URL User Request GET HTTP/1.1IP 203.36.190.152:443
ASN#1221 Telstra Corporation Ltd
CertificateIssuerDigiCert Inc Subjectsignon.bigpond.com FingerprintF2:96:C3:39:3B:1A:A0:38:B3:DA:23:6A:03:C2:40:2D:9E:B4:4E:2E ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 06 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Telstra Corporation Limited | | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 203.36.190.152
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: no-cache
Content-length: 0
Location: https://203.36.190.152/login
Connection: close
|
URL User Request GET HTTP/1.1IP203.36.190.152:443 ASN#1221 Telstra Corporation Ltd
CertificateIssuerDigiCert Inc Subjectsignon.bigpond.com FingerprintF2:96:C3:39:3B:1A:A0:38:B3:DA:23:6A:03:C2:40:2D:9E:B4:4E:2E ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 06 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17801) Hash1eebb622f185bec4f9e705e2218b7d53 c156f98c1ee97a6d5343c4cdb4f5f6a5bab5ef71 129ca93fee9097bff64d2341c503fbeffa25693df4eba52027abaf6909992e26
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Telstra Corporation Limited | | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 203.36.190.152
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:21:25 GMT
Cache-control: no-cache
P3p: CP="CAO PSA OUR"
Content-type: text/html;charset=ISO-8859-1
Content-encoding: gzip
Vary: accept-encoding
Transfer-encoding: chunked
Set-cookie: JSESSIONID=7CA05A47557A959E7905F7E8B3705CA7; Path=/; HttpOnly
BIGipServerpl_bpraa_auth_gw_http=233247404.20480.0000; expires=Tue, 07-May-2024 12:41:25 GMT; path=/
TLS_SITE=knt; path=/
|
| 203.36.190.152/res/javascript/telstra/default/footer.js | 203.36.190.152 | 200 OK | 2.9 kB |
URL GET HTTP/1.1203.36.190.152/res/javascript/telstra/default/footer.js IP203.36.190.152:443 ASN#1221 Telstra Corporation Ltd
Requested byhttps://203.36.190.152/login CertificateIssuerDigiCert Inc Subjectsignon.bigpond.com FingerprintF2:96:C3:39:3B:1A:A0:38:B3:DA:23:6A:03:C2:40:2D:9E:B4:4E:2E ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 06 Dec 2024 23:59:59 GMT
Hash3dd7098da13d551fe9a938a7a95a522f 17e349fb118eadf371d914e1dace6ee2f311895d c19d47568c1d6cdfcf41a5d6a6698c42148c60a9d388687b24f8768d31eb9181
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Telstra Corporation Limited | | Quad9 DNS | malicious | Sinkholed |
GET /res/javascript/telstra/default/footer.js HTTP/1.1
Host: 203.36.190.152
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://203.36.190.152/login
Cookie: JSESSIONID=7CA05A47557A959E7905F7E8B3705CA7; BIGipServerpl_bpraa_auth_gw_http=233247404.20480.0000; TLS_SITE=knt
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:21:26 GMT
Content-type: application/x-javascript
Last-modified: Wed, 29 Nov 2023 13:17:12 GMT
Transfer-encoding: chunked
Content-encoding: gzip
Vary: accept-encoding
Expires: Tue, 04 Jun 2024 12:21:26 GMT
Cache-control: public
Set-Cookie: BIGipServerpl_bpraa_auth_gw_http=233247404.20480.0000; expires=Tue, 07-May-2024 12:41:26 GMT; path=/
|
| 203.36.190.152/res/fonts/telstra/onePortal/Akkurat-Light.woff | 203.36.190.152 | 200 OK | 16 kB |
URL GET HTTP/1.1203.36.190.152/res/fonts/telstra/onePortal/Akkurat-Light.woff IP203.36.190.152:443 ASN#1221 Telstra Corporation Ltd
Requested byhttps://203.36.190.152/login CertificateIssuerDigiCert Inc Subjectsignon.bigpond.com FingerprintF2:96:C3:39:3B:1A:A0:38:B3:DA:23:6A:03:C2:40:2D:9E:B4:4E:2E ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 06 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format, CFF, length 15960, version 1.1 Hash8479d084947ed735280df5902f044839 3698e329d09af5353d5c8ccb66952d7fe62d6ff5 fc823369f6e2da227f6af2771c60023977999cdf99db904209e14c178562a47b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Telstra Corporation Limited | | Quad9 DNS | malicious | Sinkholed |
GET /res/fonts/telstra/onePortal/Akkurat-Light.woff HTTP/1.1
Host: 203.36.190.152
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://203.36.190.152/login
Cookie: JSESSIONID=7CA05A47557A959E7905F7E8B3705CA7; BIGipServerpl_bpraa_auth_gw_http=233247404.20480.0000; TLS_SITE=knt
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 07 May 2024 12:21:26 GMT
Content-type: text/plain
Last-modified: Wed, 29 Nov 2023 13:17:19 GMT
Content-length: 15960
Set-Cookie: BIGipServerpl_bpraa_auth_gw_http=233247404.20480.0000; expires=Tue, 07-May-2024 12:41:26 GMT; path=/
|