auth.vanheerden.net Open in urlscan Pro
162.240.162.134 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/
Submission: On October 23 via api (October 23rd 2024, 8:11:24 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 19 HTTP transactions. The main IP is 162.240.162.134, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is auth.vanheerden.net.
TLS certificate: Issued by R10 on September 14th 2024. Valid for: 3 months.

This is the only time auth.vanheerden.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telstra (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
19	162.240.162.134 162.240.162.134		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
19	1

19 162.240.162.134 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-162-134.unifiedlayer.com

auth.vanheerden.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	vanheerden.net auth.vanheerden.net	2 MB
19	1

	Domain	Requested by
19	auth.vanheerden.net	auth.vanheerden.net
19	1

This site contains links to these domains. Also see Links.

Domain
myid.telstra.com
www.telstra.com.au

Subject Issuer	Validity	Valid
auth.vanheerden.net R10	`2024-09-14` - `2024-12-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/
Frame ID: 3112BFDB8F6D49AC9361563181830516
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - My Account - Telstra

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1539 kB
Transfer

1606 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://myid.telstra.com/register/
Title: Register for your Telstra ID

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/my-account/telstra-id
Title: More Telstra 24x7 benefits

Search URL Search Domain Scan URL

URL: https://www.telstra.com.au/my-account/why-register
Title: Why register?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response auth.vanheerden.net/Identityverification/myid.telstra.com/manage/	95 KB 28 KB	1085ms 646ms	Document text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash `896ef514a3902ee81502693510c17121382d0489ca9b510aef91a8b4bf5b8241` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 23 Oct 2024 08:11:16 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	log1.css auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/	450 KB 450 KB	331ms 173ms	Stylesheet text/css	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash `e955c4d0f92e53d99fb76a2c0d56ee1c0b8345fef39c4e49d7bc9ff1148e27a7` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 460792 Keep-Alive timeout=5, max=99 Date Wed, 23 Oct 2024 08:11:17 GMT Last-Modified Fri, 09 Dec 2022 20:39:22 GMT Content-Type text/css Server Apache
GET H/1.1	200 OK	log2.css auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/	821 KB 822 KB	513ms 177ms	Stylesheet text/css	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log2.css Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash `4c3aa0d7e82af7d84a6175146b2359c6676c482a455c41959f97d3817f476bb0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 841178 Keep-Alive timeout=5, max=100 Date Wed, 23 Oct 2024 08:11:17 GMT Last-Modified Fri, 09 Dec 2022 20:39:22 GMT Content-Type text/css Server Apache
GET H/1.1	200 OK	log3.css auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/	112 KB 112 KB	508ms 173ms	Stylesheet text/css	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash `3cf1166f64929786e324c9611c05431e2b790a9e286516b00a64b7f84c4cc811` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 114218 Keep-Alive timeout=5, max=100 Date Wed, 23 Oct 2024 08:11:17 GMT Last-Modified Fri, 09 Dec 2022 20:39:22 GMT Content-Type text/css Server Apache
GET H/1.1	200 OK	log.css auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/	46 KB 47 KB	518ms 183ms	Stylesheet text/css	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log.css Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash `e8d75d6bfb13ed4a3e648aa769094aa10883cd060034e4b2cd3d0531635fdf3d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 47487 Keep-Alive timeout=5, max=100 Date Wed, 23 Oct 2024 08:11:17 GMT Last-Modified Fri, 09 Dec 2022 20:39:22 GMT Content-Type text/css Server Apache
GET H/1.1	200 OK	login.css auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/	78 KB 79 KB	508ms 169ms	Stylesheet text/css	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/login.css Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash `30c6beb75786a1f116b5ff07ad0d1b56634294044beeda59118be54158d97d13` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Response headers Connection Keep-Alive Accept-Ranges bytes Content-Length 80302 Keep-Alive timeout=5, max=100 Date Wed, 23 Oct 2024 08:11:17 GMT Last-Modified Fri, 09 Dec 2022 20:39:22 GMT Content-Type text/css Server Apache
GET H/1.1	403 Forbidden	TelstraAkkurat-Bold.woff auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/assets/	0 0	469ms 468ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/assets/TelstraAkkurat-Bold.woff Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/login.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/login.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Date Wed, 23 Oct 2024 08:11:18 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	TelstraAkkuratWeb-Light.woff auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/	0 0	537ms 536ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/TelstraAkkuratWeb-Light.woff Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Date Wed, 23 Oct 2024 08:11:18 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	td-original-icons.woff auth.vanheerden.net/myaccount/static-content/css/font/	0 0	731ms 731ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/myaccount/static-content/css/font/td-original-icons.woff Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=98 Date Wed, 23 Oct 2024 08:11:18 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	TelstraAkkurat-Bold.ttf auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/assets/	0 0	396ms 395ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/assets/TelstraAkkurat-Bold.ttf Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/login.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/login.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=98 Date Wed, 23 Oct 2024 08:11:19 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	TelstraAkkuratWeb-Light.ttf auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/	0 0	455ms 454ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/TelstraAkkuratWeb-Light.ttf Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=98 Date Wed, 23 Oct 2024 08:11:19 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	td-original-icons.ttf auth.vanheerden.net/myaccount/static-content/css/font/	0 0	459ms 458ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/myaccount/static-content/css/font/td-original-icons.ttf Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=97 Date Wed, 23 Oct 2024 08:11:19 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	TelstraAkkurat-Bold.woff auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/	0 0	821ms 821ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/TelstraAkkurat-Bold.woff Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=97 Date Wed, 23 Oct 2024 08:11:19 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	TelstraAkkuratWeb-Light.woff auth.vanheerden.net/myaccount/static-content/css/font/	0 0	463ms 462ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/myaccount/static-content/css/font/TelstraAkkuratWeb-Light.woff Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=97 Date Wed, 23 Oct 2024 08:11:19 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	TelstraAkkuratWeb-Light.ttf auth.vanheerden.net/myaccount/static-content/css/font/	0 0	476ms 475ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/myaccount/static-content/css/font/TelstraAkkuratWeb-Light.ttf Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log1.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=96 Date Wed, 23 Oct 2024 08:11:20 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	TelstraAkkurat-Bold.ttf auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/	0 0	560ms 559ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/TelstraAkkurat-Bold.ttf Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=96 Date Wed, 23 Oct 2024 08:11:20 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	Akkurat.woff auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/	0 0	740ms 740ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/Akkurat.woff Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=95 Date Wed, 23 Oct 2024 08:11:20 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	favicon.ico auth.vanheerden.net/	3 KB 1 KB	433ms 433ms	Other text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash `398bca5d530f5476442444bdf7820c510b8a2320ed6c470847421e8a8fdfb552` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=95 Date Wed, 23 Oct 2024 08:11:20 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache
GET H/1.1	403 Forbidden	Akkurat.ttf auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/	0 0	422ms 421ms	Font text/html	162.240.162.134 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/Akkurat.ttf Requested by Host: auth.vanheerden.net URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.162.134 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-240-162-134.unifiedlayer.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://auth.vanheerden.net Referer https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/log3.css Response headers Transfer-Encoding chunked Cache-Control no-store, no-cache, must-revalidate Content-Encoding gzip Pragma no-cache Connection Keep-Alive Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=94 Date Wed, 23 Oct 2024 08:11:21 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Server Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telstra (Telecommunication)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth.vanheerden.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: ba49c9648c14c91e707a2237703af697

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/assets/TelstraAkkurat-Bold.woff Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/TelstraAkkuratWeb-Light.woff Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/myaccount/static-content/css/font/td-original-icons.woff Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/assets/TelstraAkkurat-Bold.ttf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/TelstraAkkuratWeb-Light.ttf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/myaccount/static-content/css/font/td-original-icons.ttf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/myaccount/static-content/css/font/TelstraAkkuratWeb-Light.woff Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/TelstraAkkurat-Bold.woff Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/myaccount/static-content/css/font/TelstraAkkuratWeb-Light.ttf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/TelstraAkkurat-Bold.ttf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/Akkurat.woff Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://auth.vanheerden.net/Identityverification/myid.telstra.com/manage/src/font/Akkurat.ttf Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.vanheerden.net
162.240.162.134
30c6beb75786a1f116b5ff07ad0d1b56634294044beeda59118be54158d97d13
398bca5d530f5476442444bdf7820c510b8a2320ed6c470847421e8a8fdfb552
3cf1166f64929786e324c9611c05431e2b790a9e286516b00a64b7f84c4cc811
4c3aa0d7e82af7d84a6175146b2359c6676c482a455c41959f97d3817f476bb0
896ef514a3902ee81502693510c17121382d0489ca9b510aef91a8b4bf5b8241
e8d75d6bfb13ed4a3e648aa769094aa10883cd060034e4b2cd3d0531635fdf3d
e955c4d0f92e53d99fb76a2c0d56ee1c0b8345fef39c4e49d7bc9ff1148e27a7

auth.vanheerden.net Open in urlscan Pro 162.240.162.134 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1539 kBTransfer

1606 kBSize

1 Cookies

3 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

14 Console Messages

Indicators

auth.vanheerden.net Open in urlscan Pro
162.240.162.134 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1539 kB
Transfer

1606 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!