feb 2023 00:42:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6349
content-type: application/javascript
date: Thu, 30 Nov 2023 22:45:05 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/css/bootstrap.css

185.184.154.193

200 OK

129 kB

URL GET HTTP/2
support.scars.org.au/css/bootstrap.css
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
gzip compressed data, from Unix\012- data
Size
129 kB (128757 bytes)
Hash
71c9c292c2bb569afc29dae153003371
a26cc4d90a719c5f8bf4946ad51de7533584b1bb
45eab87b0484f75494ed7966e3d3274d20b9758e71a7ef7d0d039e1607e0b9f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 28 Feb 2023 00:41:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 30 Nov 2023 22:45:05 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/image/titiza.png

185.184.154.193

200 OK

1.7 MB

URL GET HTTP/2
support.scars.org.au/image/titiza.png
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
PNG image data, 1365 x 426, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 MB (1694457 bytes)
Hash
88b1e83223390f1e035ff2d2609ce98b
cf3ba9914db971cdef4bfb71d935e0b97232825c
bf90771220c51af99c6e15274dc84ee40078e8ddde71a823ad6ee98569a57733

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/titiza.png HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/css/posta.css
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 12:23:58 GMT
accept-ranges: bytes
content-length: 1694457
content-type: image/png
date: Thu, 30 Nov 2023 22:45:06 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/js/jquery.mask.js

185.184.154.193

200 OK

6.3 kB

URL GET HTTP/2
support.scars.org.au/js/jquery.mask.js
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
ASCII text, with very long lines (18459), with no line terminators
Size
6.3 kB (6349 bytes)
Hash
111fa435753549e96be05c5786e40374
001ba57e2c9805140bbf47714b12456e2daf4760
bd0fde99ca2baed2db43f34c82168dc7707f893c19a5658a115a2488b84a5f0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.mask.js HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 28 Feb 2023 00:42:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6349
content-type: application/javascript
date: Thu, 30 Nov 2023 22:45:07 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/image/favicon.ico

185.184.154.193

200 OK

1.2 kB

URL GET HTTP/2
support.scars.org.au/image/favicon.ico
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /image/favicon.ico HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 20 Sep 2022 10:50:38 GMT
accept-ranges: bytes
content-length: 1150
content-type: image/x-icon
date: Thu, 30 Nov 2023 22:45:08 GMT
server: Apache
X-Firefox-Spdy: h2

support.scars.org.au/js/jquery-3.5.1.min.js

185.184.154.193

200 OK

218 kB

URL GET HTTP/2
support.scars.org.au/js/jquery-3.5.1.min.js
IP
185.184.154.193:443
ASN
#38719 Dreamscape Networks Limited

Requested by
https://support.scars.org.au/
Certificate
IssuerLet's Encrypt
Subjectwww.scars.org.au
Fingerprint5A:1D:39:C2:E8:A7:C7:C0:FB:AD:E0:C9:7C:07:31:D6:2C:17:35:DB
ValiditySat, 25 Nov 2023 09:40:52 GMT - Fri, 23 Feb 2024 09:40:51 GMT

File type

Size
218 kB (218517 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-3.5.1.min.js HTTP/1.1
Host: support.scars.org.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Cookie: PHPSESSID=h0d734vgbim04367ttofjg5lfk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Tue, 28 Feb 2023 00:42:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 30 Nov 2023 22:45:05 GMT
server: Apache
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://support.scars.org.au/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://support.scars.org.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 22:45:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 758480
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82e69e665f9f56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

151.101.193.229

200 OK

90 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://support.scars.org.au/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 90528, version 1.0\012- data
Size
90 kB (90528 bytes)
Hash
e07b538aa51b6fa77f32828af21cb591
4649877868a0068ce50b105d0d2a235e8010c98f
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

HTTP Headers

GET /npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://support.scars.org.au
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-length: 90528
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.5.0
x-jsd-version-type: version
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
accept-ranges: bytes
date: Thu, 30 Nov 2023 22:45:06 GMT
age: 1984068
x-served-by: cache-fra-eddf8230031-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by