mail.onoisland.com Open in urlscan Pro
65.111.178.18 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mail.onoisland.com/accounts/index.php
Effective URL:
http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Submission: On October 10 via manual (October 10th 2019, 12:54:33 am UTC) from AU

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 65.111.178.18, located in Miami, United States and belongs to INFOLINK-MIA-US - Infolink Global Corporation, US. The main domain is mail.onoisland.com.

This is the only time mail.onoisland.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government) Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 6	65.111.178.18 65.111.178.18	15083 (INFOLINK-...) (INFOLINK-MIA-US - Infolink Global Corporation)
2	2407:6a00:c00... 2407:6a00:c00:0:161:146:235:225	18055 (CENTRELIN...) (CENTRELINK Department of Human Services)
4	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN - Netflix Streaming Services Inc.)
11	3

6 65.111.178.18 (Miami, United States) 1 redirects

ASN15083 (INFOLINK-MIA-US - Infolink Global Corporation, US)
PTR: mail.weboperations.net

mail.onoisland.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2407:6a00:c00:0:161:146:235:225 (Australia)

ASN18055 (CENTRELINK Department of Human Services, AU)

my.gov.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:86c0:2090::1 (United Kingdom)

ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	onoisland.com 1 redirects mail.onoisland.com	149 KB
4	nflxext.com assets.nflxext.com	72 KB
2	my.gov.au my.gov.au	117 KB
11	3

	Domain	Requested by
6	mail.onoisland.com	1 redirects mail.onoisland.com
4	assets.nflxext.com	mail.onoisland.com
2	my.gov.au	mail.onoisland.com
11	3

This site contains links to these domains. Also see Links.

Domain
www.verisign.com

Subject Issuer	Validity	Valid
www.my.gov.au DigiCert SHA2 Extended Validation Server CA	`2019-05-03` - `2020-06-10`	a year	crt.sh
*.1.nflxso.net DigiCert SHA2 Secure Server CA	`2019-10-09` - `2019-11-08`	a month	crt.sh

This page contains 1 frames:

Primary Page: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Frame ID: 20229DF23BDC9CA78AE0CE6DA4B0D066
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mail.onoisland.com/accounts/index.php HTTP 302
http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/logi... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Page Statistics

11
Requests

55 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

338 kB
Transfer

334 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.verisign.com/verisign-trust-seal
Title: ABOUT TRUST ONLINE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mail.onoisland.com/accounts/index.php HTTP 302
http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/
Redirect Chain

http://mail.onoisland.com/accounts/index.php
http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1

16 KB
16 KB

240ms
121ms

Document
text/html

65.111.178.18
Infolink Global C...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Server: 65.111.178.18 Miami, United States, ASN15083 (INFOLINK-MIA-US - Infolink Global Corporation, US),
Reverse DNS: mail.weboperations.net
Software: IceWarp/11.4.6.0 (2016-12-12) /
Resource Hash: 4fc7be09dfb1de999b7364fc8be959c95064973ec5956f25bde746711ec5456b

Request headers

Host: mail.onoisland.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: close
Server: IceWarp/11.4.6.0 (2016-12-12)
Date: Thu, 10 Oct 2019 00:54:13 GMT
Content-type: text/html

Redirect headers

Connection: close
Server: IceWarp/11.4.6.0 (2016-12-12)
Date: Thu, 10 Oct 2019 00:54:13 GMT
Status: 302 Moved Temporarily
location: e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Content-type: text/html

GET
H/1.1 200
OK none.css
mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/ 106 KB
106 KB 237ms
118ms Stylesheet
text/css 65.111.178.18
Infolink Global C...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/none.css
Requested by: Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Server: 65.111.178.18 Miami, United States, ASN15083 (INFOLINK-MIA-US - Infolink Global Corporation, US),
Reverse DNS: mail.weboperations.net
Software: IceWarp/11.4.6.0 (2016-12-12) /
Resource Hash: fc3bdd2d1d23143dea7e3b2b5524bbbdf9d9bfd7a0db8842374fea258d07a9c7

Request headers

Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:13 GMT
Last-Modified: Thu, 10 Oct 2019 00:54:14 GMT
Server: IceWarp/11.4.6.0 (2016-12-12)
Content-Type: text/css
Content-Length: 108760
Expires: Thu, 10 Oct 2029 00:54:13 GMT

GET
H/1.1 200
OK index.html
mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/ 16 KB
16 KB 245ms
124ms Stylesheet
text/html 65.111.178.18
Infolink Global C...

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Requested by: Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Server: 65.111.178.18 Miami, United States, ASN15083 (INFOLINK-MIA-US - Infolink Global Corporation, US),
Reverse DNS: mail.weboperations.net
Software: IceWarp/11.4.6.0 (2016-12-12) /
Resource Hash: 4fc7be09dfb1de999b7364fc8be959c95064973ec5956f25bde746711ec5456b

Request headers

Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:13 GMT
Server: IceWarp/11.4.6.0 (2016-12-12)
Connection: close
Content-type: text/html

GET
H/1.1 200
OK austgovt-inline-white.svg
my.gov.au/mygov/content/mgv2/icons/ 113 KB
114 KB 1521ms
305ms Image
image/svg+xml 2407:6a00:c00:0:161:146:235:225
CENTRELINK Depart...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.gov.au/mygov/content/mgv2/icons/austgovt-inline-white.svg

Requested by

Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

2407:6a00:c00:0:161:146:235:225 , Australia, ASN18055 (CENTRELINK Department of Human Services, AU),

Reverse DNS

Software

HTTPD/1.0.0 /

Resource Hash

42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-type: image/svg+xml
last-modified: Sat, 21 Sep 2019 11:31:14 GMT
Server: HTTPD/1.0.0
X-Frame-Options: SAMEORIGIN, DENY
vary: Accept-Encoding,User-Agent
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: Keep-Alive
accept-ranges: bytes
inst: {{ inst_id }}a
Keep-Alive: timeout=10, max=100
content-length: 115808
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK mygov-logo.svg
my.gov.au/mygov/content/mgv2/icons/ 2 KB
3 KB 1526ms
308ms Image
image/svg+xml 2407:6a00:c00:0:161:146:235:225
CENTRELINK Depart...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.gov.au/mygov/content/mgv2/icons/mygov-logo.svg

Requested by

Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

2407:6a00:c00:0:161:146:235:225 , Australia, ASN18055 (CENTRELINK Department of Human Services, AU),

Reverse DNS

Software

HTTPD/1.0.0 /

Resource Hash

91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:16 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-type: image/svg+xml
last-modified: Sat, 21 Sep 2019 12:05:01 GMT
Server: HTTPD/1.0.0
X-Frame-Options: SAMEORIGIN, DENY
vary: Accept-Encoding,User-Agent
p3p: CP="NON CUR OTPi OUR NOR UNI"
Connection: Keep-Alive
accept-ranges: bytes
inst: {{ inst_id }}a
Keep-Alive: timeout=10, max=100
content-length: 2209
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK question_mark.png
mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/ 564 B
806 B 238ms
119ms Image
application/octet-stream 65.111.178.18
Infolink Global C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/question_mark.png
Requested by: Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Server: 65.111.178.18 Miami, United States, ASN15083 (INFOLINK-MIA-US - Infolink Global Corporation, US),
Reverse DNS: mail.weboperations.net
Software: IceWarp/11.4.6.0 (2016-12-12) /
Resource Hash: 973576ba6483c6c75d1d55339c1cac5d742abef700ede0903341ab222a2ee7c2

Request headers

Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:14 GMT
Last-Modified: Thu, 10 Oct 2019 00:54:14 GMT
Server: IceWarp/11.4.6.0 (2016-12-12)
Content-Type: application/octet-stream
Content-Length: 564
Expires: Thu, 10 Oct 2029 00:54:14 GMT

GET
H/1.1 200
OK Capture.JPG
mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/ 10 KB
10 KB 237ms
119ms Image
image/jpeg 65.111.178.18
Infolink Global C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/Capture.JPG
Requested by: Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Server: 65.111.178.18 Miami, United States, ASN15083 (INFOLINK-MIA-US - Infolink Global Corporation, US),
Reverse DNS: mail.weboperations.net
Software: IceWarp/11.4.6.0 (2016-12-12) /
Resource Hash: 5d8178152ff8133326ecbfcd2f6de3c0395d270f9c4f4eb8c7978cf96eeed38a

Request headers

Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:14 GMT
Last-Modified: Thu, 10 Oct 2019 00:54:14 GMT
Server: IceWarp/11.4.6.0 (2016-12-12)
Content-Type: image/jpeg
Content-Length: 10095
Expires: Thu, 10 Oct 2029 00:54:14 GMT

GET
H/1.1 200
OK 12_11_2014_icon_visa_37x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ 859 B
1 KB 106ms
12ms Image
image/png 2a00:86c0:2090::1
Netflix Streaming...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/payment/12_11_2014_icon_visa_37x25.png
Requested by: Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7ed65da4bcdc5f0f68d20f2b489f2f1e4df6d5b1235ece01afd24624126be504

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/none.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:16 GMT
Last-Modified: Wed, 10 Jul 2019 23:52:28 GMT
Server: nginx
Content-MD5: InDyhjoqaXrupmtM5xGKHA==
Content-Type: image/png
Cache-Control: public, max-age=19647536
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 859
Expires: Wed, 15 Apr 2020 20:00:00 GMT

GET
H/1.1 200
OK 10_18_2014_icon_master_37x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ 833 B
1 KB 106ms
12ms Image
image/png 2a00:86c0:2090::1
Netflix Streaming...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/payment/10_18_2014_icon_master_37x25.png
Requested by: Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 4958e4d47607004834b13d3c29d91f8c15b2ab2c488a15d9745a039e970f0bf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/none.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:16 GMT
Last-Modified: Wed, 10 Jul 2019 23:52:28 GMT
Server: nginx
Content-MD5: xwSU1ALetVNBhYpdQPEPWw==
Content-Type: image/png
Cache-Control: public, max-age=16902556
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 833
Expires: Wed, 15 Apr 2020 20:00:00 GMT

GET
H/1.1 200
OK 10_18_2014_icon_amex_37x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ 525 B
854 B 105ms
12ms Image
image/png 2a00:86c0:2090::1
Netflix Streaming...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/payment/10_18_2014_icon_amex_37x25.png
Requested by: Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: cc5859d74f8cde62e1cdeeea341f85f9725d4f4398f58203aa1e5080faf1685a

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/none.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:16 GMT
Last-Modified: Wed, 10 Jul 2019 23:52:28 GMT
Server: nginx
Content-MD5: XUIHbO4+/oKKw/K3EvF4SA==
Content-Type: image/png
Cache-Control: public, max-age=19643747
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 525
Expires: Wed, 15 Apr 2020 20:00:00 GMT

GET
H/1.1 200
OK nf-icon-v1-88.woff
assets.nflxext.com/ffe/siteui/fonts/ 69 KB
69 KB 39ms
12ms Font
font/woff 2a00:86c0:2090::1
Netflix Streaming...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-88.woff
Requested by: Host: mail.onoisland.com
URL: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/index.html?LoginServices/main/login?execution=e1s1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a

Request headers

Sec-Fetch-Mode: cors
Referer: http://mail.onoisland.com/accounts/e6333245d7d11809272d8b2b9ba5d521/files/none.css
Origin: http://mail.onoisland.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 10 Oct 2019 00:54:16 GMT
Last-Modified: Fri, 27 Jan 2017 22:53:52 GMT
Server: nginx
Content-MD5: ezBCotj2o1GiKPEVK1YDAg==
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=17707838
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70204
Expires: Wed, 15 Apr 2020 20:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government) Netflix (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| FormValidation

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
mail.onoisland.com
my.gov.au
2407:6a00:c00:0:161:146:235:225
2a00:86c0:2090::1
65.111.178.18
42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721
4958e4d47607004834b13d3c29d91f8c15b2ab2c488a15d9745a039e970f0bf3
4fc7be09dfb1de999b7364fc8be959c95064973ec5956f25bde746711ec5456b
5d8178152ff8133326ecbfcd2f6de3c0395d270f9c4f4eb8c7978cf96eeed38a
7ed65da4bcdc5f0f68d20f2b489f2f1e4df6d5b1235ece01afd24624126be504
91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb
973576ba6483c6c75d1d55339c1cac5d742abef700ede0903341ab222a2ee7c2
ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a
cc5859d74f8cde62e1cdeeea341f85f9725d4f4398f58203aa1e5080faf1685a
fc3bdd2d1d23143dea7e3b2b5524bbbdf9d9bfd7a0db8842374fea258d07a9c7

mail.onoisland.com Open in urlscan Pro 65.111.178.18 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

55 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

338 kBTransfer

334 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

Indicators

mail.onoisland.com Open in urlscan Pro
65.111.178.18 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

55 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

338 kB
Transfer

334 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!