stash2020.com.au Open in urlscan Pro
116.0.23.174 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://stash2020.com.au/
Submission: On March 19 via manual (March 19th 2023, 10:42:53 pm UTC) from AU — Scanned from AU

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 10 HTTP transactions. The main IP is 116.0.23.174, located in Australia and belongs to DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU. The main domain is stash2020.com.au.
TLS certificate: Issued by R3 on February 18th 2023. Valid for: 3 months.

This is the only time stash2020.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	116.0.23.174 116.0.23.174	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
4	172.67.206.226 172.67.206.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	43.245.142.145 43.245.142.145	58717 (SUMMITCOM...) (SUMMITCOMMUNICATIONS-BD Summit Communications Ltd)
1	135.181.63.70 135.181.63.70	24940 (HETZNER-AS) (HETZNER-AS)
10	5

1 116.0.23.174 (Australia)

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: neptune.instanthosting.com.au

stash2020.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.206.226 (United States)

ASN13335 (CLOUDFLARENET, US)

nathanprinsley-files.prinsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.245.142.145 (Dhaka, Bangladesh)

ASN58717 (SUMMITCOMMUNICATIONS-BD Summit Communications Ltd, BD)
PTR: 43.245.142.summitiig.net

scontent.fdac24-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.181.63.70 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn15.top4top.io

j.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	prinsh.com nathanprinsley-files.prinsh.com	51 KB
1	top4top.io j.top4top.io
1	fbcdn.net scontent.fdac24-1.fna.fbcdn.net — Cisco Umbrella Rank: 143486	73 KB
1	stash2020.com.au stash2020.com.au	5 KB
0	googleapis.com Failed ajax.googleapis.com Failed
0	adfender.com Failed local.adfender.com Failed
10	6

	Domain	Requested by
4	nathanprinsley-files.prinsh.com	stash2020.com.au
1	j.top4top.io	stash2020.com.au
1	scontent.fdac24-1.fna.fbcdn.net	stash2020.com.au
1	stash2020.com.au
0	ajax.googleapis.com Failed	stash2020.com.au
0	local.adfender.com Failed	stash2020.com.au
10	6

This site contains no links.

Subject Issuer	Validity	Valid
mail.stash2020.com.au R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
*.prinsh.com E1	`2023-01-20` - `2023-04-20`	3 months	crt.sh
*.fdac24-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2023-02-01` - `2023-05-02`	3 months	crt.sh
top4top.io R3	`2023-03-01` - `2023-05-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://stash2020.com.au/
Frame ID: 5E1D8A75AD9E7BF79D50460DADAAC98E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hacked By Systemadminbd

Page Statistics

10
Requests

70 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

129 kB
Transfer

225 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response stash2020.com.au/	5 KB 5 KB	429ms 99ms	Document text/html	116.0.23.174 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://stash2020.com.au/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 116.0.23.174 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS neptune.instanthosting.com.au Software Apache / PHP/7.1.33 Resource Hash `a01a34c3696c271bebce8482df69683ca61589aa536c0bc9488c08943258b276` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Sun, 19 Mar 2023 22:42:48 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked X-Powered-By PHP/7.1.33
GET H2	200	deface(04-01).js Show response nathanprinsley-files.prinsh.com/data-1/js/	15 KB 5 KB	517ms 323ms	Script application/javascript	172.67.206.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nathanprinsley-files.prinsh.com/data-1/js/deface(04-01).js Requested by Host: stash2020.com.au URL: https://stash2020.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.206.226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Prinsh.com Resource Hash `f0facce8d702f534d040f1d0d733bcde6e02c19d9660170c60cae7ad2a82f8fc` Request headers accept-language en-AU,en;q=0.9 Referer https://stash2020.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-fastly-request-id 2060b0d6a7f8766e591a8f4bb865f8f994bcc954 date Sun, 19 Mar 2023 22:42:49 GMT via 1.1 varnish content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expires Sun, 19 Mar 2023 17:52:01 GMT x-powered-by Prinsh.com x-cache MISS x-proxy-cache HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-mel11259-MEL last-modified Sun, 04 Sep 2022 12:51:39 GMT server cloudflare x-github-request-id AC18:3F3F:133C1:1A3A8:64174998 x-timer S1679247769.579279,VS0,VE268 author Nathan Prinsley etag W/"63149f5b-3c85" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEDkA6cZLANZUpLFu2vhVYTGzGpmXwEBtdJkplw81rvTFB9l2X8dfDqc34gN75JH4dNyU9Vbq3McXIt0L0WJjBN90%2BUQ2hTBTzECKaEHgINOnbtsJxrtPW8aoG9kghRYVW8Y%2B46dj9MJWCH0KYCEvzJ4"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 7aa93b0f18235aa8-MEL x-cache-hits 0
GET H2	200	deface(04-02).js Show response nathanprinsley-files.prinsh.com/data-1/js/	11 KB 5 KB	519ms 326ms	Script application/javascript	172.67.206.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nathanprinsley-files.prinsh.com/data-1/js/deface(04-02).js Requested by Host: stash2020.com.au URL: https://stash2020.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.206.226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Prinsh.com Resource Hash `1307228de4700b3294dc42a6af6a5bd3eaae51eb53385a2a2a3dc5817eb08456` Request headers accept-language en-AU,en;q=0.9 Referer https://stash2020.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-fastly-request-id 426f9568c1a760ed853ec786cbdff333b007d334 date Sun, 19 Mar 2023 22:42:49 GMT via 1.1 varnish content-encoding br expires Sun, 19 Mar 2023 17:52:48 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-proxy-cache MISS x-powered-by Prinsh.com x-cache MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-mel11256-MEL last-modified Sun, 04 Sep 2022 12:51:39 GMT server cloudflare x-github-request-id 4FDE:14A5:3DDD71:478FB7:64174998 x-timer S1679247769.576941,VS0,VE221 author Nathan Prinsley etag W/"63149f5b-2ac1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMDn1RZLtNoTxkDR9QJweS7spDMjHdS4Swl6faBR4KbNpO0TRUuMs6m%2BOoT98iBsY9fN1MVbISSIeF74epeTydj6pHuDBr2eHyw%2FmMJhz1EH%2BFmu4C6EYQuT4TDipN3yzjqeJpESMW7k8hWhVyenqrJ%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 x-origin-cache HIT cf-ray 7aa93b0f18255aa8-MEL x-cache-hits 0
GET H2	200	deface(04-03).js Show response nathanprinsley-files.prinsh.com/data-1/js/	3 KB 1 KB	509ms 316ms	Script application/javascript	172.67.206.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nathanprinsley-files.prinsh.com/data-1/js/deface(04-03).js Requested by Host: stash2020.com.au URL: https://stash2020.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.206.226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Prinsh.com Resource Hash `608bc385822d9842f3aa857c14a0b78669ab241c1436f91a21256d0a3c32994d` Request headers accept-language en-AU,en;q=0.9 Referer https://stash2020.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-fastly-request-id 0219fb61a900c8ecad84edd80c9eecbf2a16494d date Sun, 19 Mar 2023 22:42:49 GMT via 1.1 varnish content-encoding br expires Sun, 19 Mar 2023 17:52:49 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-proxy-cache MISS x-powered-by Prinsh.com x-cache MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-mel11255-MEL last-modified Sun, 04 Sep 2022 12:51:39 GMT server cloudflare x-github-request-id 6738:14CE:380246:40E616:64174998 x-timer S1679247769.576023,VS0,VE639 author Nathan Prinsley etag W/"63149f5b-aee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xt68CsWkuDQei4eFh%2BMFI0u6WTenTHQ0NT3qC33LXFIZxPVSBiXBQcAGB8PAtnlP7DFuc%2FfQFiF1NFIh6ECXDg%2F2QV5lHVDUHX4mEMfkTpNCkkZl0xjJsED1EC6ijZfg1V1TAmo9K5LqFrqPTjN1HISM"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 x-origin-cache HIT cf-ray 7aa93b0f18265aa8-MEL x-cache-hits 0
GET		elemhide.js local.adfender.com/adfender/	0 0

GET		elemhide.js local.adfender.com/adfender/	0 0

GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/1.3.1/	0 0

GET H2	200	NathanPrinsley-hacked_gif.gif nathanprinsley-files.prinsh.com/data-1/images/	39 KB 39 KB	331ms 331ms	Image image/gif	172.67.206.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://nathanprinsley-files.prinsh.com/data-1/images/NathanPrinsley-hacked_gif.gif Requested by Host: stash2020.com.au URL: https://stash2020.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.206.226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Prinsh.com Resource Hash `6d9b9bb7a51d1a25038eaf1c34339d1d7221dc638bf96cf31935bf132892b0e5` Request headers accept-language en-AU,en;q=0.9 Referer https://stash2020.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-fastly-request-id 803b35dd8a1da7f352cc832e5650266607b87bcf date Sun, 19 Mar 2023 22:42:49 GMT via 1.1 varnish expires Sun, 19 Mar 2023 17:52:50 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-proxy-cache MISS x-powered-by Prinsh.com x-cache MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 39938 x-served-by cache-mel11273-MEL last-modified Sun, 04 Sep 2022 12:51:39 GMT server cloudflare x-github-request-id 4FDE:14A5:3DDD74:478FBC:6417499A x-timer S1679247770.257010,VS0,VE234 author Nathan Prinsley etag "63149f5b-9c02" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AWc7Keu60bvdaTsifK0hbb98y4OpWtnYoOC18Pwap1%2BqMVoOTsry3tHNmmnEd7fy9JZf%2FNouyrJxdnAZEc7ZwREAmPEEHZNGWtvGzUBRUgZt6nLZ5drdGYQkgU7cpX%2FUl8O0e129YvBT%2F2%2BfZ1tVacV"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes x-origin-cache HIT cf-ray 7aa93b112ac15aa8-MEL x-cache-hits 0
GET H2	200	327206530_509991204581088_138219255869853646_n.jpg scontent.fdac24-1.fna.fbcdn.net/v/t39.30808-6/	73 KB 73 KB	645ms 214ms	Image image/jpeg	43.245.142.145 SUMMITCOMMUNICATI...
General Check archive.org Show headers Download Go to Show image Full URL https://scontent.fdac24-1.fna.fbcdn.net/v/t39.30808-6/327206530_509991204581088_138219255869853646_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=8631f5&_nc_eui2=AeGzFgv9er0p3WcnozBUWEcoSglpvL-vX-pKCWm8v69f6u0j1_3iVSqq6FculOkoK8VU2p_UrY0DBk4lGhMRTODy&_nc_ohc=IV1dAdTnLwYAX9lofRJ&_nc_ht=scontent.fdac24-1.fna&oh=00_AfDiSsYGtTR09VAtZE34xWTVUrsfgS9t2JfFsl10df8stw&oe=641C547E Requested by Host: stash2020.com.au URL: https://stash2020.com.au/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 43.245.142.145 Dhaka, Bangladesh, ASN58717 (SUMMITCOMMUNICATIONS-BD Summit Communications Ltd, BD), Reverse DNS 43.245.142.summitiig.net Software / Resource Hash `7e9d98d7e448fc55b6bcb69760b2550921ccfbcbf2b75dd567b9eae667d78bd3` Request headers accept-language en-AU,en;q=0.9 Referer https://stash2020.com.au/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers x-haystack-needlechecksum 934590838 date Sun, 19 Mar 2023 22:42:49 GMT x-storage-error-category dfs:none;hs_p:200:HS_ESUCCESS last-modified Mon, 23 Jan 2023 09:11:47 GMT content-type image/jpeg access-control-allow-origin * content-digest adler32=2035095315 cache-control max-age=1209600, no-transform cross-origin-resource-policy cross-origin x-needle-checksum 2035095315 accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=86400 priority u=3,i content-length 74395
GET H2	206	m_26340k3jt1.mp3 j.top4top.io/	80 KB 0	1398ms 676ms	Media audio/mpeg	135.181.63.70 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://j.top4top.io/m_26340k3jt1.mp3 Requested by Host: stash2020.com.au URL: https://stash2020.com.au/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cdn15.top4top.io Software nginx / Resource Hash Request headers Referer https://stash2020.com.au/ Accept-Encoding identity;q=1, ;q=0 accept-language* en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Range bytes=0- Response headers x-file-id x53639373x date Sun, 19 Mar 2023 22:42:50 GMT last-modified Sun, 19 Mar 2023 17:10:51 GMT server nginx etag "6417421b-3a598" content-type audio/mpeg Content-Range bytes 0-238999/239000 cache-control max-age=7200 content-disposition inline; filename="Ya%20Haq%20Ya%20Haq.mp3" Content-Length 239000 expires Mon, 20 Mar 2023 00:42:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: local.adfender.com
URL: http://local.adfender.com/adfender/elemhide.js

Domain: local.adfender.com
URL: http://local.adfender.com/adfender/elemhide.js

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://stash2020.com.au/ Message: Mixed Content: The page at 'https://stash2020.com.au/' was loaded over HTTPS, but requested an insecure script 'http://local.adfender.com/adfender/elemhide.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://stash2020.com.au/ Message: Mixed Content: The page at 'https://stash2020.com.au/' was loaded over HTTPS, but requested an insecure script 'http://local.adfender.com/adfender/elemhide.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://stash2020.com.au/ Message: Mixed Content: The page at 'https://stash2020.com.au/' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
j.top4top.io
local.adfender.com
nathanprinsley-files.prinsh.com
scontent.fdac24-1.fna.fbcdn.net
stash2020.com.au
ajax.googleapis.com
local.adfender.com
116.0.23.174
135.181.63.70
172.67.206.226
43.245.142.145
1307228de4700b3294dc42a6af6a5bd3eaae51eb53385a2a2a3dc5817eb08456
608bc385822d9842f3aa857c14a0b78669ab241c1436f91a21256d0a3c32994d
6d9b9bb7a51d1a25038eaf1c34339d1d7221dc638bf96cf31935bf132892b0e5
7e9d98d7e448fc55b6bcb69760b2550921ccfbcbf2b75dd567b9eae667d78bd3
a01a34c3696c271bebce8482df69683ca61589aa536c0bc9488c08943258b276
f0facce8d702f534d040f1d0d733bcde6e02c19d9660170c60cae7ad2a82f8fc

stash2020.com.au Open in urlscan Pro 116.0.23.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

70 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

5 IPs

4 Countries

129 kBTransfer

225 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

stash2020.com.au Open in urlscan Pro
116.0.23.174 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

70 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

129 kB
Transfer

225 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions