he22dzuh.dreamwp.com Open in urlscan Pro
122.201.127.230  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://acaciadining.com.au/ar/ Page URL
2. https://he22dzuh.dreamwp.com/ar/ar/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ acaciadining.com.au/ar/	92 B 358 B	16ms 7ms	Document text/html	203.170.87.121 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL http://acaciadining.com.au/ar/ Protocol HTTP/1.1 Server 203.170.87.121 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ipcbaa5779.ipv4.syd02.ds.network Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Accept-Ranges bytes Content-Encoding gzip Content-Length 109 Content-Type text/html Date Mon, 06 Nov 2023 13:14:38 GMT Last-Modified Sat, 04 Nov 2023 07:10:22 GMT Server nginx Upgrade h2,h2c Vary Accept-Encoding
GET H2	200	Primary Request / Show response he22dzuh.dreamwp.com/ar/ar/	634 B 481 B	226ms 58ms	Document text/html	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / PHP/8.2.11 Resource Hash 36eca8c152234c9df98fb97c9abae4e3d44f6fcc6e00147a94d250ae4e55f378 Request headers Referer http://acaciadining.com.au/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers content-encoding gzip content-length 345 content-type text/html; charset=UTF-8 date Mon, 06 Nov 2023 13:14:38 GMT server nginx vary Accept-Encoding x-powered-by PHP/8.2.11
GET H2	200	main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	197 KB 66 KB	12ms 12ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash 6be58f750389ffc8ab515ff2ab02b4f4bddc1cde0a09613fa123b86353df2dfc Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:38 GMT content-encoding gzip last-modified Fri, 16 Dec 2022 21:06:04 GMT server nginx etag W/"639cddbc-312aa" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:38 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 904 B	197ms 98ms	Stylesheet text/css	172.217.167.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Titillium+Web:wght@200;300;400;600;700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f10.1e100.net Software ESF / Resource Hash 820e9beb3ec6f407de6212dd800cba8046d583b2894705d3aeb2af3320d51a84 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 06 Nov 2023 13:14:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 06 Nov 2023 13:14:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 06 Nov 2023 13:14:38 GMT
GET H2	200	755.main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	88 KB 31 KB	21ms 20ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/755.main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash ee1aecfa9469f4bd2eb39f877fcc31e52ef73b7ba4e387042ef0075a58b3b931 Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:38 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 06:53:26 GMT server nginx etag W/"6371e5e6-1603f" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:38 GMT
GET H2	200	373.main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	3 KB 1 KB	6ms 6ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/373.main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash 0fffff6cb43b14abdcae68d2cc56ebfeefa2428da9acf9ee81f563a8e9c4997a Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:38 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 06:53:26 GMT server nginx etag W/"6371e5e6-d9e" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:38 GMT
GET H2	200	main.json Show response he22dzuh.dreamwp.com/ar/ar/includes/	2 KB 3 KB	34ms 34ms	XHR application/json	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/includes/main.json Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/755.main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash 089ff2b8a32512d26c49f3ff17ed6afeba40de9eea3e532bb946759dfcb27684 Request headers Accept */* Referer https://he22dzuh.dreamwp.com/ar/ar/ X-Requested-With XMLHttpRequest accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:38 GMT last-modified Mon, 23 Jan 2023 18:43:14 GMT server nginx accept-ranges bytes content-length 2558 content-type application/json
GET H2	404	ar.json Show response he22dzuh.dreamwp.com/ar/ar/includes/lang/	38 KB 11 KB	922ms 922ms	XHR text/html	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/includes/lang/ar.json Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/755.main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / PHP/8.2.11 Resource Hash 88a4c6d8b40cc7ad1dedecffd7083e4926bc1f9dadefc7c60bfad7425b4dc77f Request headers Accept */* Referer https://he22dzuh.dreamwp.com/ar/ar/ X-Requested-With XMLHttpRequest accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:39 GMT content-encoding gzip server nginx x-powered-by PHP/8.2.11 vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://he22dzuh.dreamwp.com/wp-json/>; rel="https://api.w.org/" content-length 10567 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 13 KB	109ms 3ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@200;300;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash 557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://he22dzuh.dreamwp.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 16:18:39 GMT x-content-type-options nosniff age 248159 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12372 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:30:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 02 Nov 2024 16:18:39 GMT
GET H2	200	en.json Show response he22dzuh.dreamwp.com/ar/ar/includes/lang/	2 KB 2 KB	16ms 16ms	XHR application/json	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/includes/lang/en.json Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/755.main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash 97800bd73acdc5559e315389590d3ca69bbe021c70692ef11ac556c68e8682ac Request headers Accept */* Referer https://he22dzuh.dreamwp.com/ar/ar/ X-Requested-With XMLHttpRequest accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:39 GMT last-modified Thu, 12 Jan 2023 02:43:04 GMT server nginx accept-ranges bytes content-length 1930 content-type application/json
GET H2	200	390.main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	4 KB 2 KB	7ms 6ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/390.main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash de6a55092cba78e1d149ad8c5859cba2d9fabefa2df040fbe495ae47e9f0515e Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:40 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 06:53:26 GMT server nginx etag W/"6371e5e6-10b1" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:40 GMT
GET H2	200	62.main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	59 KB 12 KB	41ms 39ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/62.main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash 8041d8259f8406dec8916bf08ff0ec0d601e187f0d15a4e315415fa758e1654c Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:40 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 06:53:26 GMT server nginx etag W/"6371e5e6-ec0d" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:40 GMT
GET H2	200	673.main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	2 KB 1 KB	50ms 49ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/673.main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash 685310e8af07d887161079d7059804cca2422c82c8e755f8d164f18c3dc2c6a5 Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:40 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 06:53:26 GMT server nginx etag W/"6371e5e6-9f3" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:40 GMT
GET H2	200	825.main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	17 KB 6 KB	7ms 6ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/825.main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash ac0f714c47fd74bf6d790035e2fd96911311e0c1609502c600640569a438170e Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:40 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 06:53:26 GMT server nginx etag W/"6371e5e6-42b9" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:40 GMT
GET H2	200	789.main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	6 KB 2 KB	27ms 26ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/789.main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash a299d125fd86893e8b4c547db5f9431518d45594e5596583a4f3f37fba69f39d Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:40 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 06:53:26 GMT server nginx etag W/"6371e5e6-1678" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:40 GMT
GET H2	200	352.main.min.js Show response he22dzuh.dreamwp.com/ar/ar/app-assets/js/	3 KB 2 KB	16ms 16ms	Script application/javascript	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/352.main.min.js Requested by Host: he22dzuh.dreamwp.com URL: https://he22dzuh.dreamwp.com/ar/ar/app-assets/js/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash 6670db93276fd9cad301be3295d57e478da3b19a7746d86c167b369f0cadf52b Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:40 GMT content-encoding gzip last-modified Mon, 14 Nov 2022 06:53:26 GMT server nginx etag W/"6371e5e6-c13" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Wed, 06 Dec 2023 13:14:40 GMT
GET H2	200	schedule_pickup.svg he22dzuh.dreamwp.com/ar/ar/app-assets/image/	2 KB 2 KB	11ms 11ms	Image image/svg+xml	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/image/schedule_pickup.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash 2a5e1fdc8e264327be71c3063cc6bf1dd8a618576310a5d26dc31ba8d6f83616 Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:40 GMT last-modified Fri, 13 Jan 2023 00:25:42 GMT server nginx accept-ranges bytes content-length 1775 content-type image/svg+xml
GET H2	200	Logo.svg he22dzuh.dreamwp.com/ar/ar/app-assets/image/	7 KB 7 KB	206ms 205ms	Image image/svg+xml	122.201.127.230 DREAMSCAPE-AS-AP ...
General Check archive.org Show headers Download Go to Show image Full URL https://he22dzuh.dreamwp.com/ar/ar/app-assets/image/Logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 122.201.127.230 , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU), Reverse DNS ip7ac97fe6.ipv4.syd02.ds.network Software nginx / Resource Hash e0447aa04943d0d047baf922ce6f286da4e50d62113aa19505f75705a9a46773 Request headers accept-language en-AU,en;q=0.9 Referer https://he22dzuh.dreamwp.com/ar/ar/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 06 Nov 2023 13:14:41 GMT last-modified Mon, 23 Jan 2023 18:31:38 GMT server nginx accept-ranges bytes content-length 7280 content-type image/svg+xml
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 12 KB	4ms 2ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@200;300;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://he22dzuh.dreamwp.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Fri, 03 Nov 2023 16:18:46 GMT x-content-type-options nosniff age 248154 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12136 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:07:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 02 Nov 2024 16:18:46 GMT
GET H2	200	NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 fonts.gstatic.com/s/titilliumweb/v17/	12 KB 12 KB	4ms 3ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v17/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Titillium+Web:wght@200;300;400;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://he22dzuh.dreamwp.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers date Mon, 30 Oct 2023 22:53:02 GMT x-content-type-options nosniff age 570098 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11796 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:48:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 29 Oct 2024 22:53:02 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Aramex (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkpostal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://he22dzuh.dreamwp.com/ar/ar/includes/lang/ar.json Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acaciadining.com.au
fonts.googleapis.com
fonts.gstatic.com
he22dzuh.dreamwp.com
122.201.127.230
142.251.221.67
172.217.167.74
203.170.87.121
089ff2b8a32512d26c49f3ff17ed6afeba40de9eea3e532bb946759dfcb27684
0fffff6cb43b14abdcae68d2cc56ebfeefa2428da9acf9ee81f563a8e9c4997a
2a5e1fdc8e264327be71c3063cc6bf1dd8a618576310a5d26dc31ba8d6f83616
36eca8c152234c9df98fb97c9abae4e3d44f6fcc6e00147a94d250ae4e55f378
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
6670db93276fd9cad301be3295d57e478da3b19a7746d86c167b369f0cadf52b
685310e8af07d887161079d7059804cca2422c82c8e755f8d164f18c3dc2c6a5
6be58f750389ffc8ab515ff2ab02b4f4bddc1cde0a09613fa123b86353df2dfc
8041d8259f8406dec8916bf08ff0ec0d601e187f0d15a4e315415fa758e1654c
820e9beb3ec6f407de6212dd800cba8046d583b2894705d3aeb2af3320d51a84
88a4c6d8b40cc7ad1dedecffd7083e4926bc1f9dadefc7c60bfad7425b4dc77f
97800bd73acdc5559e315389590d3ca69bbe021c70692ef11ac556c68e8682ac
a299d125fd86893e8b4c547db5f9431518d45594e5596583a4f3f37fba69f39d
ac0f714c47fd74bf6d790035e2fd96911311e0c1609502c600640569a438170e
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
de6a55092cba78e1d149ad8c5859cba2d9fabefa2df040fbe495ae47e9f0515e
e0447aa04943d0d047baf922ce6f286da4e50d62113aa19505f75705a9a46773
ee1aecfa9469f4bd2eb39f877fcc31e52ef73b7ba4e387042ef0075a58b3b931