62.210.130.225
Open in
urlscan Pro
62.210.130.225
Malicious Activity!
Public Scan
Effective URL: http://62.210.130.225/m/dashboard.php?reference=038ad8253986dbdf2540
Submission: On February 16 via manual from AU — Scanned from FR
Summary
This is the only time 62.210.130.225 was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Qantas (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 62.210.130.225 62.210.130.225 | 12876 (Online SAS) (Online SAS) | |
1 | 3.212.217.228 3.212.217.228 | () () | |
1 | 92.123.104.62 92.123.104.62 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 184.86.251.13 184.86.251.13 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::200a | 15169 (GOOGLE) (GOOGLE) | |
14 | 6 |
ASN- ()
PTR: ec2-3-212-217-228.compute-1.amazonaws.com
qantas.resultspage.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-104-62.deploy.static.akamaitechnologies.com
cdn.qantasloyalty.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-13.deploy.static.akamaitechnologies.com
www.qantas.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
qantas.com
www.qantas.com — Cisco Umbrella Rank: 188494 |
21 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 434 |
33 KB |
1 |
qantasloyalty.com
cdn.qantasloyalty.com — Cisco Umbrella Rank: 440705 |
690 B |
1 |
resultspage.com
qantas.resultspage.com — Cisco Umbrella Rank: 624611 |
1 KB |
14 | 4 |
Domain | Requested by | |
---|---|---|
2 | www.qantas.com |
62.210.130.225
|
1 | ajax.googleapis.com |
62.210.130.225
|
1 | cdn.qantasloyalty.com |
62.210.130.225
|
1 | qantas.resultspage.com |
62.210.130.225
|
14 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.qantas.com |
travelinsider.qantas.com.au |
help.qantas.com |
www.facebook.com |
twitter.com |
www.linkedin.com |
www.youtube.com |
instagram.com |
www.jetstar.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
qantasloyalty.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-06 - 2024-09-10 |
10 months | crt.sh |
qantas.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-11-06 - 2024-11-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://62.210.130.225/m/dashboard.php?reference=038ad8253986dbdf2540
Frame ID: A9D8F38406D61783161C30B3E1A8894E
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
error iconCheckboxPage URL History Show full URLs
-
http://62.210.130.225/m/
HTTP 302
http://62.210.130.225/m/dashboard.php?reference=038ad8253986dbdf2540 Page URL
Detected technologies
Adobe Experience Manager (CMS) ExpandDetected patterns
- /etc/designs/
PHP (Programming Languages) Expand
Detected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
41 Outgoing links
These are links going to different origins than the main page.
Title: Upgrade my browser
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Oneworld
Search URL Search Domain Scan URL
Title: Travel Insider
Search URL Search Domain Scan URL
Title: Where can I go?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Flights to Australia
Search URL Search Domain Scan URL
Title: Flights to New Zealand
Search URL Search Domain Scan URL
Title: Flights to Japan
Search URL Search Domain Scan URL
Title: Flights to Singapore
Search URL Search Domain Scan URL
Title: Flights to New Caledonia
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Qantas magazineOpens external site
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Flights to Australia
Search URL Search Domain Scan URL
Title: COVID-19 information
Search URL Search Domain Scan URL
Title: Manage booking
Search URL Search Domain Scan URL
Title: baggage allowances
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Help Opens external site
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Title: Baggage & Optional Service Fees
Search URL Search Domain Scan URL
Title: Customer Service Plan
Search URL Search Domain Scan URL
Title: Qantas Group
Search URL Search Domain Scan URL
Title: News Room
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: oneworld
Search URL Search Domain Scan URL
Title: More about Qantas
Search URL Search Domain Scan URL
Title: Qantas Centenary
Search URL Search Domain Scan URL
Title: Modern Slavery Act Statement
Search URL Search Domain Scan URL
Title: 1.4m+ likesOpens external site in a new window
Search URL Search Domain Scan URL
Title: 483k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
Title: 287k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
Title: 93k+ subscribersOpens external site in a new window
Search URL Search Domain Scan URL
Title: 933k+ followersOpens external site in a new window
Search URL Search Domain Scan URL
Title: JetstarOpens external site in a new window
Search URL Search Domain Scan URL
Title: eSSENTIAL AccessibilityTM
Search URL Search Domain Scan URL
Title: Privacy & Security
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Conditions of Carriage
Search URL Search Domain Scan URL
Title: Fare types
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://62.210.130.225/m/
HTTP 302
http://62.210.130.225/m/dashboard.php?reference=038ad8253986dbdf2540 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
dashboard.php
62.210.130.225/m/ Redirect Chain
|
543 KB 99 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
62.210.130.225/m/ |
210 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sli-rac.css
qantas.resultspage.com/autocomplete/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.bundle.css
cdn.qantasloyalty.com/assets/widgets/login/v2/ |
114 B 690 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-noncritical.min.39f8b7e771e1f7442c41e2b0eb8c5459.css
www.qantas.com/etc/designs/qcom/site/ |
74 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qantas-masterbrand-logo-40px.svg
62.210.130.225/m/ |
10 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
escape-au.jpg
62.210.130.225/m/ |
26 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Australia-flight-deals-190x135.jpg
62.210.130.225/m/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
qantas-explorer.jpg
62.210.130.225/m/ |
26 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
australian-domestic-network-190x440.jpg
62.210.130.225/m/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
315CA1_3_0.woff2
62.210.130.225/m/ |
48 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spritesheet-9632fb7044385395ce89846b873ea4e3.png
www.qantas.com/etc/designs/qantas/global/img/ |
11 KB 11 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
736 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
315CA1_1_0.woff2
62.210.130.225/m/ |
49 KB 49 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Qantas (Transportation)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| aler function| aler1 boolean| completed1 boolean| completed2 boolean| completed3 function| aler2 function| tcitle function| return_string function| checkelement2 function| all3 function| checkelement3 function| all4 function| checkelement4 function| all5 function| checkelement5 function| all6 function| checkelement6 function| $ function| jQuery function| formatString function| digitKeyOnly function| normalizeYear function| checkExp function| CCValidationWithType function| barranayek function| validinfo function| alorsondanse function| sleep function| demo0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.qantasloyalty.com
qantas.resultspage.com
www.qantas.com
184.86.251.13
2a00:1450:4001:80e::200a
3.212.217.228
62.210.130.225
92.123.104.62
0664e82539264eafd54fe31718f5f4d885348fe8f8c8268482fe29c0043f3e98
35fa5ea21f04e1a7a7034603bf54e989b0248ff403fd904dc6fbe4fdfcd7e02a
445b7df4c1fa8a4f1847e39edc7476fb8bec4c9e7aa3c4127ce4e61a300f6e00
450bb80667b0393d6caa03b172876b02fd39a64dc3fae3c7d398d22dad852b64
55adb2c8fa18eaba51ebf7ad393246020f4c827146c2d1fe30b38d4a47d2fbda
568f298a407bc58446b100508660aa5cbcd3d1272b595330d56207b9767e20ea
572e61cc03f163934166ecdb2f2ff546e2c3910e1832f2928c5dded01d604db1
5a1d9e8f0951eaf775165f9381733d44a10df8b8997d478fb04fadbf8c955d66
763a86d3b22b56dc063a25ec601d018d501c38aed49034fde8e2d3351f614f81
929994c943e6df422c54cdb9ab4e7b0b7e73cf9cd81d9e8f259789c8c5aacb15
acfecce6970a2ec8db6bbf3a51bcec7b2936d8930b0b7c84a079a315adb7b6c3
b2b64e5d45e5f4911d34343f60b7d15ba57d7ce1e4cc5dd69ac424bb79d84455
b964d246defe2ccf6dd3a0d3887ac9d09325a866b94bd57732219406654698a2
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
e33bf0e24ad4a7482d68c48aa84a576e57bd3d8cdd3256de1e72f3b08bff4fed