optusbilling.redirectme.net
Open in
urlscan Pro
101.99.88.98
Malicious Activity!
Public Scan
Effective URL: http://optusbilling.redirectme.net/pg_intro.php?&URI=f92152b97c8821102cd2bb21355eac62&sessionid=26cae55312bb2dc2011288c79b25129f&se...
Submission Tags: 7515815
Submission: On May 14 via api from US — Scanned from DE
Summary
This is the only time optusbilling.redirectme.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Optus (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 18 | 101.99.88.98 101.99.88.98 | 45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd) | |
17 | 1 |
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la
optusbilling.redirectme.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
redirectme.net
1 redirects
optusbilling.redirectme.net |
997 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
18 | optusbilling.redirectme.net |
1 redirects
optusbilling.redirectme.net
|
17 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://optusbilling.redirectme.net/pg_intro.php?&URI=f92152b97c8821102cd2bb21355eac62&sessionid=26cae55312bb2dc2011288c79b25129f&securessl=true
Frame ID: 4E5074CAC16DC4D6244FC15AB9F627D4
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Optus - Manage My AccountOptus Mobile Recharge AdPage URL History Show full URLs
-
http://optusbilling.redirectme.net/?id=61481370360
HTTP 302
http://optusbilling.redirectme.net/pg_intro.php?&URI=f92152b97c8821102cd2bb21355eac62&sessionid=26cae55312bb2dc... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://optusbilling.redirectme.net/?id=61481370360
HTTP 302
http://optusbilling.redirectme.net/pg_intro.php?&URI=f92152b97c8821102cd2bb21355eac62&sessionid=26cae55312bb2dc2011288c79b25129f&securessl=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
pg_intro.php
optusbilling.redirectme.net/ Redirect Chain
|
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
optus-m.css
optusbilling.redirectme.net/assets/ |
152 KB 152 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
optus-logo.svg
optusbilling.redirectme.net/assets/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.svg
optusbilling.redirectme.net/assets/ |
577 B 823 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
twitter.svg
optusbilling.redirectme.net/assets/ |
996 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
youtube.svg
optusbilling.redirectme.net/assets/ |
404 B 650 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
linkedin.svg
optusbilling.redirectme.net/assets/ |
658 B 904 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googleplus.svg
optusbilling.redirectme.net/assets/ |
694 B 939 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pinterest.svg
optusbilling.redirectme.net/assets/ |
921 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
instagram.svg
optusbilling.redirectme.net/assets/ |
725 B 970 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-right.svg
optusbilling.redirectme.net/assets/ |
425 B 670 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MarkPro-Bold.eot
optusbilling.redirectme.net/assets/ |
147 KB 147 KB |
Font
application/vnd.ms-fontobject |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MarkPro.eot
optusbilling.redirectme.net/assets/ |
146 KB 146 KB |
Font
application/vnd.ms-fontobject |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MarkOT.eot
optusbilling.redirectme.net/assets/ |
101 KB 101 KB |
Font
application/vnd.ms-fontobject |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MarkOT.otf
optusbilling.redirectme.net/assets/ |
110 KB 110 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MarkPro.otf
optusbilling.redirectme.net/assets/ |
162 KB 162 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MarkPro-Bold.otf
optusbilling.redirectme.net/assets/ |
162 KB 162 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Optus (Telecommunication)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
optusbilling.redirectme.net/ | Name: PHPSESSID Value: 13ee27e3aba439402b7890448dbdbdb1 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
optusbilling.redirectme.net
101.99.88.98
36f6f300db84e44db192ad3a82867d7dd1da6255f0c855b61c3564a55e70fe55
4e5a2d4c172ace1063cc734436f9f039a232dd5244c1733820a7eadba183de5d
5660155618dd4adf99a9fa24c6b425c3b7e3a694e59955d7ad66df23e556890f
5c4a7c09a960ff16643891049b000ae3e1fada087f1ef1adaf127237d0c63454
63d17cda1aaee9b94312e59a6708ac95b20002e6c83d87c3136ec6d6930f3c40
725e30b2152f67db287c40f2809e33d1715cbf3224ee249d83363c8a1a969459
92da03d41cbefbd14daaec01e2514e1063b9d9dd9dfed9c84b65cc1812c68dee
979af22174e46123e6fb3c96d96360ba0ea7a5dbd00ae97ab1ebefae9c284d37
9e47b77c99dab13b5581c667a33229671add9585e2cd6b3709256a30c61e906c
aa91ecbcec2c68a08437e3638a249185d176511325c838764409e4520767feca
c16c2788227b83d74cc976abc5d1218c80c47448b0a35b1385d31bf09fef77fa
c2eb77bb9f20e1f076b2bba696851c6d3e29a49674e6207762eb64cfb7a213cf
d318bd599671c06fb21532382ec1043dba9ad5b5c9618195c60fffefd059dcde
ddb048e2e0c1932322fadbe3b95a0cb5f55e772dd63af956f817ce03e92e2978
dfe0af7ce417fa265f01a287673facda0fc46eea6320b3108ff0ba69b6b9d552
eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65
fde161f0dd90201291c95c55530eb421e3a8a5c11d50a9f427ddb8634b3b5047