papereggplant.com Open in urlscan Pro
162.241.121.36 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://papereggplant.com/res/login.php
Submission: On August 06 via automatic, source openphish (August 6th 2020, 1:10:45 pm UTC)

Summary HTTP 62 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 16 IPs in 5 countries across 12 domains to perform 62 HTTP transactions. The main IP is 162.241.121.36, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is papereggplant.com.

This is the only time papereggplant.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telstra (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
4	162.241.121.36 162.241.121.36	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
5	2600:9000:214... 2600:9000:214f:a600:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE)
8 37	2600:9000:214... 2600:9000:214f:c800:17:876d:b540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.19.133.54 52.19.133.54	16509 (AMAZON-02) (AMAZON-02)
3 7	52.49.227.144 52.49.227.144	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	54.171.46.29 54.171.46.29	16509 (AMAZON-02) (AMAZON-02)
1	2.16.186.105 2.16.186.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	15.236.9.100 15.236.9.100	16509 (AMAZON-02) (AMAZON-02)
2 2	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
1 3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
3	52.17.216.154 52.17.216.154	16509 (AMAZON-02) (AMAZON-02)
62	16

4 162.241.121.36 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-121-36.unifiedlayer.com

papereggplant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:214f:a600:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f6.1e100.net

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2600:9000:214f:c800:17:876d:b540:93a1 (United States) 8 redirects

ASN16509 (AMAZON-02, US)

www.telstra.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.133.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com

telstracorporationlt.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.49.227.144 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-227-144.eu-west-1.compute.amazonaws.com

secure-au.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.46.29 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-46-29.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.105 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com

fast.telstra.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.9.100 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

info.telstra.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.117.28.86 (United States) 2 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.17.216.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-216-154.eu-west-1.compute.amazonaws.com

telstra.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	telstra.com.au 8 redirects www.telstra.com.au info.telstra.com.au	489 KB
12	imrworldwide.com 3 redirects cdn-gl.imrworldwide.com secure-au.imrworldwide.com	62 KB
7	demdex.net 1 redirects dpm.demdex.net fast.telstra.demdex.net telstra.demdex.net	8 KB
4	papereggplant.com papereggplant.com	32 KB
3	facebook.com 1 redirects www.facebook.com	837 B
2	everesttech.net 2 redirects cm.everesttech.net	748 B
2	facebook.net connect.facebook.net	166 KB
2	doubleclick.net fls.doubleclick.net	1 KB
2	ytimg.com s.ytimg.com	41 KB
1	youtube.com www.youtube.com	1 KB
1	atdmt.com cx.atdmt.com	430 B
1	omtrdc.net telstracorporationlt.tt.omtrdc.net	953 B
62	12

	Domain	Requested by
37	www.telstra.com.au	8 redirects papereggplant.com
7	secure-au.imrworldwide.com	3 redirects papereggplant.com secure-au.imrworldwide.com
5	cdn-gl.imrworldwide.com	papereggplant.com cdn-gl.imrworldwide.com secure-au.imrworldwide.com
4	papereggplant.com	papereggplant.com www.telstra.com.au
3	telstra.demdex.net	papereggplant.com www.telstra.com.au
3	www.facebook.com	1 redirects papereggplant.com
3	dpm.demdex.net	1 redirects papereggplant.com
2	cm.everesttech.net	2 redirects
2	info.telstra.com.au	www.telstra.com.au
2	connect.facebook.net	www.telstra.com.au connect.facebook.net
2	fls.doubleclick.net	papereggplant.com www.telstra.com.au
2	s.ytimg.com	papereggplant.com www.youtube.com
1	www.youtube.com	www.telstra.com.au
1	cx.atdmt.com	papereggplant.com
1	fast.telstra.demdex.net	www.telstra.com.au
1	telstracorporationlt.tt.omtrdc.net	papereggplant.com
62	16

This site contains links to these domains. Also see Links.

Domain
www.telstra.com.au
media.telstra.com.au
my.bigpond.com
www.facebook.com
twitter.com
www.youtube.com
plus.google.com
careers.telstra.com
www.telstrawholesale.com.au
www.telstraglobal.com

Subject Issuer	Validity	Valid
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.telstra.com.au QuoVadis EV SSL ICA G3	`2020-05-26` - `2021-05-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-06-25` - `2020-09-23`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://papereggplant.com/res/login.php
Frame ID: 796FDFFF447D17A713655886613D3202
Requests: 56 HTTP requests in this frame

Frame: https://secure-au.imrworldwide.com/storageframe.html
Frame ID: B2CFF41C93EBBD726E31EDB0BD833E5A
Requests: 1 HTTP requests in this frame

Frame: http://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: FF6680F54ED3EEEC4022839F1A48B5C1
Requests: 1 HTTP requests in this frame

Frame: http://fast.telstra.demdex.net/dest5.html?d_nsid=0
Frame ID: 8B6DD6663C0A0FCB5454490DFC3E69BC
Requests: 1 HTTP requests in this frame

Frame: https://secure-au.imrworldwide.com/storageframe.html
Frame ID: 667B5C44F2511AA2E8ACFAB990A2D16F
Requests: 1 HTTP requests in this frame

Frame: https://telstra.demdex.net/dest5.html?d_nsid=0
Frame ID: 1A8F93B1C10B6D5AA3FA809BDE2D30F3
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 5B35F5B6D6BF6A47C75250C28DD74EBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

62
Requests

76 %
HTTPS

44 %
IPv6

12
Domains

16
Subdomains

16
IPs

5
Countries

798 kB
Transfer

2614 kB
Size

5
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.telstra.com.au/?direct
Title: Telstra.com

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/personal
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/small-business
Title: Small Business

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/business-enterprise
Title: Business & Enterprise

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/telstra-health
Title: Health

Search URL Search Domain Scan URL

URL: http://media.telstra.com.au/home.html?ref=from_telstra_header
Title: Sport & Entertainment

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/
Title:

Search URL Search Domain Scan URL

URL: https://my.bigpond.com/telstrabusiness/register/forgotusername.do
Title: username

Search URL Search Domain Scan URL

URL: https://my.bigpond.com/telstrabusiness/register/forgotpassword.do
Title: password

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/myaccount/register
Title: Register now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Telstra24x7

Search URL Search Domain Scan URL

URL: http://twitter.com/telstra

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TelstraCorp

Search URL Search Domain Scan URL

URL: http://plus.google.com/+Telstra

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/sitemap
Title: Telstra.com sitemap

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/contact-us
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/store-locator
Title: Find a store

Search URL Search Domain Scan URL

URL: http://careers.telstra.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/aboutus
Title: About us

Search URL Search Domain Scan URL

URL: https://www.telstrawholesale.com.au/
Title: Telstra Wholesale

Search URL Search Domain Scan URL

URL: https://www.telstraglobal.com/
Title: Telstra Global

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/personal/digital-story
Title: Telstra Digital

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/consumer-advice
Title: Consumer Advice

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/help/critical-information-summaries
Title: Critical Information Summaries

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/terms-of-use
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/privacy/privacy-statement
Title: Privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.telstra.com.au/etc/designs/tcom/global/css/fonts/font-woff.css HTTP 301
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/fonts/font-woff.css

Request Chain 6

https://www.telstra.com.au/etc/designs/tcom/global/css/bootstrap-responsive.css HTTP 301
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/bootstrap-responsive.css

Request Chain 7

https://www.telstra.com.au/etc/designs/tcom/global/css/styles-responsive.css HTTP 301
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

Request Chain 9

https://www.telstra.com.au/etc/designs/tcom/global/js/modernizr.js HTTP 301
https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/modernizr.js

Request Chain 10

http://www.telstra.com.au/content/dam/analytics/sites/common.min.js HTTP 301
https://www.telstra.com.au/content/dam/analytics/sites/common.min.js

Request Chain 11

http://www.telstra.com.au/content/dam/analytics/sites/signon.min.js HTTP 301
https://www.telstra.com.au/content/dam/analytics/sites/signon.min.js

Request Chain 25

https://www.telstra.com.au/etc/designs/tcom/global/js/jquery.js HTTP 301
https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/jquery.js

Request Chain 27

http://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5 HTTP 307
https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5

Request Chain 28

http://www.telstra.com.au/content/dam/analytics/optimisation.min.js HTTP 307
https://www.telstra.com.au/content/dam/analytics/optimisation.min.js

Request Chain 29

https://www.telstra.com.au/etc/designs/tcom/global/js/global.js HTTP 301
https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/global.js

Request Chain 30

http://papereggplant.com/res/javascript/telstra/default/footer.js HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail HTTP 302
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail

Request Chain 31

http://secure-au.imrworldwide.com/v52.js HTTP 301
https://secure-au.imrworldwide.com/v52.js

Request Chain 41

http://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1596719425432 HTTP 302
http://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1596719425432

Request Chain 45

http://cm.everesttech.net/cm/dd?d_uuid=62856468806083739392509216657151775744 HTTP 302
https://cm.everesttech.net/cm/dd?d_uuid=62856468806083739392509216657151775744 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XywBQQAABQCr8FL0

Request Chain 47

https://www.facebook.com/tr/?id=452897358227251&ev=PageView&dl=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&rl=&if=false&ts=1596719425835&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596719425834.1043714370&it=1596719425460&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=9376356400948743371&f=AYyLSqjx6itqKQrM4qPlGuNehXwTe8z-5asOoZBoom0u6yFCT_mIHEwVlXryJCQ9nhrbnfSTl_7TkNY9oXvfJPd3&id=452897358227251&l=3&v=0

Request Chain 54

http://secure-au.imrworldwide.com/storageframe.html HTTP 301
https://secure-au.imrworldwide.com/storageframe.html

Request Chain 57

http://secure-au.imrworldwide.com/cgi-bin/m?rnd=1596719428592&ci=bigpond&js=1&cg=0&ts=v52.js&vn=6.0.58&cc=0&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&sr=1600x1200&id=lstrg-e2b6fc0c978aa69bb9fbdd08161f8896&tz=2 HTTP 301
https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1596719428592&ci=bigpond&js=1&cg=0&ts=v52.js&vn=6.0.58&cc=0&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&sr=1600x1200&id=lstrg-e2b6fc0c978aa69bb9fbdd08161f8896&tz=2

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.php Show response
papereggplant.com/res/ 31 KB
32 KB 5621ms
3164ms Document
text/html 162.241.121.36
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://papereggplant.com/res/login.php
Protocol: HTTP/1.1
Server: 162.241.121.36 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-36.unifiedlayer.com
Software: Apache /
Resource Hash: 369ae976106527105cb1e95c58c74f89f7084fc1753a0431d6c246b29b580813

Request headers

Host: papereggplant.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 13:10:23 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 169 KB
48 KB 45ms
12ms Script
application/javascript 2600:9000:214f:a600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:a600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d210627b2694be7700dbb84faa912e3def3f473e9c075b4d0a8b1104641c7e8

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ltBUtdgYuhvn7ccM2SyZtELG67iqr4Cm
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 14:08:26 GMT
server: AmazonS3
age: 363
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
date: Thu, 06 Aug 2020 13:04:22 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: zCqzc2p-yCihECQh4ZZ9NlcmxjeareQ1U0wPuUsW4-nK0h1qI-ijdw==
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfl497i6p/ 23 KB
9 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl497i6p/www-widgetapi.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336fcbed0b5b1a5c63e555efb1170170cf3a17ea6db699d15415d91930cdc0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 00:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46279
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8776
x-xss-protection: 0
last-modified: Sat, 11 Jan 2020 01:42:11 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Fri, 14 Aug 2020 00:19:05 GMT

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 11 KB
4 KB 10ms
7ms Script
application/javascript 2600:9000:214f:a600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:a600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01e0f57039c2edf431936ece5f2abd26c7c79d94835c8d8a713f009d48911f79

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 12:27:14 GMT
content-encoding: gzip
last-modified: Thu, 06 Aug 2020 11:20:23 GMT
server: AmazonS3
age: 2592
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: VD1Kzh5whL1.uvBFgrjVRY..d1Owiv1M
status: 200
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: 1-7pt9tcMf6XFpxi6nHtuRw9GTFF2M18ninBLyIn3YyRabj8OJe_5w==
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)

GET
H2 200 json Show response
fls.doubleclick.net/ 40 B
702 B 84ms
31ms Script
text/javascript 172.217.23.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fls.doubleclick.net/json?spot=3603226&src=&var=s_2_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_2_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=4343054653103

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

c1618a052643897ff81b0980575e21e1dcf9a2ce7419cd5fe7ace2397cfdfceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60
x-xss-protection: 0
pragma: no-cache
server: cafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

font-woff.css
www.telstra.com.au/etc/designs/tcom/tcom-core/css/fonts/
Redirect Chain

https://www.telstra.com.au/etc/designs/tcom/global/css/fonts/font-woff.css
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/fonts/font-woff.css

48 KB
37 KB

75ms
74ms

Stylesheet
text/css

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/fonts/font-woff.css

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4890bb6b4e63aba0604d30d543f399fd98fcd0ce4d865549169a10b4446078aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:41 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:36:59 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"c152-5ac33116bfb01"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: UbqxMfPTEkUha0UNBvSoxEWUbcKHla1Zr8S6idF-pftpBUEOtaM6Gw==

Redirect headers

date: Thu, 06 Aug 2020 13:10:25 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
status: 301
x-cache: LambdaGeneratedResponse from cloudfront
location: /etc/designs/tcom/tcom-core/css/fonts/font-woff.css
cache-control: public, max-age=86400, s-maxage=1800
content-length: 0
x-amz-cf-id: 4bgv1JIYVJTT_4zpbmDep7pOb-FLEaO4WvA99Dr2CCU00G3S2y_lkA==

GET
H/1.1 404
Not Found touch.js
papereggplant.com/etc/designs/tcom/tcom-core/js/ 0
0 266ms
249ms Script
text/html 162.241.121.36
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://papereggplant.com/etc/designs/tcom/tcom-core/js/touch.js
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: HTTP/1.1
Server: 162.241.121.36 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-36.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 13:10:24 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

bootstrap-responsive.css
www.telstra.com.au/etc/designs/tcom/tcom-core/css/
Redirect Chain

https://www.telstra.com.au/etc/designs/tcom/global/css/bootstrap-responsive.css
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/bootstrap-responsive.css

70 KB
12 KB

51ms
48ms

Stylesheet
text/css

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/bootstrap-responsive.css

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a0b027d11c610b8a958c64c1b2e2092daecc6a5c168565b350dcf617598caa65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:36 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:39 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"11661-5ac330ca525b3"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: cfc1az3z--RhBkcgsJe2z3zyGTq6uaVy5XMiemdk7qXS9ru6xziQ_w==

Redirect headers

date: Thu, 06 Aug 2020 13:10:25 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
status: 301
x-cache: LambdaGeneratedResponse from cloudfront
location: /etc/designs/tcom/tcom-core/css/bootstrap-responsive.css
cache-control: public, max-age=86400, s-maxage=1800
content-length: 0
x-amz-cf-id: IAEuPLiE_ilRe7fpfYIi2F0Hn_E1QN32rVnDrbRYaalksdeKO_qGrQ==

GET
H2

200

styles-responsive.css
www.telstra.com.au/etc/designs/tcom/tcom-core/css/
Redirect Chain

https://www.telstra.com.au/etc/designs/tcom/global/css/styles-responsive.css
https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

306 KB
42 KB

65ms
65ms

Stylesheet
text/css

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ee97eb142f67ad74085a987c2fdf0e5475a9d5f4d5da1fac59da680c5b3f8952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:42 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"4c9f9-5ac32faf7fd52"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: 6K3Wc3KML9GdgxA1BFhgeVIc_ecyt-azf6WQo7N_dyZ2CrYeNvgMaA==

Redirect headers

date: Thu, 06 Aug 2020 13:10:25 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
status: 301
x-cache: LambdaGeneratedResponse from cloudfront
location: /etc/designs/tcom/tcom-core/css/styles-responsive.css
cache-control: public, max-age=86400, s-maxage=1800
content-length: 0
x-amz-cf-id: IGYNxrtlkb1EWDqZsi6y5HqFe1vsfVCKrAanvUYBSRxXW7FHjl0yFA==

GET
H2 200 service-qualifier.css
www.telstra.com.au/etc/designs/tcom/service-qualifier/css/ 26 KB
4 KB 481ms
66ms Stylesheet
text/css 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/service-qualifier/css/service-qualifier.css

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a0a9a9c5a2741432e08d9ddc9d8341368d016b8ebbee337f4707968fa20a7739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:37 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:39 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"66cc-5ac330ca711e2"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: _YdssqvX9SP3O3s-DkXg3rx6umTYLxU72tVKlWd_aLluom4lkUExlQ==

GET
H2

200

modernizr.js Show response
www.telstra.com.au/etc/designs/tcom/tcom-core/js/
Redirect Chain

https://www.telstra.com.au/etc/designs/tcom/global/js/modernizr.js
https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/modernizr.js

14 KB
6 KB

58ms
58ms

Script
application/javascript

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/modernizr.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cb712b04023996038aa7db8ad9c244be327b7fb09069f0e0f3d15c7cd60f6bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:37 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:39 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"39bd-5ac330cb4219e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: 0K_crB0MZ7h9CTJlakM0xMx8zhbU4e9gSGuqA4gqu1jCNxhHSOWnPQ==

Redirect headers

date: Thu, 06 Aug 2020 13:10:25 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
status: 301
x-cache: LambdaGeneratedResponse from cloudfront
location: /etc/designs/tcom/tcom-core/js/modernizr.js
cache-control: public, max-age=86400, s-maxage=1800
content-length: 0
x-amz-cf-id: G21pStsn8TO6HHgeSkQiNOtqz8Hj2z8__vGLAdpSoACCDkcVJY85wg==

GET
H2

200

common.min.js Show response
www.telstra.com.au/content/dam/analytics/sites/
Redirect Chain

http://www.telstra.com.au/content/dam/analytics/sites/common.min.js
https://www.telstra.com.au/content/dam/analytics/sites/common.min.js

39 KB
14 KB

154ms
81ms

Script
application/javascript

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/content/dam/analytics/sites/common.min.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

af32fd7ccde32b735203aadb052265ebe22765aebdbe2af8b390974788b54ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:05:52 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:36:01 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"9ad2-5ac330e02ffc0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: khFavbThDNUiLkEGqi25TLgFLMW16LrE5lBwcoC1Rv3TPq6uGwA-aQ==

Redirect headers

Date: Thu, 06 Aug 2020 13:10:24 GMT
Via: 1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://www.telstra.com.au/content/dam/analytics/sites/common.min.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: yt-yzG8DI3FBt_YJ8HLQZK33UUEKO5kWuCnFrZny9-z3nd9cpi2Z_Q==

GET
H2

200

signon.min.js Show response
www.telstra.com.au/content/dam/analytics/sites/
Redirect Chain

http://www.telstra.com.au/content/dam/analytics/sites/signon.min.js
https://www.telstra.com.au/content/dam/analytics/sites/signon.min.js

1 KB
1 KB

143ms
69ms

Script
application/javascript

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/content/dam/analytics/sites/signon.min.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

154f02afd286ae77591e2663df0cec1947ed830946e32922723dae1989d7b5f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:07:02 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:52 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"5eb-5ac330d70ca40"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: cn9FLNtuC3SNozClQge7bLYzcsec-NqUkr5qzSM92bEX38HW0KGQKg==

Redirect headers

Date: Thu, 06 Aug 2020 13:10:24 GMT
Via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://www.telstra.com.au/content/dam/analytics/sites/signon.min.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: OaPvq69vUfuk2cx_i_xjLXngqI3Grya7wTEDQoSzChL21gtZyRZQag==

GET
H/1.1 200 ajax Show response
telstracorporationlt.tt.omtrdc.net/m2/telstracorporationlt/mbox/ 234 B
953 B 121ms
52ms Script
text/javascript 52.19.133.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://telstracorporationlt.tt.omtrdc.net/m2/telstracorporationlt/mbox/ajax?mboxHost=signon.telstra.com.au&mboxPage=1862cf23a4a24f85aa320c0f6ac4f3c9&screenHeight=768&screenWidth=1366&browserWidth=1366&browserHeight=625&browserTimeOffset=330&colorDepth=24&mboxSession=ba9e29d625dc44e18f393305ad085a23&mboxXDomain=enabled&mboxCount=1&mboxTime=1578598672264&mboxMCSDID=0940A91F6EB10318-651EDF8E8202F866&mboxMCGVID=34781808282383196522484185203228411967&vst.trk=info.telstra.com.au&vst.trks=infos.telstra.com.au&mbox=Signon&mboxId=0&path=%2Flogin&AAMsegments=&profile.CPT=&mboxURL=https%3A%2F%2Fsignon.telstra.com.au%2Flogin%3Fgoto%3Dhttp%253A%252F%252Femail.telstra.com%253A443%252Fwebmail&mboxReferrer=https%3A%2F%2Fweb.skype.com%2F&mboxVersion=63
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: HTTP/1.1
Server: 52.19.133.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 488747d3f47c365c129b567072be4917471d6ae2ac843c5a889300c88671c731

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Aug 2020 13:10:24 GMT
Content-Type: text/javascript;charset=utf-8
P3P: CP="NOI DSP CURa OUR STP COM"
Cache-Control: no-cache
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 234
X-Request-ID: e7caf7dd8763bb76fe19ae71b6951f47

GET
H2 200 jquery.js Show response
www.telstra.com.au/etc/clientlibs/granite/ 0
428 B 468ms
55ms Script
application/javascript 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/clientlibs/granite/jquery.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:37 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
content-length: 0
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:39 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "0-5ac330ca7832a"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: ySB6tR8pUS73eNfKq5CmizUAuQJtbfIC2q3cfHAX8X4NuJvvvDT23w==

GET
H2 200 utils.js Show response
www.telstra.com.au/etc/clientlibs/granite/ 0
430 B 459ms
46ms Script
application/javascript 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/clientlibs/granite/utils.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:37 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
content-length: 0
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:18 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "0-5ac32f9864934"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: xNXNNBwDg33tesJEYqpDCnkv8DQ7JuM7coFHJR0DVZL5zVqm_Mh9cw==

GET
H2 200 granite.js Show response
www.telstra.com.au/etc/clientlibs/granite/jquery/ 0
429 B 458ms
45ms Script
application/javascript 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/clientlibs/granite/jquery/granite.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:59 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
content-length: 0
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:18 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "0-5ac32f9864934"
strict-transport-security: max-age=31536000;
content-type: application/javascript
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: S1rRftesqRKyrc4sr3OY9JkmxWOplYTKnOD-CzoSgCIwSr2I1q2dVA==

GET
H2 200 jquery.js Show response
www.telstra.com.au/etc/clientlibs/foundation/ 471 B
913 B 461ms
48ms Script
application/javascript 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/clientlibs/foundation/jquery.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2afa0193eebc6dcba6256c02ba126cd809b278a8c271ba1344af1d54520fb173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
date: Thu, 06 Aug 2020 13:06:38 GMT
content-length: 471
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:59 GMT
server: CloudFront
etag: "1d7-5ac330dd6812f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: JIdgRfF3QMjonF78bAuwPEXpMhKs_iUWZOQRqSN7NV23Aos8Z52zNw==

GET
H2 200 shared.js Show response
www.telstra.com.au/etc/clientlibs/foundation/ 96 KB
19 KB 483ms
70ms Script
application/javascript 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/clientlibs/foundation/shared.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

107da19449fd70f2d6f81eecd8ffe1e66cd564559e19c6a7ce8e5494fe7e4677

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:43 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"17f33-5ac32fb084ce9"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: KliuvPfkTteUyAXfynXLVcd-Ir7hkFCSFxvqtyvZAVfKvXHfVUESog==

GET
H2 200 underscore.js Show response
www.telstra.com.au/etc/clientlibs/granite/ 0
428 B 468ms
55ms Script
application/javascript 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/clientlibs/granite/underscore.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
date: Thu, 06 Aug 2020 13:06:39 GMT
content-length: 0
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:18 GMT
server: CloudFront
etag: "0-5ac32f9864934"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: S2rGoUAH2o9zr28l6NladiEPsyrUx-KCf2R-z6rArvxcgxuLYXCv9g==

GET
H2 200 kernel.js Show response
www.telstra.com.au/etc/clientlibs/foundation/personalization/ 289 KB
50 KB 470ms
58ms Script
application/javascript 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/clientlibs/foundation/personalization/kernel.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b839e3d8e182759e588d11ed646dd8320e478cf1a86fdb5fafa09a6a5d7ba58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:43 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"483b4-5ac32fb0255a3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: HVPxHrhuaqeC3v4U4U7bE-3sHPjI7BltcAdEOoLDgLVQoC97NrEIHQ==

GET
H2 200 help-mask.png
www.telstra.com.au/global/icons/small/ 1 KB
2 KB 68ms
66ms Image
image/png 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/global/icons/small/help-mask.png

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

12bfc7f0910cff13dd762a781677184f390082a6c658078a361e376baf9eae8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
date: Thu, 06 Aug 2020 13:06:41 GMT
content-length: 1519
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:43 GMT
server: CloudFront
etag: "5ef-5ac32fb022aac"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: qymKerpXnJMGGDq651Q0UPLuv7F1rQ-UJ1MUGLzcZET8hceMk8-PHA==

GET
H2 200 icon-check-usage.png
www.telstra.com.au/content/dam/tcom/external/why-register/ 2 KB
2 KB 28ms
26ms Image
image/png 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/content/dam/tcom/external/why-register/icon-check-usage.png

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

88f3efc6de85f417cd1b9f0acff456783ce8ea7e71e7761af829aead1a85e95b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
date: Thu, 06 Aug 2020 13:10:25 GMT
content-length: 1620
referrer-policy
last-modified: Thu, 06 Aug 2020 10:31:58 GMT
server: CloudFront
etag: "654-5ac32ff868fef"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: BmNJPQsndBIG2NQosreaXGBZp79FamUDbJmHUlwMDNsvywjkhj-e9Q==

GET
H2 200 icon-billing.png
www.telstra.com.au/content/dam/tcom/external/why-register/ 809 B
1 KB 23ms
21ms Image
image/png 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/content/dam/tcom/external/why-register/icon-billing.png

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a3cdcb5516bad3f7afb88a7636a509f60703494627c035203d5a928699590c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:41 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
age: 224
x-cache: Hit from cloudfront
status: 200
content-length: 809
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:45 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "329-5ac32fb28a5c8"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: tyHN1dPxlWhyxja-u8wI545wSqoJsaQwLGEzO49TuFVcjbwg1po4QQ==

GET
H2 200 icon-recharge.png
www.telstra.com.au/content/dam/tcom/external/why-register/ 2 KB
3 KB 988ms
986ms Image
image/png 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/content/dam/tcom/external/why-register/icon-recharge.png

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

efc88e897f2d69707a034b073ffcee758661c90d93cdb09c389fda1e38d6f74b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:25 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
content-length: 2489
referrer-policy
last-modified: Thu, 06 Aug 2020 10:31:58 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "9b9-5ac32ff869f8f"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: v4BbOWztIoApfbssV8LWWHeygugf8gRp66TNdzkVSBCLqfvxjXJuGw==

GET
H2 200 icon-direct-debit.png
www.telstra.com.au/content/dam/tcom/external/why-register/ 904 B
1 KB 898ms
896ms Image
image/png 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/content/dam/tcom/external/why-register/icon-direct-debit.png

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

8696698527293c663d55573ed3d147fb4cd4a8f4c3f2a4734127546152454a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:25 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
content-length: 904
referrer-policy
last-modified: Thu, 06 Aug 2020 10:38:18 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "388-5ac33162b331a"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: Gd-RSJc6b3pNqlLC8dWOtSwoF1CDMfbHk9l3oM0b5PwykEHaadxAzA==

GET
H2

200

jquery.js Show response
www.telstra.com.au/etc/designs/tcom/tcom-core/js/
Redirect Chain

https://www.telstra.com.au/etc/designs/tcom/global/js/jquery.js
https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/jquery.js

91 KB
33 KB

58ms
57ms

Script
application/javascript

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/jquery.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

716117ee484e5bb9b8b4049d8001d97ff084fd857f328edec15271dd4a436ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:40 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:24 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"16be2-5ac32f9e2b060"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: wgHl_eZQ8mATMAVS-_W58eSWPT7bFdJ4ZhKlfFuEkkJzpHGaXH8T6w==

Redirect headers

date: Thu, 06 Aug 2020 13:10:25 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
status: 301
x-cache: LambdaGeneratedResponse from cloudfront
location: /etc/designs/tcom/tcom-core/js/jquery.js
cache-control: public, max-age=86400, s-maxage=1800
content-length: 0
x-amz-cf-id: PNmpGqAWFkXPDSeTOlctoHfpNAN-DVNQ71LKxKzXf_iA5pdPp_0vzw==

GET
H2 200 analytics.js Show response
www.telstra.com.au/content/dam/analytics/ 36 KB
11 KB 45ms
44ms Script
application/javascript 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/content/dam/analytics/analytics.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7bb783e6d8360f89b0acfeb50828edd424d143f2819fead5ea8ada8e2f294598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:53 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:34 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"906d-5ac330c598e3c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: Yc751T2r6d3omtZl1Q2_8Bs0luZli1IWC7KxhcyBFvix8BZiogV0Ng==

GET
H2

200

adobetags.min.js Show response
www.telstra.com.au/content/dam/analytics/
Redirect Chain

http://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5
https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5

150 KB
49 KB

65ms
61ms

Script
application/javascript

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

eced1c4d287844841af2e7be6efcead1f69a9b7e84f1f76a6c4c8b208f4d0310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:06:54 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:36:01 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"25702-5ac330e0349f8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: uUTsKWOUGIdPwLk2L6urKgEdXVeAzJhIMldCUGob3AK2DOLbgLFdlg==

Redirect headers

Location: https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5
Non-Authoritative-Reason: HSTS

GET
H2

200

optimisation.min.js Show response
www.telstra.com.au/content/dam/analytics/
Redirect Chain

http://www.telstra.com.au/content/dam/analytics/optimisation.min.js
https://www.telstra.com.au/content/dam/analytics/optimisation.min.js

82 KB
30 KB

1271ms
1268ms

Script
application/javascript

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/content/dam/analytics/optimisation.min.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ec3a2abd1e40cc5260d2225cf586a9ef6443993cd4ef0e53a8c30efa8222f8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:26 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:37:25 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"1462e-5ac331300cb4c"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: zGAgMKi0mSyaOWZCdvc1uXbyjYsWIdhg-hpTWz0SJ6xq5WqV6ZrAEQ==

Redirect headers

Location: https://www.telstra.com.au/content/dam/analytics/optimisation.min.js
Non-Authoritative-Reason: HSTS

GET
H2

200

global.js Show response
www.telstra.com.au/etc/designs/tcom/tcom-core/js/
Redirect Chain

https://www.telstra.com.au/etc/designs/tcom/global/js/global.js
https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/global.js

244 KB
73 KB

56ms
53ms

Script
application/javascript

2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/global.js

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0cbba35c0d9ee46ad3e41778fa726c0226cb943a24324c8d7a7ebd3a1e2056fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000;
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
date: Thu, 06 Aug 2020 13:06:40 GMT
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:50 GMT
server: CloudFront
etag: "3cfca-5ac330d5366da"
x-frame-options: SAMEORIGIN
content-type: application/javascript
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: a5g7BmCT8gx7sHeKac3UlEUr9xykbPXD3vMKtC4E1T_qDJOL28br1g==

Redirect headers

date: Thu, 06 Aug 2020 13:10:25 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
status: 301
x-cache: LambdaGeneratedResponse from cloudfront
location: /etc/designs/tcom/tcom-core/js/global.js
cache-control: public, max-age=86400, s-maxage=1800
content-length: 0
x-amz-cf-id: xGdHCfQck0i8UVfXar6WjjvESC49EKdETg2hKpw6iP_qB7Xj8dLbmQ==

GET

http://papereggplant.com/res/javascript/telstra/default/footer.js
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail
http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail

0
0

GET
H2

200

v52.js Show response
secure-au.imrworldwide.com/
Redirect Chain

http://secure-au.imrworldwide.com/v52.js
https://secure-au.imrworldwide.com/v52.js

21 KB
6 KB

32ms
31ms

Script
application/javascript

52.49.227.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-au.imrworldwide.com/v52.js
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.227.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-227-144.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:25 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 14:04:19 GMT
server: nginx
etag: "5f184763-1922"
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
content-length: 6434

Redirect headers

Location: https://secure-au.imrworldwide.com:443/v52.js
Date: Thu, 06 Aug 2020 13:10:25 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 150
Content-Type: text/html

GET
H2 200 styles-print.css
www.telstra.com.au/etc/designs/tcom/global/css/ 4 KB
1 KB 45ms
43ms Stylesheet
text/css 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/global/css/styles-print.css

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e62bb05dcaeac95f9f4878ec1c836a18788d84d0d3e54606abc0e5cdb7950009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:07:00 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:35:40 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: W/"104f-5ac330cbf358a"
vary: Accept-Encoding
content-type: text/css
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
cache-control: public, max-age=300, s-maxage=300
x-amz-cf-id: 6HUgAuG1-3tl_FRTTb8kK0ILPkQTrv0kpdAkaZzPh0NQUYQ_Bf2OGQ==

GET
H2 200 storageframe.html
secure-au.imrworldwide.com/ Frame B2CF 0
0 112ms
32ms Document
text/html 52.49.227.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-au.imrworldwide.com/storageframe.html
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.227.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-227-144.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-au.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://papereggplant.com/res/login.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://papereggplant.com/res/login.php

Response headers

status: 200
date: Thu, 06 Aug 2020 13:10:25 GMT
content-type: text/html
content-length: 3489
server: nginx
last-modified: Wed, 22 Jul 2020 14:04:19 GMT
etag: "5f184763-da1"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS

GET
H2 200 3.0-spectrum-gradient-blue.png
www.telstra.com.au/etc/designs/tcom/tcom-core/img/telstra/ 19 KB
20 KB 63ms
61ms Image
image/png 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/img/telstra/3.0-spectrum-gradient-blue.png

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f7621b285adcac43d385bcbe612c1e54a509255afeade342302da93ad200f527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:07:01 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
content-length: 19575
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:13 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "4c77-5ac32f93ce500"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: 21fBewncmQnzkLlOIvXP-TE3e3zgaDHIie-UtjP7gYT0EQnmmURrjw==

GET
H2 200 telstra-logo.png
www.telstra.com.au/etc/designs/tcom/tcom-core/img/telstra/ 4 KB
5 KB 61ms
59ms Image
image/png 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/img/telstra/telstra-logo.png

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

b5e124dca3ebff5d1ee63bdbe1ed96fa7c4cc2d14ebf418a496f1bcf09bf94cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:07:02 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
content-length: 4344
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:39:43 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "10f8-5ac331b315374"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: v1_f4Vv7sfVKb2ksTZul9RlxFIVJ8qFXqppzaDRWaNJzxodnw7TKcw==

GET
H2 200 v2.1-ui-button-sprite.png
www.telstra.com.au/uberprod/ss-global/themes/v11/images/ 26 KB
26 KB 1233ms
1231ms Image
image/png 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.telstra.com.au/uberprod/ss-global/themes/v11/images/v2.1-ui-button-sprite.png

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

50d18250e06b6d85722c535620d61988e2701f4fd86fe115e1ad303c946dedd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:26 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
content-length: 26658
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:31:46 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "6822-5ac32fec5bb00"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: public,max-age=1800,s-maxage=1800
accept-ranges: bytes
x-amz-cf-id: lCWNcGElS58jMpOfMxBX13bCksdOftLgpGybUUYXR1eAz7E0ADAO4A==

GET
H2 200 akkurat-light.woff
www.telstra.com.au/etc/designs/tcom/tcom-core/fonts/ 42 KB
42 KB 118ms
96ms Font
application/font-woff 2600:9000:214f:c800:17:876d:b540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telstra.com.au/etc/designs/tcom/tcom-core/fonts/akkurat-light.woff

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:214f:c800:17:876d:b540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9e0f4f63a3c0a6f7fd770186cdaf0e919e4c094b354cb9fe1372e07eee79f47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.telstra.com.au/etc/designs/tcom/tcom-core/css/styles-responsive.css
Origin: http://papereggplant.com

Response headers

date: Thu, 06 Aug 2020 13:07:41 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=31536000;
content-length: 42637
cf-viewer-country: DE
referrer-policy
last-modified: Thu, 06 Aug 2020 10:30:48 GMT
server: CloudFront
x-frame-options: SAMEORIGIN
etag: "a68d-5ac32fb5bbb50"
access-control-max-age: 86400
access-control-allow-methods: get,options
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=300, s-maxage=300
accept-ranges: bytes
x-amz-cf-id: VH_umdVtBsikgZv3XpqgjBtbUXRZFP4nvY69b9-xQye-oIc5o0HIjA==

GET
H/1.1 200
OK ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame FF66 0
0 22ms
10ms Document
text/html 2600:9000:214f:a600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: HTTP/1.1
Server: 2600:9000:214f:a600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: cdn-gl.imrworldwide.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://papereggplant.com/res/login.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://papereggplant.com/res/login.php

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 22 Jul 2020 14:08:25 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Qxp6CVLvOTT4tPgfC7P7dE52C6ZypvQh
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 06 Aug 2020 12:14:55 GMT
Cache-Control: max-age=86400
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: 9o58IrK8UoMepwtzKH4ZpUZe1TDiOfRWvMjKmjSRq87XdhQxrbaccQ==
Age: 3331

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/content/dam/analytics/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34220
x-xss-protection: 0
pragma: public
x-fb-debug: +LdXteRDvy1bgpPhNohONSJZ0Vpa/jDMTEk99d7ZSAznBn+OwdbUy83ey0Po3Xp+sYpJ7nVvgZP7tpNiyP8h/g==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 06 Aug 2020 13:10:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK json Show response
fls.doubleclick.net/ 40 B
643 B 50ms
37ms Script
text/javascript 172.217.23.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fls.doubleclick.net/json?spot=3603226&src=&var=s_2_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_2_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=6265731488335

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5

Protocol

HTTP/1.1

Server

172.217.23.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

c1618a052643897ff81b0980575e21e1dcf9a2ce7419cd5fe7ace2397cfdfceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 06 Aug 2020 13:10:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
X-Frame-Options: SAMEORIGIN
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 60
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

http://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1596719425432
http://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1596719425432

3 KB
2 KB

36ms
36ms

XHR
application/json

54.171.46.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1596719425432
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: HTTP/1.1
Server: 54.171.46.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-46-29.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0b5640ca0010fdb2cd7a3e76be62813b9b388723e3d6468ddc8b384a348bfeaf

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v078-0b8e097a2.edge-irl1.demdex.com 5.76.0.20200805085924 2ms (+1ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: oa/EaxynSFg=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://papereggplant.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1155
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Access-Control-Allow-Origin: http://papereggplant.com
X-TID: Yq2A1WCsR5o=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&d_nsid=0&ts=1596719425432
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 452897358227251 Show response
connect.facebook.net/signals/config/ 522 KB
132 KB 320ms
320ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/452897358227251?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

100aad5b46c5e7117ab00f0ddfbb9df8296cf09cfcdbcc0e6a8feea5752d4abb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: JRDYWD2zkkiCzv2+OK5UHKWeO/s3MCJLXoaqXUaWrv/QWuTak67XpEtiqEeoI8H7Di0S6pIbNh0fCYd6nGUcog==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 06 Aug 2020 13:10:25 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dest5.html
fast.telstra.demdex.net/ Frame 8B6D 0
0 109ms
46ms Document
text/html 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://fast.telstra.demdex.net/dest5.html?d_nsid=0
Requested by: Host: www.telstra.com.au
URL: https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5
Protocol: HTTP/1.1
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Host: fast.telstra.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://papereggplant.com/res/login.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: demdex=62856468806083739392509216657151775744
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://papereggplant.com/res/login.php

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT
Server: AkamaiNetStorage
X-Check-Cacheable: YES
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=21600
Date: Thu, 06 Aug 2020 13:10:25 GMT
Content-Length: 2785
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"

GET
H/1.1 200
OK id Show response
info.telstra.com.au/ 48 B
708 B 524ms
47ms XHR
application/x-javascript 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://info.telstra.com.au/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&mid=63027031440958485692494482733433094346&ts=1596719425548

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5

Protocol

HTTP/1.1

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

38a1ffb0ceb51923ede832d1fa5372b235e599fb0351e8ac107117bd56c50e48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 06 Aug 2020 13:10:25 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7447d85976-xwhdt
vary: Origin
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://papereggplant.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XywBQQAABQCr8FL0
dpm.demdex.net/
Redirect Chain

http://cm.everesttech.net/cm/dd?d_uuid=62856468806083739392509216657151775744
https://cm.everesttech.net/cm/dd?d_uuid=62856468806083739392509216657151775744
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XywBQQAABQCr8FL0

42 B
915 B

131ms
34ms

Image
image/gif

54.171.46.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XywBQQAABQCr8FL0

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.46.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-46-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v078-0e81a7f85.edge-irl1.demdex.com 5.76.0.20200805085924 1ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: PJQt1ilPTLE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Thu, 06 Aug 2020 13:10:25 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XywBQQAABQCr8FL0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 tr
www.facebook.com/ 44 B
260 B 12ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=571214483266869&ev=PageView&cd[order_id]=63027031440958485692494482733433094346

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:25 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 06 Aug 2020 13:10:25 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=452897358227251&ev=PageView&dl=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&rl=&if=false&ts=1596719425835&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.15...
https://cx.atdmt.com/?c=9376356400948743371&f=AYyLSqjx6itqKQrM4qPlGuNehXwTe8z-5asOoZBoom0u6yFCT_mIHEwVlXryJCQ9nhrbnfSTl_7TkNY9oXvfJPd3&id=452897358227251&l=3&v=0

43 B
430 B

53ms
38ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=9376356400948743371&f=AYyLSqjx6itqKQrM4qPlGuNehXwTe8z-5asOoZBoom0u6yFCT_mIHEwVlXryJCQ9nhrbnfSTl_7TkNY9oXvfJPd3&id=452897358227251&l=3&v=0

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: V87C+T1IGrY5GzKRk50bJBN9OQC82WF0k1GML7SS72mrNvEwwnYs01a1Y+rpxa4O58fh5bE+f3r8li7gTXl1Vg==
content-encoding: br
x-content-type-options: nosniff
date: Thu, 06 Aug 2020 06:10:25 PDT
x-frame-options: DENY
content-type: image/gif
status: 200
cache-control: public, max-age=0
vary: Accept-Encoding
expires: Thu, 06 Aug 2020 06:10:25 PDT

Redirect headers

pragma: no-cache
date: Thu, 06 Aug 2020 13:10:25 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=9376356400948743371&f=AYyLSqjx6itqKQrM4qPlGuNehXwTe8z-5asOoZBoom0u6yFCT_mIHEwVlXryJCQ9nhrbnfSTl_7TkNY9oXvfJPd3&id=452897358227251&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H/1.1 200
OK iframe_api Show response
www.youtube.com/ 858 B
1 KB 30ms
24ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.youtube.com/iframe_api?_=1596719425382

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/jquery.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

5b8fbad0560515eaa20a8face4bf148e5ec31db3acab43803df1ac8f21118056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 13:10:26 GMT
X-Content-Type-Options: nosniff
Server: YouTube Frontend Proxy
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
Cache-Control: no-cache
Content-Type: application/javascript
Content-Length: 858
X-XSS-Protection: 0
Expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H/1.1 404
Not Found touch.js
papereggplant.com/tcom-core/js/ 315 B
315 B 128ms
128ms Image
text/html 162.241.121.36
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://papereggplant.com/tcom-core/js/touch.js
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: HTTP/1.1
Server: 162.241.121.36 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-36.unifiedlayer.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 13:10:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflAtkbbm/ 88 KB
32 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://s.ytimg.com/yts/jsbin/www-widgetapi-vflAtkbbm/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: http://www.youtube.com/iframe_api?_=1596719425382

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

893455ef42faf4056259e20848ecde361e1ce208b720dd685a7a152a76d3d0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 05 Aug 2020 21:09:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 04 Aug 2020 23:52:12 GMT
Server: sffe
Age: 57644
Vary: Accept-Encoding, Origin
Content-Type: text/javascript
Cache-Control: public, max-age=691200
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Content-Length: 32726
X-XSS-Protection: 0
Expires: Thu, 13 Aug 2020 21:09:42 GMT

GET
H/1.1 404
Not Found touch.js
papereggplant.com/tcom-core/js/ 0
0 129ms
129ms Script
text/html 162.241.121.36
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://papereggplant.com/tcom-core/js/touch.js
Requested by: Host: www.telstra.com.au
URL: https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/modernizr.js
Protocol: HTTP/1.1
Server: 162.241.121.36 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-36.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 13:10:26 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 /
www.facebook.com/tr/ 44 B
260 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=452897358227251&ev=Microdata&dl=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&rl=&if=false&ts=1596719427338&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Telstra%20Login%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&fbp=fb.1.1596719427338.348188798&it=1596719425460&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 06 Aug 2020 13:10:27 GMT

GET
H/1.1 200
OK bigpond.json Show response
cdn-gl.imrworldwide.com/ci/ 12 KB
1 KB 415ms
409ms XHR
application/json 2600:9000:214f:a600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-gl.imrworldwide.com/ci/bigpond.json
Requested by: Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v52.js
Protocol: HTTP/1.1
Server: 2600:9000:214f:a600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d65b5c111146458f4a09ac2703cf524a08fa402c1a15a5dd4e410673bd77218f

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 06 Aug 2020 13:10:29 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA53-C1
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: http://papereggplant.com
Last-Modified: Thu, 06 Aug 2020 12:02:03 GMT
Server: AmazonS3
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
x-amz-version-id: QNWrID3hQmsrWxJe9R80TrMaeQ7DvQHs
Via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
Cache-Control: max-age=86400,s-maxage=86400
Access-Control-Allow-Credentials: true
Content-Type: application/json
X-Amz-Cf-Id: QOpGUFeDLagXjwX_Y95SY19oRmGkYMlMzfZoKEL8DsooQbaSFgKOpA==

GET
H2

200

storageframe.html
secure-au.imrworldwide.com/ Frame 667B
Redirect Chain

http://secure-au.imrworldwide.com/storageframe.html
https://secure-au.imrworldwide.com/storageframe.html

0
0

32ms
31ms

Document
text/html

52.49.227.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-au.imrworldwide.com/storageframe.html
Requested by: Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v52.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.227.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-227-144.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: secure-au.imrworldwide.com
:scheme: https
:path: /storageframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://papereggplant.com/res/login.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://papereggplant.com/res/login.php

Response headers

status: 200
date: Thu, 06 Aug 2020 13:10:28 GMT
content-type: text/html
content-length: 3489
server: nginx
last-modified: Wed, 22 Jul 2020 14:04:19 GMT
etag: "5f184763-da1"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS

Redirect headers

Server: awselb/2.0
Date: Thu, 06 Aug 2020 13:10:28 GMT
Content-Type: text/html
Content-Length: 150
Connection: keep-alive
Location: https://secure-au.imrworldwide.com:443/storageframe.html

GET
H/1.1 200
OK dest5.html
telstra.demdex.net/ Frame 1A8F 0
0 135ms
34ms Document
text/html 52.17.216.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://telstra.demdex.net/dest5.html?d_nsid=0

Requested by

Host: papereggplant.com
URL: http://papereggplant.com/res/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-216-154.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: telstra.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://papereggplant.com/res/login.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: dextp=144231-1-1596719426178|144232-1-1596719426279|144233-1-1596719426380|144234-1-1596719426481|144235-1-1596719426581|144236-1-1596719426682|144237-1-1596719426783
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://papereggplant.com/res/login.php

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 05 Aug 2020 12:34:40 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: FScZEbC7SK0=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 5B35 0
0 8ms
7ms Document
text/html 2600:9000:214f:a600:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:a600:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://papereggplant.com/res/login.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://papereggplant.com/res/login.php

Response headers

status: 200
content-type: text/html
last-modified: Wed, 22 Jul 2020 14:08:25 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Qxp6CVLvOTT4tPgfC7P7dE52C6ZypvQh
server: AmazonS3
content-encoding: gzip
date: Thu, 06 Aug 2020 12:14:55 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f7.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: bKuAsFZgshA3wcgdCadOrUbogfcWi2r6MFMcq8VkPyCp2Vd4ElsSRQ==
age: 3334

GET
H2

200

m
secure-au.imrworldwide.com/cgi-bin/
Redirect Chain

http://secure-au.imrworldwide.com/cgi-bin/m?rnd=1596719428592&ci=bigpond&js=1&cg=0&ts=v52.js&vn=6.0.58&cc=0&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&sr=1600x1200...
https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1596719428592&ci=bigpond&js=1&cg=0&ts=v52.js&vn=6.0.58&cc=0&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&sr=1600x120...

44 B
528 B

33ms
33ms

Image
image/gif

52.49.227.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-au.imrworldwide.com/cgi-bin/m?rnd=1596719428592&ci=bigpond&js=1&cg=0&ts=v52.js&vn=6.0.58&cc=0&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&sr=1600x1200&id=lstrg-e2b6fc0c978aa69bb9fbdd08161f8896&tz=2
Requested by: Host: papereggplant.com
URL: http://papereggplant.com/res/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.227.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-227-144.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 06 Aug 2020 13:10:28 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-au.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Location: https://secure-au.imrworldwide.com:443/cgi-bin/m?rnd=1596719428592&ci=bigpond&js=1&cg=0&ts=v52.js&vn=6.0.58&cc=0&cd=24&ck=y&je=n&lg=en-US&si=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&sr=1600x1200&id=lstrg-e2b6fc0c978aa69bb9fbdd08161f8896&tz=2
Date: Thu, 06 Aug 2020 13:10:28 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 150
Content-Type: text/html

POST
H/1.1 200
OK event Show response
telstra.demdex.net/ 1 KB
2 KB 39ms
39ms XHR
application/json 52.17.216.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://telstra.demdex.net/event?_ts=1596719428725

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-216-154.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bc30013d0b4f6e03490f603ed2ad2fe802d63fbf1276c128af07c444c1b1a346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v078-0a6cd4988.edge-irl1.demdex.com 5.76.0.20200805085924 5ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: MRjJSDagQ6g=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://papereggplant.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1310
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK event Show response
telstra.demdex.net/ 1 KB
2 KB 40ms
39ms XHR
application/json 52.17.216.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://telstra.demdex.net/event?_ts=1596719431552

Requested by

Host: www.telstra.com.au
URL: https://www.telstra.com.au/content/dam/analytics/adobetags.min.js?source=CQ5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-216-154.eu-west-1.compute.amazonaws.com

Software

Resource Hash

758d14c4926f2ac6686f93edc809e50bd16405aeba10d37dd3e54653f6176a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v078-0250a9b30.edge-irl1.demdex.com 5.76.0.20200805085924 6ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 00IxzNZsRgU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://papereggplant.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1310
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK s46054768222652
info.telstra.com.au/b/ss/telstratdretailprd,telstratdtmglobalprd/1/JS-2.10.0/ 43 B
601 B 31ms
31ms Image
image/gif 15.236.9.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://info.telstra.com.au/b/ss/telstratdretailprd,telstratdtmglobalprd/1/JS-2.10.0/s46054768222652?AQB=1&ndh=1&pf=1&t=6%2F7%2F2020%2015%3A10%3A31%204%20-120&mid=63027031440958485692494482733433094346&aamlh=6&ce=UTF-8&ns=telstracorporation&cdp=3&fpCookieDomainPeriods=2&pageName=TD%3ATR%3ATR%3Ares%3Atelstra%20login&g=http%3A%2F%2Fpapereggplant.com%2Fres%2Flogin.php&cc=AUD&ch=res&server=papereggplant.com&events=event27&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=TD&v1=TD&h1=TD%7CTR%7CTR%7Cres%7Ctelstra%20login&c2=TR&v2=TR&c3=TR&v3=TR&c4=D%3Dv5&v4=D%3Dch&c5=D%3Dv72&v5=login.php&c6=D%3Dproducts&v6=res%3Alogin.php&c7=%2Fres%2Flogin.php&c8=D%3Dg&v8=D%3Dg&c9=%2F%2Fwww.telstra.com.au%2Fcontent%2Fdam%2Fanalytics%2Fadobetags.min.js%3Fsource%3DCQ5%20%7C%20tz%3D2&c11=1.9.1%20%24&c16=Thu%2C%2006%20Aug%202020%2013%3A10%3A31%20GMT&v16=direct&v18=di&c19=First%20Visit&c35=D%3DUser-Agent&v35=D%3DUser-Agent&c41=3%3A00PM&v41=3%3A00PM&c42=Thursday&v42=Thursday&c43=Weekday&v43=Weekday&c44=D%3Dv44%2B%22%3A%22%2BpageName&v44=logged%20out&v53=D%3Dmid&c61=D%3DpageName&v72=D%3DpageName&c73=1600x1200&v91=Visit&v193=62856468806083739392509216657151775744&v200=telstratdretailprd&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=98DC73AE52E13F1E0A490D4C%40AdobeOrg&AQE=1

Protocol

HTTP/1.1

Server

15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-9-100.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://papereggplant.com/res/login.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 13:10:31 GMT
x-content-type-options: nosniff
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 07 Aug 2020 13:10:31 GMT
server: jag
xserver: anedge-7447d85976-t8jdn
etag: 3428928868601659392-4614159333361279619
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 05 Aug 2020 13:10:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: papereggplant.com
URL: http://papereggplant.com/res/javascript/telstra/default/login.php?goto=http%3A%2F%2Femail.telstra.com%3A443%2Fwebmail

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telstra (Telecommunication)

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 15:51:11	Name: dextp Value: 144231-1-1596719426178\|144232-1-1596719426279\|144233-1-1596719426380\|144234-1-1596719426481\|144235-1-1596719426581\|144236-1-1596719426682\|144237-1-1596719426783
.imrworldwide.com/	1970-01-19 20:53:35	Name: IMRID Value: 33018910-d7e6-11ea-bb2c-fd1be5e50f1e
.imrworldwide.com/	1970-01-19 20:53:35	Name: SSCVER Value: v1
.papereggplant.com/	1970-01-19 13:41:35	Name: _fbp Value: fb.1.1596719427338.348188798
papereggplant.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: be7a08e4a4673aebf7f1cf05255b756b

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.telstra.com.au/content/dam/analytics/analytics.js(Line 1) Message: Warning: Digital Data Layer not found.
console-api	warning	URL: https://www.telstra.com.au/content/dam/analytics/optimisation.min.js(Line 7) Message: AT: Adobe Target content delivery is disabled. Update your DOCTYPE to support Standards mode.
console-api	warning	URL: https://www.telstra.com.au/etc/designs/tcom/tcom-core/js/global.js(Line 8) Message: The offscreen navigation element (.offscreen-nav) isn't present on the page
console-api	warning	URL: https://secure-au.imrworldwide.com/v52.js(Line 1) Message: Failed to execute injectBsdk - NOLBUNDLE.nlsQ is not a function
console-api	log	URL: https://www.telstra.com.au/content/dam/analytics/analytics.js(Line 1) Message: Digital Data not found

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-gl.imrworldwide.com
cm.everesttech.net
connect.facebook.net
cx.atdmt.com
dpm.demdex.net
fast.telstra.demdex.net
fls.doubleclick.net
info.telstra.com.au
papereggplant.com
s.ytimg.com
secure-au.imrworldwide.com
telstra.demdex.net
telstracorporationlt.tt.omtrdc.net
www.facebook.com
www.telstra.com.au
www.youtube.com
papereggplant.com
15.236.9.100
162.241.121.36
172.217.23.166
2.16.186.105
2600:9000:214f:a600:2:42d9:3100:93a1
2600:9000:214f:c800:17:876d:b540:93a1
2a00:1450:4001:809::200e
2a00:1450:4001:814::200e
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.17.216.154
52.19.133.54
52.49.227.144
54.171.46.29
66.117.28.86
01e0f57039c2edf431936ece5f2abd26c7c79d94835c8d8a713f009d48911f79
0b5640ca0010fdb2cd7a3e76be62813b9b388723e3d6468ddc8b384a348bfeaf
0cbba35c0d9ee46ad3e41778fa726c0226cb943a24324c8d7a7ebd3a1e2056fa
100aad5b46c5e7117ab00f0ddfbb9df8296cf09cfcdbcc0e6a8feea5752d4abb
107da19449fd70f2d6f81eecd8ffe1e66cd564559e19c6a7ce8e5494fe7e4677
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12bfc7f0910cff13dd762a781677184f390082a6c658078a361e376baf9eae8e
154f02afd286ae77591e2663df0cec1947ed830946e32922723dae1989d7b5f2
2afa0193eebc6dcba6256c02ba126cd809b278a8c271ba1344af1d54520fb173
336fcbed0b5b1a5c63e555efb1170170cf3a17ea6db699d15415d91930cdc0bd
369ae976106527105cb1e95c58c74f89f7084fc1753a0431d6c246b29b580813
38a1ffb0ceb51923ede832d1fa5372b235e599fb0351e8ac107117bd56c50e48
488747d3f47c365c129b567072be4917471d6ae2ac843c5a889300c88671c731
4890bb6b4e63aba0604d30d543f399fd98fcd0ce4d865549169a10b4446078aa
4d210627b2694be7700dbb84faa912e3def3f473e9c075b4d0a8b1104641c7e8
50d18250e06b6d85722c535620d61988e2701f4fd86fe115e1ad303c946dedd9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b8fbad0560515eaa20a8face4bf148e5ec31db3acab43803df1ac8f21118056
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
716117ee484e5bb9b8b4049d8001d97ff084fd857f328edec15271dd4a436ae9
758d14c4926f2ac6686f93edc809e50bd16405aeba10d37dd3e54653f6176a6e
7bb783e6d8360f89b0acfeb50828edd424d143f2819fead5ea8ada8e2f294598
8696698527293c663d55573ed3d147fb4cd4a8f4c3f2a4734127546152454a64
88f3efc6de85f417cd1b9f0acff456783ce8ea7e71e7761af829aead1a85e95b
893455ef42faf4056259e20848ecde361e1ce208b720dd685a7a152a76d3d0d2
8b9ff14a2ba603e1a32fddd3da2ffd8b50e201a9874ea3fafb50d537117153eb
9e0f4f63a3c0a6f7fd770186cdaf0e919e4c094b354cb9fe1372e07eee79f47b
a0a9a9c5a2741432e08d9ddc9d8341368d016b8ebbee337f4707968fa20a7739
a0b027d11c610b8a958c64c1b2e2092daecc6a5c168565b350dcf617598caa65
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3cdcb5516bad3f7afb88a7636a509f60703494627c035203d5a928699590c9c
af32fd7ccde32b735203aadb052265ebe22765aebdbe2af8b390974788b54ae5
b5e124dca3ebff5d1ee63bdbe1ed96fa7c4cc2d14ebf418a496f1bcf09bf94cc
b839e3d8e182759e588d11ed646dd8320e478cf1a86fdb5fafa09a6a5d7ba58d
bc30013d0b4f6e03490f603ed2ad2fe802d63fbf1276c128af07c444c1b1a346
c1618a052643897ff81b0980575e21e1dcf9a2ce7419cd5fe7ace2397cfdfceb
cb712b04023996038aa7db8ad9c244be327b7fb09069f0e0f3d15c7cd60f6bf9
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d65b5c111146458f4a09ac2703cf524a08fa402c1a15a5dd4e410673bd77218f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bb05dcaeac95f9f4878ec1c836a18788d84d0d3e54606abc0e5cdb7950009
ec3a2abd1e40cc5260d2225cf586a9ef6443993cd4ef0e53a8c30efa8222f8d9
eced1c4d287844841af2e7be6efcead1f69a9b7e84f1f76a6c4c8b208f4d0310
ee97eb142f67ad74085a987c2fdf0e5475a9d5f4d5da1fac59da680c5b3f8952
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc88e897f2d69707a034b073ffcee758661c90d93cdb09c389fda1e38d6f74b
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f7621b285adcac43d385bcbe612c1e54a509255afeade342302da93ad200f527

papereggplant.com Open in urlscan Pro 162.241.121.36 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

76 %HTTPS

44 %IPv6

12 Domains

16 Subdomains

16 IPs

5 Countries

798 kBTransfer

2614 kBSize

5 Cookies

26 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

papereggplant.com Open in urlscan Pro
162.241.121.36 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

76 %
HTTPS

44 %
IPv6

12
Domains

16
Subdomains

16
IPs

5
Countries

798 kB
Transfer

2614 kB
Size

5
Cookies

62 HTTP transactions
0 data transactions