Report - optusnet-com.blogspot.ch/

Report Overview

Visited public
2023-10-13 22:21:16
Tags
URL
optusnet-com.blogspot.ch/
Finishing URL
optusnet-com.blogspot.com/
IP / ASN
142.250.74.129
#15169 GOOGLE
Title
optus

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-12 18:12:01	2.3 kB	4.9 kB	142.250.74.131
optusnet-com.blogspot.ch	unknown	unknown	2022-07-27 18:31:48	2023-07-20 06:08:24	481 B	675 B	142.250.74.129
optusnet-com.blogspot.com	unknown	2000-07-31	2022-06-03 13:46:32	2023-10-07 01:15:22	1.4 kB	7.3 kB	172.217.21.161
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-10-13 01:35:00	446 B	4.2 kB	142.250.74.35
www.blogger.com	8975	1999-06-22	2012-05-22 09:35:03	2023-10-12 20:56:34	441 B	59 kB	216.58.207.233
pastebin.com	25623	2002-09-04	2012-05-20 20:39:30	2023-10-13 22:44:24	413 B	406 B	104.20.68.143

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-10-13	medium	optusnet-com.blogspot.com/	Singtel Optus
2023-10-13	medium	optusnet-com.blogspot.com/	Singtel Optus
2023-10-13	medium	optusnet-com.blogspot.com/	Singtel Optus

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	optusnet-com.blogspot.com/js/cookienotice.js	ScriptElement	6.5 kB	2023-03-07	2025-05-11
Pretty URL optusnet-com.blogspot.com/js/cookienotice.js IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:53 Times Seen43886 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	optusnet-com.blogspot.com/	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL optusnet-com.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 18:00 Times Seen4656327 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	optusnet-com.blogspot.com/	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL optusnet-com.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 18:00 Times Seen4656327 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js	ScriptElement	12 kB	2023-04-05	2025-05-11
Pretty URL www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 03:08 Last Seen2025-05-11 15:21 Times Seen8103 Hash a1a2e5bd3af1cf7d730f15dd7e308a1b 6ab91a37884d5f70808157c5cb6ed7345d8f537a d5ecc1fcccdbc32c37aa7e46793befad6d98ff1a85d1760d732d710faf49a08e Loading...

	www.blogger.com/static/v1/widgets/2059783829-widgets.js	ScriptElement	160 kB	2023-10-10	2023-10-16
Pretty URL www.blogger.com/static/v1/widgets/2059783829-widgets.js IP 216.58.207.233 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-10 12:40 Last Seen2023-10-16 23:40 Times Seen628 Hash 6bd112b786c3c4973d63a60e074fd7eb 8a86d0e8c7f152cc0d2a4be3c6a2031b4b55a02c e7337d9763e7964667f7c43c84e3a6223d9924204b53dd20f2db4c58104444a1 Loading...

	optusnet-com.blogspot.com/	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL optusnet-com.blogspot.com/ IP 172.217.21.161 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 18:00 Times Seen4656327 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (14)

URL IP Response Size

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
728bd06032bd80a8475a282ec52456af
c5d2be8af901525a5e800dfe4ed0a77b3285fb6f
a6b20f2f4e33c95f252d0368cf81c302092d6cc4b74129e4482bcf09207bac57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 22:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

optusnet-com.blogspot.ch/

142.250.74.129

302 Found

180 B

URL User Request GET HTTP/2
optusnet-com.blogspot.ch/
IP
142.250.74.129:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
FingerprintDB:64:70:DE:0C:55:8B:38:3B:6D:06:7E:9F:D1:F7:FA:C1:46:48:CE
ValidityMon, 18 Sep 2023 08:23:37 GMT - Mon, 11 Dec 2023 08:23:36 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
180 B (180 bytes)
Hash
216ca30fbe2a15f9cf014aa7e5459229
34d036c7d4a06f275f5609709bfda694209dc921
b2a69088cf6ca9de223ce679b64b99e19ad3cf27a88b3b47c69b61d9b94d51fc

HTTP Headers

GET / HTTP/1.1
Host: optusnet-com.blogspot.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
location: https://optusnet-com.blogspot.com/
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 13 Oct 2023 22:20:59 GMT
expires: Fri, 13 Oct 2023 22:20:59 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 180
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
728bd06032bd80a8475a282ec52456af
c5d2be8af901525a5e800dfe4ed0a77b3285fb6f
a6b20f2f4e33c95f252d0368cf81c302092d6cc4b74129e4482bcf09207bac57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 22:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
728bd06032bd80a8475a282ec52456af
c5d2be8af901525a5e800dfe4ed0a77b3285fb6f
a6b20f2f4e33c95f252d0368cf81c302092d6cc4b74129e4482bcf09207bac57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 22:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

optusnet-com.blogspot.com/

172.217.21.161

200 OK

3.2 kB

URL User Request GET HTTP/2
optusnet-com.blogspot.com/
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
FingerprintDB:64:70:DE:0C:55:8B:38:3B:6D:06:7E:9F:D1:F7:FA:C1:46:48:CE
ValidityMon, 18 Sep 2023 08:23:37 GMT - Mon, 11 Dec 2023 08:23:36 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4037)
Size
3.2 kB (3196 bytes)
Hash
7fd89b85053d7f03f0c1cb1d34500a1b
9f0ff3284aabe885fa06f4a75a86cd7948a69198
28fe90a70c5be70596f9c53edbf8ca96891974a1edffa5e0dcfef6dba414d7a0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Singtel Optus

HTTP Headers

GET / HTTP/1.1
Host: optusnet-com.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 13 Oct 2023 22:20:59 GMT
date: Fri, 13 Oct 2023 22:20:59 GMT
cache-control: private, max-age=0
last-modified: Wed, 24 Feb 2021 09:00:07 GMT
etag: W/"31ac303adcfa0611cd494225a5801ef5d2b5dfc6a85e589868d9f16e03ad80b1"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 3196
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

optusnet-com.blogspot.com/js/cookienotice.js

172.217.21.161

200 OK

2.0 kB

URL GET HTTP/3
optusnet-com.blogspot.com/js/cookienotice.js
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://optusnet-com.blogspot.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
FingerprintDB:64:70:DE:0C:55:8B:38:3B:6D:06:7E:9F:D1:F7:FA:C1:46:48:CE
ValidityMon, 18 Sep 2023 08:23:37 GMT - Mon, 11 Dec 2023 08:23:36 GMT

File type
ASCII text
Size
2.0 kB (2026 bytes)
Hash
a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Singtel Optus

HTTP Headers

GET /js/cookienotice.js HTTP/1.1
Host: optusnet-com.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://optusnet-com.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Oct 2023 00:44:04 GMT
expires: Fri, 20 Oct 2023 00:44:04 GMT
cache-control: public, max-age=604800
last-modified: Thu, 12 Oct 2023 15:56:34 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 77815
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a78eb97f715186dca689ed1fb41044e9
52d8375bf2d0db3f466f41cb8e7ad4f3eab58742
855b5304b26acc0ea6c85726580c858287eea045a8522391d7166ce1a69dc09f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 22:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
799adfb7aaddaa78d0ff8a2a1da66d36
9fdde474805cf1ef07b01722f1be360bc1ca19b9
13bee77dad7b64254846e7d8cc2a918bbb4eee2f0c91853aa27daeecf75b8208

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 22:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

142.250.74.35

200 OK

3.5 kB

URL GET HTTP/2
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://optusnet-com.blogspot.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint24:E0:20:DC:DE:E3:A8:D9:A8:17:BA:26:F5:41:32:19:98:D0:30:F3
ValidityMon, 18 Sep 2023 08:25:05 GMT - Mon, 11 Dec 2023 08:25:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (10473)
Size
3.5 kB (3475 bytes)
Hash
158013acb7e269a3dbe18de855656c97
08fa355584fc849539b3f04589ae6f61eb4a7d98
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94

HTTP Headers

GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://optusnet-com.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Oct 2023 22:21:00 GMT
expires: Fri, 13 Oct 2023 22:21:00 GMT
cache-control: public, max-age=0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/2059783829-widgets.js

216.58.207.233

200 OK

58 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/2059783829-widgets.js
IP
216.58.207.233:443
ASN
#15169 GOOGLE

Requested by
https://optusnet-com.blogspot.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint3D:08:55:20:9A:71:C0:FA:F9:04:0E:65:22:F3:BA:E1:FA:7B:CA:48
ValidityMon, 18 Sep 2023 08:19:03 GMT - Mon, 11 Dec 2023 08:19:02 GMT

File type
ASCII text, with very long lines (2215)
Size
58 kB (57896 bytes)
Hash
6bd112b786c3c4973d63a60e074fd7eb
8a86d0e8c7f152cc0d2a4be3c6a2031b4b55a02c
e7337d9763e7964667f7c43c84e3a6223d9924204b53dd20f2db4c58104444a1

HTTP Headers

GET /static/v1/widgets/2059783829-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://optusnet-com.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Oct 2023 12:47:16 GMT
expires: Sat, 12 Oct 2024 12:47:16 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 08 Oct 2023 20:51:01 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 34424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a78eb97f715186dca689ed1fb41044e9
52d8375bf2d0db3f466f41cb8e7ad4f3eab58742
855b5304b26acc0ea6c85726580c858287eea045a8522391d7166ce1a69dc09f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 22:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
799adfb7aaddaa78d0ff8a2a1da66d36
9fdde474805cf1ef07b01722f1be360bc1ca19b9
13bee77dad7b64254846e7d8cc2a918bbb4eee2f0c91853aa27daeecf75b8208

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 13 Oct 2023 22:21:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

optusnet-com.blogspot.com/favicon.ico

172.217.21.161

200 OK

412 B

URL GET HTTP/3
optusnet-com.blogspot.com/favicon.ico
IP
172.217.21.161:443
ASN
#15169 GOOGLE

Requested by
https://optusnet-com.blogspot.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
FingerprintDB:64:70:DE:0C:55:8B:38:3B:6D:06:7E:9F:D1:F7:FA:C1:46:48:CE
ValidityMon, 18 Sep 2023 08:23:37 GMT - Mon, 11 Dec 2023 08:23:36 GMT

File type
MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size
412 B (412 bytes)
Hash
59a0c7b6e4848ccdabcea0636efda02b
30ef5c54b8bbc3487ea2b4c45cd11ea2932e4340
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Singtel Optus

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: optusnet-com.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://optusnet-com.blogspot.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/x-icon
expires: Fri, 13 Oct 2023 22:21:00 GMT
date: Fri, 13 Oct 2023 22:21:00 GMT
cache-control: private, max-age=86400
last-modified: Wed, 24 Feb 2021 09:00:07 GMT
etag: W/"31ac303adcfa0611cd494225a5801ef5d2b5dfc6a85e589868d9f16e03ad80b1"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pastebin.com/raw/RD9kQSUh

104.20.68.143

200 OK

0 B

URL GET HTTP/2
pastebin.com/raw/RD9kQSUh
IP
104.20.68.143:443
ASN
#13335 CLOUDFLARENET

Requested by
https://optusnet-com.blogspot.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint55:C8:82:61:30:05:42:80:DB:47:5E:D0:66:B5:DF:AC:14:5B:19:6F
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /raw/RD9kQSUh HTTP/1.1
Host: pastebin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://optusnet-com.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 13 Oct 2023 22:21:00 GMT
content-type: text/plain; charset=utf-8
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
cache-control: public, max-age=1801
cf-cache-status: MISS
last-modified: Fri, 13 Oct 2023 22:21:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 815af91b5ff9b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP