Report - jemi.so/telstra-signon

Report Overview

Submitted URL
jemi.so/telstra-signon
IP
76.76.21.61
ASN
#16509 AMAZON-02
Submitted
2024-04-26 06:45:07
Access
public
Website Title
jemi.so/telstra-signon
Final URL
jemi.so/telstra-signon
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	465 B	27 kB	151.101.1.229
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	1.3 kB	263 kB	142.250.74.168
o467631.ingest.sentry.io	unknown	2012-04-07	2022-07-18	2024-04-18	604 B	518 B	34.120.195.249
jemi.so	unknown	2021-07-31	2021-07-31	2024-04-09	13 kB	988 kB	76.76.21.9

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed
2024-04-26	medium	jemi.so	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	jemi.so/telstra-signon	337 B	2023-03-07	2024-05-04
Pretty URL jemi.so/telstra-signon IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:56:07 Last Seen2024-05-04 09:26:33 Times Seen245 Hash af84fa583acd58e504cad156cc108dd2 bf6d31608c90824e0c223778dacaec76cb71c39c a1d747a5c389759818a6147cf47eb0edab975e364b7a90283093b7d5a112b8dd Loading...

	jemi.so/_next/static/chunks/3197-844c8163e526cc23.js	72 kB	2023-08-09	2024-05-04
Pretty URL jemi.so/_next/static/chunks/3197-844c8163e526cc23.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-09 19:49:24 Last Seen2024-05-04 09:26:34 Times Seen458 Hash 46146652269df07359a4cbc7ce130fe9 941d4df5f4ad7611349578a18ed51609f186ab0c 3bbc1a1b709b6c24ef3b9a03f4078547f418a594016a28b8c4220bff7cadbd68 Loading...

	jemi.so/_next/static/chunks/5558-155e0b3da56e3635.js	25 kB	2023-08-01	2024-05-04
Pretty URL jemi.so/_next/static/chunks/5558-155e0b3da56e3635.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-01 09:21:45 Last Seen2024-05-04 09:26:34 Times Seen452 Hash a8480b11ceed756a979e774fc5dff51a bec72565a93fe00f2d9a40f59761890cf65980a0 bf20c6871d7521045b4c23aa3f0c860db877c2f3211ef4f747b8bc6f40f3ab5b Loading...

	jemi.so/_next/static/chunks/9119-1773690144b435e3.js	33 kB	2023-09-01	2024-05-04
Pretty URL jemi.so/_next/static/chunks/9119-1773690144b435e3.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-01 09:44:00 Last Seen2024-05-04 09:26:34 Times Seen291 Hash b9fe30532ee4d7bd3a23bfccd4c03f0f b92866da92fad30c4d7acf10ff96a41d7bb41ec0 c73e6783e6ffd2b939d47deda09de89c73b1eedacf9f826955b08ae1da90dbc1 Loading...

	jemi.so/telstra-signon	0 B	2023-03-07	2024-05-06
Pretty URL jemi.so/telstra-signon IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-06 13:40:30 Times Seen37377619 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=UA-158661454-5	194 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-158661454-5 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:45:08 Last Seen2024-04-26 08:45:09 Times Seen2 Hash 02ddc2b600a84c4e92d94ea1df704954 e1fd0d26ad92efcf36a35c9c45f4a8aeb2da48f8 acd150020a34fec7de76f507e03ceb6fe371df96b5306411ccbaec85386770a3 Loading...

	jemi.so/_next/static/chunks/170-1cbcffea1cd951ad.js	118 kB	2023-06-05	2024-05-04
Pretty URL jemi.so/_next/static/chunks/170-1cbcffea1cd951ad.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 14:56:52 Last Seen2024-05-04 09:26:34 Times Seen487 Hash fe1661142130a54547b4d91e324bbab5 47d976f2827f03f5ad46b29b67490d9f40ffd564 69ad9784d14138cb9585c6d82eca124ca5cd5bfe424833b427ef849e66384108 Loading...

	jemi.so/_next/static/chunks/500f6f06-04aadfe60e3aace1.js	81 kB	2023-06-05	2024-05-04
Pretty URL jemi.so/_next/static/chunks/500f6f06-04aadfe60e3aace1.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 14:56:52 Last Seen2024-05-04 09:26:34 Times Seen486 Hash 41dad15dc9131298a2a0b6a18c2eb4a7 cdf81f5bb5baf831bd590650aa087c4a59c234c2 745e8b7b4090c7f6c50eb1167c9867bd2ad46ff8a7e1f080784098b15955d3a6 Loading...

	jemi.so/_next/static/chunks/5720-b4ce86a272a7def2.js	28 kB	2023-06-05	2024-05-04
Pretty URL jemi.so/_next/static/chunks/5720-b4ce86a272a7def2.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 14:56:52 Last Seen2024-05-04 09:26:34 Times Seen474 Hash af5ab26f4e306d7b0738a9961c9fa7e3 a03709a0e77c38cdc87d760e980090dcc8eae057 1053dc448be5a1cf2d684d58f63d301a898de35e11f7207d0b8a8a6ec6967910 Loading...

	jemi.so/_next/static/g0PE8f_wbZr8vYEYSmJ1N/_buildManifest.js	20 kB	2023-10-10	2024-05-04
Pretty URL jemi.so/_next/static/g0PE8f_wbZr8vYEYSmJ1N/_buildManifest.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-10 08:07:58 Last Seen2024-05-04 09:26:34 Times Seen433 Hash 23adad29e913e6880e853dea5b3cbe43 ad66253d007afc74d7cf7896425b0c22da813d19 6675baeb8b28aa57c4066850ee53296a67ecda4841d9461eaa3048852287292b Loading...

	www.googletagmanager.com/gtag/js?id=G-D4VQTX6J04&l=dataLayer&cx=c	302 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-D4VQTX6J04&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:45:08 Last Seen2024-04-26 08:45:09 Times Seen2 Hash b7088bf5183a48d83a4fdcf93629e2c2 4cebcda1348774c6f55d0fce52075e10e4360539 ab8ec7d4dd2fd67a35932ecacfc83a5accdf3010753adce656c2da633e74bcf3 Loading...

	jemi.so/_next/static/chunks/webpack-5ee85024fb4420f2.js	11 kB	2023-08-28	2024-05-04
Pretty URL jemi.so/_next/static/chunks/webpack-5ee85024fb4420f2.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-28 12:16:27 Last Seen2024-05-04 09:26:34 Times Seen453 Hash bf38d0f1fd73845181ebbd4b36bad6a4 5ebb43b86687bd10fcc8e83ae6be5f356f0ac477 8543ce9fb26afd234d2ae4350ca0682177f23ef5b7baa3df0bcab6321eb9e875 Loading...

	jemi.so/_next/static/chunks/4474-5e5b3c270d0d0f4e.js	109 kB	2023-10-13	2024-05-04
Pretty URL jemi.so/_next/static/chunks/4474-5e5b3c270d0d0f4e.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 07:55:50 Last Seen2024-05-04 09:26:34 Times Seen426 Hash 32ea1cf7a00b94b9061739deffbd9c17 54b5b650a94d177c38ab357885c4e47d0f4d6474 2f8a95a0887534e500ba6903322feccb3cc0578686539638bec3f2ae7c6103ed Loading...

	jemi.so/_next/static/g0PE8f_wbZr8vYEYSmJ1N/_ssgManifest.js	3.0 kB	2023-07-25	2024-05-04
Pretty URL jemi.so/_next/static/g0PE8f_wbZr8vYEYSmJ1N/_ssgManifest.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-25 14:10:11 Last Seen2024-05-04 09:26:33 Times Seen277 Hash 884efd5e05ade7f54ced398c67dfd2e0 d151a073558b30d435b1e781d8eb970bebed745f 4105dff718bc27b60ff041eb7ea748a4c70e8f6a1ec8cc8358b73fd5905cf42b Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-06
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-06 13:36:13 Times Seen344603 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	jemi.so/_next/static/chunks/framework-640bc13ca36d2ce7.js	150 kB	2023-06-05	2024-05-04
Pretty URL jemi.so/_next/static/chunks/framework-640bc13ca36d2ce7.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 14:56:52 Last Seen2024-05-04 09:26:34 Times Seen486 Hash 5ec99efd5510c813f24b1cf8de3ddf40 9cfbf855b70f0ef895758bbda8c79167bdd533e6 9024be09193ab8db0f24c7ca86b741e580ada67521260f849e0d4b19e295af9a Loading...

	jemi.so/_next/static/chunks/8929-fdb4f64c0b4ec8f8.js	112 kB	2023-06-05	2024-05-04
Pretty URL jemi.so/_next/static/chunks/8929-fdb4f64c0b4ec8f8.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 14:56:52 Last Seen2024-05-04 09:26:34 Times Seen476 Hash de4f124b6403094122c4bbcefdf6de99 c8cc96eae2117a521a43fc7219d288ea46fa82e4 b3572b1c39f779358b508ddd2344d4f55dfd9d9a380d8ce6db0e62d453721527 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5XNKWSK	248 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5XNKWSK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 08:45:09 Last Seen2024-04-26 08:45:09 Times Seen2 Hash 9a0286862815378a6f8d817f21d0dd86 a55269beeed6e7f7241728c4fcaf3a7b459cb9f3 64e9567f9ca3f27275ef840c3c841bb500954ac967c674335d80b0e86ea31b6b Loading...

	jemi.so/_next/static/chunks/1370-85102a4a15630c01.js	23 kB	2023-06-09	2024-05-04
Pretty URL jemi.so/_next/static/chunks/1370-85102a4a15630c01.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 21:10:45 Last Seen2024-05-04 09:26:34 Times Seen479 Hash 7a27e091b8521cca65e9f29f5eef247d 54eb410d4a21cc0f391a370898ad584e91f9c6ac f36ad425fd0ce4a6b8cbb752ae079e6a3cc5cd5a6c667043d775787f3babbfe1 Loading...

	jemi.so/_next/static/chunks/main-4421775ead306739.js	146 kB	2023-06-05	2024-05-04
Pretty URL jemi.so/_next/static/chunks/main-4421775ead306739.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 14:56:52 Last Seen2024-05-04 09:26:34 Times Seen486 Hash 6d56b08483126eb83fc9f71e5e96e696 33c2e34c948b285aa60b42e15660917c6cdbb4bc 40b6b7841889cfb67b658f01a3ccde617de8a99d5696d864d4cdb2c3bb256a27 Loading...

	jemi.so/_next/static/chunks/pages/_app-64661cb84870842a.js	155 kB	2023-10-10	2024-05-04
Pretty URL jemi.so/_next/static/chunks/pages/_app-64661cb84870842a.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-10 08:07:58 Last Seen2024-05-04 09:26:34 Times Seen431 Hash 7d69492ba37f9714603d5f5c52bb34d0 113394d9defd2338d752b94f486cb93bbaff94c8 53df59ed432f1f23748f2540f1b3548edefea67d79b9ae27d8b142386c64fe92 Loading...

	jemi.so/_next/static/chunks/7758-4197ef430fa4064e.js	28 kB	2023-06-05	2024-05-04
Pretty URL jemi.so/_next/static/chunks/7758-4197ef430fa4064e.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 14:56:52 Last Seen2024-05-04 09:26:34 Times Seen487 Hash 3727112dc6220d94b69ad4c020c24109 0f0d96ec2d3b7c58f013239e86d3df7eef655bdc 1939dcdb0572cee2da6a2496335d8bd37d886332f36eaad59a28db18d95d440b Loading...

	jemi.so/_next/static/chunks/5675-59dde0e98cb22e67.js	9.2 kB	2023-06-05	2024-05-04
Pretty URL jemi.so/_next/static/chunks/5675-59dde0e98cb22e67.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 14:56:52 Last Seen2024-05-04 09:26:34 Times Seen284 Hash 727d8262ed75fcb242947dd3ed550811 d046de66aa15fec46e97bd45192ee7c81e30fe22 51a2097eb5e56f0688a7d38abc109842a275f60df3390e55e27256fdbdb37e50 Loading...

	jemi.so/_next/static/chunks/8764-86ee4dec8701906d.js	23 kB	2023-03-11	2024-05-04
Pretty URL jemi.so/_next/static/chunks/8764-86ee4dec8701906d.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:23:04 Last Seen2024-05-04 09:26:34 Times Seen636 Hash 1cec0f38062092613180b66e35d8a69d 744059a8c3c9f7b784993b371f8112399b4cf78f ad7f763190ef655e723439414f558f3bbca219ebb87aeb76cd24ad7de8d9e098 Loading...

	jemi.so/_next/static/chunks/pages/_site/%5Busername%5D-5b20a92d610723ad.js	4.7 kB	2023-07-25	2024-05-04
Pretty URL jemi.so/_next/static/chunks/pages/_site/%5Busername%5D-5b20a92d610723ad.js IP 76.76.21.9 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-25 14:10:12 Last Seen2024-05-04 09:26:34 Times Seen190 Hash 97aee99306b4d26b650b3238e8955e28 7ce76caf0dfc177836f7f4e5cea83867138ad53a 77c217ff3dc70e96414bcdc222417a472858836240e0f77bb9e6ac8fab24aaac Loading...

	jemi.so/sandbox%20eval%20code	147 B	2023-04-11	2024-05-06
Pretty URL jemi.so/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-06 13:36:13 Times Seen345110 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

HTTP Transactions (32)

URL IP Response Size

jemi.so/fonts/fonts.css

76.76.21.9

200 OK

657 B

URL GET HTTP/2
jemi.so/fonts/fonts.css
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
ASCII text
Size
657 B (657 bytes)
Hash
9653db0c2b8165ebc5c248be54cdb725
c2c4f22232db6b443f0dbecf97d96d329faffaaa
b9c73534d9400704b1eca01362b51bb772003fe5971a1fa6cd37bcb48ea22a8d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/fonts.css HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 7993443
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="fonts.css"
content-type: text/css; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: "9653db0c2b8165ebc5c248be54cdb725"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /fonts/fonts.css
x-vercel-cache: HIT
x-vercel-id: arn1::p4txg-1714113880150-dcc4c3af48d6
content-length: 657
X-Firefox-Spdy: h2

jemi.so/fonts/PlusJakartaSans-Bold.woff2

76.76.21.9

200 OK

41 kB

URL GET HTTP/2
jemi.so/fonts/PlusJakartaSans-Bold.woff2
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40912, version 1.0
Size
41 kB (40912 bytes)
Hash
965660d6c68800490955ed23e9a2659f
9b44e0bdd3e8b284d1d70fc8bb5400b67316fa2d
353802d2688c33b465048f6c0d479690165a25685343e3b329b7f1a91170af82

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/PlusJakartaSans-Bold.woff2 HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jemi.so/telstra-signon
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 7928440
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="PlusJakartaSans-Bold.woff2"
content-type: font/woff2
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: "965660d6c68800490955ed23e9a2659f"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /fonts/PlusJakartaSans-Bold.woff2
x-vercel-cache: HIT
x-vercel-id: arn1::mzv84-1714113880150-0564d7579d4d
content-length: 40912
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

151.101.1.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
26 kB (26333 bytes)
Hash
94994c66fec8c3468b269dc0cc242151
ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

HTTP Headers

GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jemi.so
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.3
x-jsd-version-type: version
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 06:44:40 GMT
age: 873623
x-served-by: cache-fra-etou8220101-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26333
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-158661454-5

142.250.74.168

200 OK

71 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-158661454-5
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (1763)
Size
71 kB (70924 bytes)
Hash
02ddc2b600a84c4e92d94ea1df704954
e1fd0d26ad92efcf36a35c9c45f4a8aeb2da48f8
acd150020a34fec7de76f507e03ceb6fe371df96b5306411ccbaec85386770a3

HTTP Headers

GET /gtag/js?id=UA-158661454-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 06:44:40 GMT
expires: Fri, 26 Apr 2024 06:44:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70924
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jemi.so/fonts/PlusJakartaSans-Medium.woff2

76.76.21.9

200 OK

41 kB

URL GET HTTP/2
jemi.so/fonts/PlusJakartaSans-Medium.woff2
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40748, version 1.0
Size
41 kB (40748 bytes)
Hash
3647c642c9e9bcdf4940ab895cb7af79
3984f763d821e16ab390d2f49acc6110a9eae165
ea2f1b941e29e9e53ddd227eebc459284c9cad128a3d22be20c1f25b6732d350

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/PlusJakartaSans-Medium.woff2 HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jemi.so/telstra-signon
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 7993495
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="PlusJakartaSans-Medium.woff2"
content-type: font/woff2
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: "3647c642c9e9bcdf4940ab895cb7af79"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /fonts/PlusJakartaSans-Medium.woff2
x-vercel-cache: HIT
x-vercel-id: arn1::4lt78-1714113880243-caef3f456e6d
content-length: 40748
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-5XNKWSK

142.250.74.168

200 OK

88 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-5XNKWSK
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (3204)
Size
88 kB (88425 bytes)
Hash
9a0286862815378a6f8d817f21d0dd86
a55269beeed6e7f7241728c4fcaf3a7b459cb9f3
64e9567f9ca3f27275ef840c3c841bb500954ac967c674335d80b0e86ea31b6b

HTTP Headers

GET /gtm.js?id=GTM-5XNKWSK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 06:44:40 GMT
expires: Fri, 26 Apr 2024 06:44:40 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88425
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=G-D4VQTX6J04&l=dataLayer&cx=c

142.250.74.168

200 OK

102 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-D4VQTX6J04&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
102 kB (101787 bytes)
Hash
b7088bf5183a48d83a4fdcf93629e2c2
4cebcda1348774c6f55d0fce52075e10e4360539
ab8ec7d4dd2fd67a35932ecacfc83a5accdf3010753adce656c2da633e74bcf3

HTTP Headers

GET /gtag/js?id=G-D4VQTX6J04&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 06:44:40 GMT
expires: Fri, 26 Apr 2024 06:44:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

o467631.ingest.sentry.io/api/5494296/envelope/?sentry_key=7a464dcf9e1a4530b4950fc23c9aa337&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.13.0

34.120.195.249

200 OK

2 B

URL POST HTTP/2
o467631.ingest.sentry.io/api/5494296/envelope/?sentry_key=7a464dcf9e1a4530b4950fc23c9aa337&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.13.0
IP
34.120.195.249:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerDigiCert Inc
Subjectingest.sentry.io
Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

POST /api/5494296/envelope/?sentry_key=7a464dcf9e1a4530b4950fc23c9aa337&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.13.0 HTTP/1.1
Host: o467631.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jemi.so/
Content-Type: text/plain;charset=UTF-8
Content-Length: 448
Origin: https://jemi.so
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 06:44:40 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jemi.so/_next/data/g0PE8f_wbZr8vYEYSmJ1N/telstra-signon.json?username=telstra-signon

76.76.21.9

200 OK

78 B

URL HEAD HTTP/2
jemi.so/_next/data/g0PE8f_wbZr8vYEYSmJ1N/telstra-signon.json?username=telstra-signon
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JSON text data
Size
78 B (78 bytes)
Hash
3461cd38629c3c1370a22458f45d4d7a
9959cd2f3779a6cbe5976ef4f2fddffeb275e468
aa97b77742d113bf29772771643009297c575f910df14db015223714db5840f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/data/g0PE8f_wbZr8vYEYSmJ1N/telstra-signon.json?username=telstra-signon HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jemi.so/telstra-signon
x-nextjs-data: 1
sentry-trace: 819ba7634fea4688993e50ffc85f7de8-8a3558bcc0965ff7-0
baggage: sentry-environment=production,sentry-release=e2828dfd94a097cb1cdb718bea402340ef2e2932,sentry-transaction=%2F_site%2F%5Busername%5D,sentry-public_key=7a464dcf9e1a4530b4950fc23c9aa337,sentry-trace_id=819ba7634fea4688993e50ffc85f7de8,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: application/json
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: "o5qng2a5m26"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/data/g0PE8f_wbZr8vYEYSmJ1N/_site/[username].json
x-nextjs-rewrite: /_site/telstra-signon?username=telstra-signon
x-vercel-cache: HIT
x-vercel-id: arn1::cle1::hvn7j-1714113880608-7fcc51b3f545
content-length: 78
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/pages/_app-64661cb84870842a.js

76.76.21.9

200 OK

48 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/pages/_app-64661cb84870842a.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
48 kB (48463 bytes)
Hash
7d69492ba37f9714603d5f5c52bb34d0
113394d9defd2338d752b94f486cb93bbaff94c8
53df59ed432f1f23748f2540f1b3548edefea67d79b9ae27d8b142386c64fe92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_app-64661cb84870842a.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7996080
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-64661cb84870842a.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"7d69492ba37f9714603d5f5c52bb34d0"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/pages/_app-64661cb84870842a.js
x-vercel-cache: HIT
x-vercel-id: arn1::k4p8g-1714113880155-5a5d2944383c
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/500f6f06-04aadfe60e3aace1.js

76.76.21.9

200 OK

32 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/500f6f06-04aadfe60e3aace1.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
32 kB (32104 bytes)
Hash
41dad15dc9131298a2a0b6a18c2eb4a7
cdf81f5bb5baf831bd590650aa087c4a59c234c2
745e8b7b4090c7f6c50eb1167c9867bd2ad46ff8a7e1f080784098b15955d3a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/500f6f06-04aadfe60e3aace1.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7990977
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="500f6f06-04aadfe60e3aace1.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"41dad15dc9131298a2a0b6a18c2eb4a7"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/500f6f06-04aadfe60e3aace1.js
x-vercel-cache: HIT
x-vercel-id: arn1::z47sk-1714113880157-938873b34590
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/5675-59dde0e98cb22e67.js

76.76.21.9

200 OK

9.0 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/5675-59dde0e98cb22e67.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (9182)
Size
9.0 kB (8984 bytes)
Hash
727d8262ed75fcb242947dd3ed550811
d046de66aa15fec46e97bd45192ee7c81e30fe22
51a2097eb5e56f0688a7d38abc109842a275f60df3390e55e27256fdbdb37e50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5675-59dde0e98cb22e67.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7982141
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5675-59dde0e98cb22e67.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"727d8262ed75fcb242947dd3ed550811"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/5675-59dde0e98cb22e67.js
x-vercel-cache: HIT
x-vercel-id: arn1::mc4qv-1714113880159-49dab1929d30
X-Firefox-Spdy: h2

jemi.so/_next/static/css/ec35c2edb97e1c77.css

76.76.21.9

200 OK

13 kB

URL GET HTTP/2
jemi.so/_next/static/css/ec35c2edb97e1c77.css
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
ASCII text, with very long lines (12049)
Size
13 kB (12899 bytes)
Hash
b0a5d31fc6cea6c5e5345ec405e6f8e9
f3812c5aef0819e33826c900137a31e42fb3ba9a
e58e6404584bdb2578340bd4e83019d23cca86a203213ffba603dfab96044e05

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/ec35c2edb97e1c77.css HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jemi.so/telstra-signon
sentry-trace: 819ba7634fea4688993e50ffc85f7de8-932378c01bf41ec4-0
baggage: sentry-environment=production,sentry-release=e2828dfd94a097cb1cdb718bea402340ef2e2932,sentry-transaction=%2F_site%2F%5Busername%5D,sentry-public_key=7a464dcf9e1a4530b4950fc23c9aa337,sentry-trace_id=819ba7634fea4688993e50ffc85f7de8,sentry-sample_rate=0.1
DNT: 1
Connection: keep-alive
Cookie: _ga_D4VQTX6J04=GS1.1.1714113880.1.0.1714113880.0.0.0; _ga=GA1.1.360341679.1714113881
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7987852
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="ec35c2edb97e1c77.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"b0a5d31fc6cea6c5e5345ec405e6f8e9"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/css/ec35c2edb97e1c77.css
x-vercel-cache: HIT
x-vercel-id: arn1::wvlgb-1714113880863-9f951095298e
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/7758-4197ef430fa4064e.js

76.76.21.9

200 OK

18 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/7758-4197ef430fa4064e.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (28201)
Size
18 kB (17460 bytes)
Hash
3727112dc6220d94b69ad4c020c24109
0f0d96ec2d3b7c58f013239e86d3df7eef655bdc
1939dcdb0572cee2da6a2496335d8bd37d886332f36eaad59a28db18d95d440b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/7758-4197ef430fa4064e.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7996239
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="7758-4197ef430fa4064e.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"3727112dc6220d94b69ad4c020c24109"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/7758-4197ef430fa4064e.js
x-vercel-cache: HIT
x-vercel-id: arn1::v7np9-1714113880159-ab940d6688ab
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/1370-85102a4a15630c01.js

76.76.21.9

200 OK

16 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/1370-85102a4a15630c01.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (22507)
Size
16 kB (16031 bytes)
Hash
7a27e091b8521cca65e9f29f5eef247d
54eb410d4a21cc0f391a370898ad584e91f9c6ac
f36ad425fd0ce4a6b8cbb752ae079e6a3cc5cd5a6c667043d775787f3babbfe1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1370-85102a4a15630c01.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7990971
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1370-85102a4a15630c01.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"7a27e091b8521cca65e9f29f5eef247d"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/1370-85102a4a15630c01.js
x-vercel-cache: HIT
x-vercel-id: arn1::fwksz-1714113880160-a098b804f282
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/9119-1773690144b435e3.js

76.76.21.9

200 OK

17 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/9119-1773690144b435e3.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (33161)
Size
17 kB (16552 bytes)
Hash
b9fe30532ee4d7bd3a23bfccd4c03f0f
b92866da92fad30c4d7acf10ff96a41d7bb41ec0
c73e6783e6ffd2b939d47deda09de89c73b1eedacf9f826955b08ae1da90dbc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/9119-1773690144b435e3.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7989744
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="9119-1773690144b435e3.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"b9fe30532ee4d7bd3a23bfccd4c03f0f"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/9119-1773690144b435e3.js
x-vercel-cache: HIT
x-vercel-id: arn1::8gckn-1714113880168-23096aaa666d
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/170-1cbcffea1cd951ad.js

76.76.21.9

200 OK

49 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/170-1cbcffea1cd951ad.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
49 kB (48893 bytes)
Hash
fe1661142130a54547b4d91e324bbab5
47d976f2827f03f5ad46b29b67490d9f40ffd564
69ad9784d14138cb9585c6d82eca124ca5cd5bfe424833b427ef849e66384108

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/170-1cbcffea1cd951ad.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7996239
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="170-1cbcffea1cd951ad.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"fe1661142130a54547b4d91e324bbab5"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/170-1cbcffea1cd951ad.js
x-vercel-cache: HIT
x-vercel-id: arn1::k4p8g-1714113880159-556ee249158e
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/framework-640bc13ca36d2ce7.js

76.76.21.9

200 OK

47 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/framework-640bc13ca36d2ce7.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
47 kB (47122 bytes)
Hash
5ec99efd5510c813f24b1cf8de3ddf40
9cfbf855b70f0ef895758bbda8c79167bdd533e6
9024be09193ab8db0f24c7ca86b741e580ada67521260f849e0d4b19e295af9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/framework-640bc13ca36d2ce7.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7996251
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-640bc13ca36d2ce7.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"5ec99efd5510c813f24b1cf8de3ddf40"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/framework-640bc13ca36d2ce7.js
x-vercel-cache: HIT
x-vercel-id: arn1::t5rxf-1714113880154-a92ce55d25f7
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/webpack-5ee85024fb4420f2.js

76.76.21.9

200 OK

18 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/webpack-5ee85024fb4420f2.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (10902)
Size
18 kB (18457 bytes)
Hash
bf38d0f1fd73845181ebbd4b36bad6a4
5ebb43b86687bd10fcc8e83ae6be5f356f0ac477
8543ce9fb26afd234d2ae4350ca0682177f23ef5b7baa3df0bcab6321eb9e875

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-5ee85024fb4420f2.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7993476
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-5ee85024fb4420f2.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"bf38d0f1fd73845181ebbd4b36bad6a4"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/webpack-5ee85024fb4420f2.js
x-vercel-cache: HIT
x-vercel-id: arn1::2nd9n-1714113880153-ecb8c8b21f73
X-Firefox-Spdy: h2

jemi.so/_next/static/g0PE8f_wbZr8vYEYSmJ1N/_ssgManifest.js

76.76.21.9

200 OK

4.4 kB

URL GET HTTP/2
jemi.so/_next/static/g0PE8f_wbZr8vYEYSmJ1N/_ssgManifest.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
ASCII text, with very long lines (2953), with no line terminators
Size
4.4 kB (4400 bytes)
Hash
884efd5e05ade7f54ced398c67dfd2e0
d151a073558b30d435b1e781d8eb970bebed745f
4105dff718bc27b60ff041eb7ea748a4c70e8f6a1ec8cc8358b73fd5905cf42b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/g0PE8f_wbZr8vYEYSmJ1N/_ssgManifest.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 7994109
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"884efd5e05ade7f54ced398c67dfd2e0"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/g0PE8f_wbZr8vYEYSmJ1N/_ssgManifest.js
x-vercel-cache: HIT
x-vercel-id: arn1::fdmlp-1714113880168-e66c232bc726
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/pages/_site/%5Busername%5D-5b20a92d610723ad.js

76.76.21.9

200 OK

4.7 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/pages/_site/%5Busername%5D-5b20a92d610723ad.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (4791), with no line terminators
Size
4.7 kB (4660 bytes)
Hash
d210a04d86334d4a41abac3be88e0a13
9f86a17076f9d6ae9a461cafe3cee9566ac2a3e5
6f30e0ae2b98a9e9a272e29739954ca084a2e2586b94fc55a76622049da0fc8e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_site/%5Busername%5D-5b20a92d610723ad.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7987430
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="[username]-5b20a92d610723ad.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"97aee99306b4d26b650b3238e8955e28"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/pages/_site/%5Busername%5D-5b20a92d610723ad.js
x-vercel-cache: HIT
x-vercel-id: arn1::fwksz-1714113880166-f39472b190ae
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/5558-155e0b3da56e3635.js

76.76.21.9

200 OK

25 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/5558-155e0b3da56e3635.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (25007)
Size
25 kB (25057 bytes)
Hash
a8480b11ceed756a979e774fc5dff51a
bec72565a93fe00f2d9a40f59761890cf65980a0
bf20c6871d7521045b4c23aa3f0c860db877c2f3211ef4f747b8bc6f40f3ab5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5558-155e0b3da56e3635.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7993516
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5558-155e0b3da56e3635.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"a8480b11ceed756a979e774fc5dff51a"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/5558-155e0b3da56e3635.js
x-vercel-cache: HIT
x-vercel-id: arn1::z47sk-1714113880165-a037695eb73a
X-Firefox-Spdy: h2

jemi.so/favicon.ico

76.76.21.9

200 OK

15 kB

URL GET HTTP/2
jemi.so/favicon.ico
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15406 bytes)
Hash
9c6dc05a50a822e07cbe8c8b5ce51b7f
6fbe37b19bfc1ef4e53432e679dedb1ca14fa681
1be2573b6deff5ca378d3a1e8132277def32d6a933be33c9541064484bcf1a75

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7996062
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="favicon.ico"
content-encoding: br
content-type: image/vnd.microsoft.icon
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"9c6dc05a50a822e07cbe8c8b5ce51b7f"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /favicon.ico
x-vercel-cache: HIT
x-vercel-id: arn1::8gckn-1714113880697-e474cbceb68c
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/5720-b4ce86a272a7def2.js

76.76.21.9

200 OK

28 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/5720-b4ce86a272a7def2.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (28227)
Size
28 kB (28277 bytes)
Hash
af5ab26f4e306d7b0738a9961c9fa7e3
a03709a0e77c38cdc87d760e980090dcc8eae057
1053dc448be5a1cf2d684d58f63d301a898de35e11f7207d0b8a8a6ec6967910

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5720-b4ce86a272a7def2.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7991871
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="5720-b4ce86a272a7def2.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"af5ab26f4e306d7b0738a9961c9fa7e3"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/5720-b4ce86a272a7def2.js
x-vercel-cache: HIT
x-vercel-id: arn1::z47sk-1714113880161-100ca7d2fc76
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/8764-86ee4dec8701906d.js

76.76.21.9

200 OK

23 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/8764-86ee4dec8701906d.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (23287)
Size
23 kB (23337 bytes)
Hash
1cec0f38062092613180b66e35d8a69d
744059a8c3c9f7b784993b371f8112399b4cf78f
ad7f763190ef655e723439414f558f3bbca219ebb87aeb76cd24ad7de8d9e098

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8764-86ee4dec8701906d.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7990123
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8764-86ee4dec8701906d.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"1cec0f38062092613180b66e35d8a69d"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/8764-86ee4dec8701906d.js
x-vercel-cache: HIT
x-vercel-id: arn1::fwksz-1714113880162-a9b13a414cbe
X-Firefox-Spdy: h2

jemi.so/_next/static/css/51e946ef9a7721c1.css

76.76.21.9

200 OK

58 kB

URL GET HTTP/2
jemi.so/_next/static/css/51e946ef9a7721c1.css
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
ASCII text, with very long lines (58403)
Size
58 kB (58451 bytes)
Hash
68e674c6be4f92c7b258176ac467a9ad
7a39b7136753e0372796b9cae02b44e8d51094d7
f017e4fbaea9e0bd0d96ce3f629c6231b9850ac7e1df4ff25016c4ee5f45de46

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/51e946ef9a7721c1.css HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7993473
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="51e946ef9a7721c1.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"68e674c6be4f92c7b258176ac467a9ad"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/css/51e946ef9a7721c1.css
x-vercel-cache: HIT
x-vercel-id: arn1::k4p8g-1714113880151-29f8b3eb3662
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/8929-fdb4f64c0b4ec8f8.js

76.76.21.9

200 OK

112 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/8929-fdb4f64c0b4ec8f8.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
112 kB (111599 bytes)
Hash
de4f124b6403094122c4bbcefdf6de99
c8cc96eae2117a521a43fc7219d288ea46fa82e4
b3572b1c39f779358b508ddd2344d4f55dfd9d9a380d8ce6db0e62d453721527

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8929-fdb4f64c0b4ec8f8.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7993369
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="8929-fdb4f64c0b4ec8f8.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"de4f124b6403094122c4bbcefdf6de99"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/8929-fdb4f64c0b4ec8f8.js
x-vercel-cache: HIT
x-vercel-id: arn1::z47sk-1714113880163-e495467e4848
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/3197-844c8163e526cc23.js

76.76.21.9

200 OK

72 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/3197-844c8163e526cc23.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71723 bytes)
Hash
46146652269df07359a4cbc7ce130fe9
941d4df5f4ad7611349578a18ed51609f186ab0c
3bbc1a1b709b6c24ef3b9a03f4078547f418a594016a28b8c4220bff7cadbd68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3197-844c8163e526cc23.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7996080
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3197-844c8163e526cc23.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"46146652269df07359a4cbc7ce130fe9"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/3197-844c8163e526cc23.js
x-vercel-cache: HIT
x-vercel-id: arn1::m9f68-1714113880163-dd05ea896e0f
X-Firefox-Spdy: h2

jemi.so/telstra-signon

76.76.21.9

200 OK

5.4 kB

URL User Request GET HTTP/2
jemi.so/telstra-signon
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
HTML document, ASCII text, with very long lines (5642), with no line terminators
Size
5.4 kB (5363 bytes)
Hash
644b4c69344bfa55841a341f60aa7854
919964dd381eda6d9505ec189f892622f1da6e47
0a21b8307a1fc8d90c9df0f94dd96786d9a0137e2f4e2ac12357aec9e3878e4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /telstra-signon HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
age: 2676091
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 26 Mar 2024 07:23:07 GMT
etag: W/"14p0b4uty2244z"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_site/[username]
x-powered-by: Next.js
x-vercel-cache: STALE
x-vercel-id: arn1::cle1::wvlgb-1714113879737-de6aeb6499c2
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/4474-5e5b3c270d0d0f4e.js

76.76.21.9

200 OK

109 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/4474-5e5b3c270d0d0f4e.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
109 kB (109294 bytes)
Hash
32ea1cf7a00b94b9061739deffbd9c17
54b5b650a94d177c38ab357885c4e47d0f4d6474
2f8a95a0887534e500ba6903322feccb3cc0578686539638bec3f2ae7c6103ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4474-5e5b3c270d0d0f4e.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7993372
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="4474-5e5b3c270d0d0f4e.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"32ea1cf7a00b94b9061739deffbd9c17"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/4474-5e5b3c270d0d0f4e.js
x-vercel-cache: HIT
x-vercel-id: arn1::v7np9-1714113880164-908dbc80a333
X-Firefox-Spdy: h2

jemi.so/_next/static/g0PE8f_wbZr8vYEYSmJ1N/_buildManifest.js

76.76.21.9

200 OK

20 kB

URL GET HTTP/2
jemi.so/_next/static/g0PE8f_wbZr8vYEYSmJ1N/_buildManifest.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
ASCII text, with very long lines (19506), with no line terminators
Size
20 kB (19506 bytes)
Hash
23adad29e913e6880e853dea5b3cbe43
ad66253d007afc74d7cf7896425b0c22da813d19
6675baeb8b28aa57c4066850ee53296a67ecda4841d9461eaa3048852287292b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/g0PE8f_wbZr8vYEYSmJ1N/_buildManifest.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7993495
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"23adad29e913e6880e853dea5b3cbe43"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/g0PE8f_wbZr8vYEYSmJ1N/_buildManifest.js
x-vercel-cache: HIT
x-vercel-id: arn1::v7np9-1714113880168-6c80dfc48d6d
X-Firefox-Spdy: h2

jemi.so/_next/static/chunks/main-4421775ead306739.js

76.76.21.9

200 OK

146 kB

URL GET HTTP/2
jemi.so/_next/static/chunks/main-4421775ead306739.js
IP
76.76.21.9:443
ASN
#16509 AMAZON-02

Requested by
https://jemi.so/telstra-signon
Certificate
IssuerLet's Encrypt
Subject*.jemi.so
Fingerprint3C:49:48:28:34:50:FB:F3:DB:DD:9A:2C:BA:7F:51:F3:43:E9:AB:E6
ValiditySat, 20 Apr 2024 08:59:33 GMT - Fri, 19 Jul 2024 08:59:32 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
146 kB (146124 bytes)
Hash
6d56b08483126eb83fc9f71e5e96e696
33c2e34c948b285aa60b42e15660917c6cdbb4bc
40b6b7841889cfb67b658f01a3ccde617de8a99d5696d864d4cdb2c3bb256a27

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-4421775ead306739.js HTTP/1.1
Host: jemi.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jemi.so/telstra-signon
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 7987707
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-4421775ead306739.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 26 Apr 2024 06:44:40 GMT
etag: W/"6d56b08483126eb83fc9f71e5e96e696"
server: Vercel
strict-transport-security: max-age=63072000
x-frame-options: SAMEORIGIN
x-matched-path: /_next/static/chunks/main-4421775ead306739.js
x-vercel-cache: HIT
x-vercel-id: arn1::fwksz-1714113880154-52d47313a59e
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML