telstra.dns-report.com Open in urlscan Pro
68.183.187.57 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/
Submission: On June 11 via automatic, source phishtank (June 11th 2022, 5:31:18 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 68.183.187.57, located in Singapore, Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is telstra.dns-report.com.

This is the only time telstra.dns-report.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telstra (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	68.183.187.57 68.183.187.57	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 15	2600:9000:225... 2600:9000:2250:da00:17:876d:b540:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2

1 68.183.187.57 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

telstra.dns-report.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2250:da00:17:876d:b540:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

www.telstra.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	telstra.com.au 2 redirects www.telstra.com.au — Cisco Umbrella Rank: 310654	163 KB
1	dns-report.com telstra.dns-report.com	17 KB
14	2

	Domain	Requested by
15	www.telstra.com.au	2 redirects telstra.dns-report.com www.telstra.com.au
1	telstra.dns-report.com
14	2

This site contains no links.

Subject Issuer	Validity	Valid
www.telstra.com.au DigiCert SHA2 Extended Validation Server CA	`2022-04-21` - `2023-04-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/
Frame ID: AEE0DB290B0CF6006EAC9A07B9FF8610
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Telstra Login

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*parbase
/etc/designs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

14
Requests

79 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

179 kB
Transfer

521 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.telstra.com.au/etc/designs/tcom/global/css/bootstrap-responsive.css HTTP 301
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/bootstrap-responsive.css

Request Chain 1

https://www.telstra.com.au/etc/designs/tcom/global/css/styles-responsive.css HTTP 301
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/ 17 KB
17 KB 387ms
205ms Document
text/html 68.183.187.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/
Protocol: HTTP/1.1
Server: 68.183.187.57 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 0c064ea3740fc219df1556448f3b17f82d83370c47877421f7c6be27e778abaf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Jun 2022 17:31:12 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2

200

bootstrap-responsive.css
www.telstra.com.au/etc/designs/tcom/tcom-core/css/
Redirect Chain

https://www.telstra.com.au/etc/designs/tcom/global/css/bootstrap-responsive.css
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/bootstrap-responsive.css

70 KB
12 KB

872ms
872ms

Stylesheet
text/css

2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/bootstrap-responsive.css

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a0b027d11c610b8a958c64c1b2e2092daecc6a5c168565b350dcf617598caa65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher2apsoutheast2
date: Sat, 11 Jun 2022 17:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish-tcom
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 12007
cf-viewer-country: DE
referrer-policy
last-modified: Tue, 03 Jul 2018 02:16:13 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "11661-5700ee5ee3540-gzip"
strict-transport-security: max-age=31536000;
content-type: text/css
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: R6Renor7IxtTIeMou3FhQiDm1mC84Zf_l2Dfc6_7aWLLUgN5gXvjCw==

Redirect headers

date: Sat, 11 Jun 2022 17:31:12 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
location: /etc/designs/tcom/tcom-core/css/bootstrap-responsive.css
cache-control: public, max-age=86400, s-maxage=1800
content-length: 0
x-amz-cf-id: zp9b2vtDNVujmhbx41v78UotepZKpYrEIhLDV6550fDowISkwWZnUg==

GET
H2

200

styles-responsive.css
www.telstra.com.au/etc/designs/tcom/tcom-core/css/
Redirect Chain

https://www.telstra.com.au/etc/designs/tcom/global/css/styles-responsive.css
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

306 KB
42 KB

1089ms
1089ms

Stylesheet
text/css

2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ee97eb142f67ad74085a987c2fdf0e5475a9d5f4d5da1fac59da680c5b3f8952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1apsoutheast2
date: Sat, 11 Jun 2022 17:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish-tcom
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 42384
cf-viewer-country: DE
referrer-policy
last-modified: Wed, 18 Dec 2019 05:35:05 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "4c9f9-599f3ce8cf440-gzip"
strict-transport-security: max-age=31536000;
content-type: text/css
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: IoBnRKE1Wtkgd296BVl0BXWoDFrlrbbP3HtfFsTeJzl8q92k3hNKQw==

Redirect headers

date: Sat, 11 Jun 2022 17:31:12 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
location: /etc/designs/tcom/tcom-core/css/styles-responsive.css
cache-control: public, max-age=86400, s-maxage=1800
content-length: 0
x-amz-cf-id: BTSU-R4D2AqgHaxt2m5Qd9IWdpmk_qTlCKg33RMGgqwuex7MTeNsTA==

GET
H2 200 service-qualifier.css
www.telstra.com.au/etc/designs/tcom/service-qualifier/css/ 26 KB
4 KB 1513ms
1270ms Stylesheet
text/css 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/service-qualifier/css/service-qualifier.css

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a0a9a9c5a2741432e08d9ddc9d8341368d016b8ebbee337f4707968fa20a7739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher3apsoutheast2
date: Sat, 11 Jun 2022 17:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish-tcom
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 3383
cf-viewer-country: DE
referrer-policy
last-modified: Fri, 13 Dec 2019 05:46:01 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "66cc-5998f6071d840-gzip"
strict-transport-security: max-age=31536000;
content-type: text/css
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: uzt68jKB43gWAxEm16ro_b0VSDgXqfm8tJPgu9ajUaPzIxZJ4PT2Iw==

GET
H2 200 help-mask.png
www.telstra.com.au/global/icons/small/ 1 KB
2 KB 1133ms
908ms Image
image/png 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/global/icons/small/help-mask.png

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

12bfc7f0910cff13dd762a781677184f390082a6c658078a361e376baf9eae8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1apsoutheast2
strict-transport-security: max-age=31536000;
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish-tcom
x-cache: RefreshHit from cloudfront
date: Sat, 11 Jun 2022 17:31:13 GMT
content-length: 1519
cf-viewer-country: DE
referrer-policy
last-modified: Mon, 15 Aug 2016 01:17:46 GMT
server: CloudFront
etag: "5ef-53a11ffeb0280"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: SKm3SNPzSL8ewAJnJHMoCYvJ9eimArfkfBI5LHI1PHyDYvPo3t0ZIw==

GET
H2 200 styles-print.css
www.telstra.com.au/etc/designs/tcom/global/css/ 4 KB
1 KB 1061ms
837ms Stylesheet
text/css 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/global/css/styles-print.css

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e62bb05dcaeac95f9f4878ec1c836a18788d84d0d3e54606abc0e5cdb7950009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1apsoutheast2
date: Sat, 11 Jun 2022 17:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish-tcom
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 950
cf-viewer-country: DE
referrer-policy
last-modified: Wed, 13 Jun 2018 04:14:54 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "104f-56e7e398c8b80-gzip"
strict-transport-security: max-age=31536000;
content-type: text/css
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: JfyueYYiJD5B9TRzVB0TYeD6ktyZGrumS8mZjuMffiVWhBUt5U8PmQ==

GET
H2 200 icon-check-usage.png
www.telstra.com.au/content/dam/tcom/external/why-register/ 2 KB
2 KB 85ms
11ms Image
image/png 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/content/dam/tcom/external/why-register/icon-check-usage.png

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

88f3efc6de85f417cd1b9f0acff456783ce8ea7e71e7761af829aead1a85e95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1apsoutheast2
strict-transport-security: max-age=31536000;
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 240
x-vhost: publish-tcom-aem
x-cache: Hit from cloudfront
date: Sat, 11 Jun 2022 17:31:12 GMT
content-length: 1620
referrer-policy
last-modified: Sat, 07 May 2016 07:23:12 GMT
server: CloudFront
etag: "654-5323b72adb800"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: BTUiTQkNJjktr95OftSJSXBVz-sSEvD_n5N2EQNbTK574bILyyYV2w==

GET
H2 200 icon-billing.png
www.telstra.com.au/content/dam/tcom/external/why-register/ 809 B
1 KB 11ms
10ms Image
image/png 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/content/dam/tcom/external/why-register/icon-billing.png

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a3cdcb5516bad3f7afb88a7636a509f60703494627c035203d5a928699590c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1apsoutheast2
strict-transport-security: max-age=31536000;
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 240
x-vhost: publish-tcom-aem
x-cache: Hit from cloudfront
date: Sat, 11 Jun 2022 17:31:12 GMT
content-length: 809
referrer-policy
last-modified: Sat, 07 May 2016 07:23:12 GMT
server: CloudFront
etag: "329-5323b72adb800"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: J7mqJ4nNxlnAmO56c1_UvJuch5yzyj9S4Gqmc4Jx8DHPXNmuUfAP0w==

GET
H2 200 icon-recharge.png
www.telstra.com.au/content/dam/tcom/external/why-register/ 2 KB
3 KB 16ms
16ms Image
image/png 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/content/dam/tcom/external/why-register/icon-recharge.png

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

efc88e897f2d69707a034b073ffcee758661c90d93cdb09c389fda1e38d6f74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1apsoutheast2
strict-transport-security: max-age=31536000;
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 240
x-vhost: publish-tcom-aem
x-cache: Hit from cloudfront
date: Sat, 11 Jun 2022 17:31:12 GMT
content-length: 2489
referrer-policy
last-modified: Sat, 07 May 2016 07:23:12 GMT
server: CloudFront
etag: "9b9-5323b72adb800"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: bp7RwL-t3tEs261GNkehECR3m7yq7zvfrzpCHU_J9aqwMVF46XDo4A==

GET
H2 200 icon-direct-debit.png
www.telstra.com.au/content/dam/tcom/external/why-register/ 904 B
1 KB 20ms
20ms Image
image/png 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/content/dam/tcom/external/why-register/icon-direct-debit.png

Requested by

Host: telstra.dns-report.com
URL: http://telstra.dns-report.com/app/index-rui.jsp%3fv=1479958955288%23app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8696698527293c663d55573ed3d147fb4cd4a8f4c3f2a4734127546152454a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher2apsoutheast2
strict-transport-security: max-age=31536000;
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 240
x-vhost: publish-tcom-aem
x-cache: Hit from cloudfront
date: Sat, 11 Jun 2022 17:31:12 GMT
content-length: 904
referrer-policy
last-modified: Sat, 07 May 2016 07:23:12 GMT
server: CloudFront
etag: "388-5323b72adb800"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: GMLftBjA00os8E6u1vZ-u7-Sk5RZNZFa3mBYL1IOEXuHI7Kh1x0Rrw==

GET
H2 200 3.0-spectrum-gradient-blue.png
www.telstra.com.au/etc/designs/tcom/tcom-core/img/telstra/ 19 KB
20 KB 930ms
930ms Image
image/png 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/img/telstra/3.0-spectrum-gradient-blue.png

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f7621b285adcac43d385bcbe612c1e54a509255afeade342302da93ad200f527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher1apsoutheast2
strict-transport-security: max-age=31536000;
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish-tcom
x-cache: RefreshHit from cloudfront
date: Sat, 11 Jun 2022 17:31:14 GMT
content-length: 19575
cf-viewer-country: DE
referrer-policy
last-modified: Wed, 13 Jun 2018 04:14:54 GMT
server: CloudFront
etag: "4c77-56e7e398c8b80"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: civYgHUAo-Vz70arSG89g918kMQziL4OmvJwtwyUkkt9Cos8fdDLcg==

GET
H2 200 telstra-logo.png
www.telstra.com.au/etc/designs/tcom/tcom-core/img/telstra/ 4 KB
5 KB 705ms
704ms Image
image/png 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/img/telstra/telstra-logo.png

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b5e124dca3ebff5d1ee63bdbe1ed96fa7c4cc2d14ebf418a496f1bcf09bf94cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher2apsoutheast2
strict-transport-security: max-age=31536000;
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish-tcom
x-cache: RefreshHit from cloudfront
date: Sat, 11 Jun 2022 17:31:14 GMT
content-length: 4344
cf-viewer-country: DE
referrer-policy
last-modified: Wed, 13 Jun 2018 04:14:54 GMT
server: CloudFront
etag: "10f8-56e7e398c8b80"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: 0-dmyN2DE2ZS6RZFlF5VTU_Znh4_RreI-UtwVA1FR0YAmQh7MUuCkw==

GET
H2 200 v2.1-ui-button-sprite.png
www.telstra.com.au/uberprod/ss-global/themes/v11/images/ 26 KB
27 KB 131ms
131ms Image
image/png 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/uberprod/ss-global/themes/v11/images/v2.1-ui-button-sprite.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

50d18250e06b6d85722c535620d61988e2701f4fd86fe115e1ad303c946dedd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://telstra.dns-report.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher2apsoutheast2
date: Sat, 11 Jun 2022 17:13:54 GMT
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1039
x-vhost: publish-tcom
x-cache: Hit from cloudfront
content-length: 26658
cf-viewer-country: DE
referrer-policy
last-modified: Sat, 07 May 2016 07:22:03 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "6822-5323b6e90dcc0"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: public,max-age=1800,s-maxage=1800
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
x-amz-cf-id: vzwlIO1Xh8ZFU64lYZbbl4I0WLuvpSEDESzd2SlAw7wSYPznnKzaWQ==

GET
H2 200 akkurat-light.woff
www.telstra.com.au/etc/designs/tcom/tcom-core/fonts/ 42 KB
42 KB 691ms
676ms Font
application/x-font-woff 2600:9000:2250:da00:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/fonts/akkurat-light.woff

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:da00:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9e0f4f63a3c0a6f7fd770186cdaf0e919e4c094b354cb9fe1372e07eee79f47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css
Origin: http://telstra.dns-report.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-dispatcher: dispatcher3apsoutheast2
date: Sat, 11 Jun 2022 17:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-vhost: publish-tcom
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
content-length: 42503
cf-viewer-country: DE
access-control-allow-origin: *
referrer-policy
last-modified: Wed, 13 Jun 2018 04:14:54 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "a68d-56e7e398c8b80-gzip"
access-control-max-age: 86400
access-control-allow-methods: get,options
content-type: application/x-font-woff
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: d9LuY7nB8TF3PRcR3TFhAFparcmaIayQ48WEfyM7QaZSyYukmX8_cQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telstra (Telecommunication)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

telstra.dns-report.com
www.telstra.com.au
2600:9000:2250:da00:17:876d:b540:93a1
68.183.187.57
0c064ea3740fc219df1556448f3b17f82d83370c47877421f7c6be27e778abaf
12bfc7f0910cff13dd762a781677184f390082a6c658078a361e376baf9eae8e
50d18250e06b6d85722c535620d61988e2701f4fd86fe115e1ad303c946dedd9
8696698527293c663d55573ed3d147fb4cd4a8f4c3f2a4734127546152454a64
88f3efc6de85f417cd1b9f0acff456783ce8ea7e71e7761af829aead1a85e95b
9e0f4f63a3c0a6f7fd770186cdaf0e919e4c094b354cb9fe1372e07eee79f47b
a0a9a9c5a2741432e08d9ddc9d8341368d016b8ebbee337f4707968fa20a7739
a0b027d11c610b8a958c64c1b2e2092daecc6a5c168565b350dcf617598caa65
a3cdcb5516bad3f7afb88a7636a509f60703494627c035203d5a928699590c9c
b5e124dca3ebff5d1ee63bdbe1ed96fa7c4cc2d14ebf418a496f1bcf09bf94cc
e62bb05dcaeac95f9f4878ec1c836a18788d84d0d3e54606abc0e5cdb7950009
ee97eb142f67ad74085a987c2fdf0e5475a9d5f4d5da1fac59da680c5b3f8952
efc88e897f2d69707a034b073ffcee758661c90d93cdb09c389fda1e38d6f74b
f7621b285adcac43d385bcbe612c1e54a509255afeade342302da93ad200f527

telstra.dns-report.com Open in urlscan Pro 68.183.187.57 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

79 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

179 kBTransfer

521 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

telstra.dns-report.com Open in urlscan Pro
68.183.187.57 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

79 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

179 kB
Transfer

521 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!