45.9.168.109 Open in urlscan Pro
45.9.168.109 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://45.9.168.109/westpac/
Effective URL:
http://45.9.168.109/westpac/index1.php
Submission: On August 17 via manual (August 17th 2022, 12:02:26 pm UTC) from RO — Scanned from DE

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 3 domains to perform 37 HTTP transactions. The main IP is 45.9.168.109, located in Hungary and belongs to MAXKO, HR. The main domain is 45.9.168.109.

This is the only time 45.9.168.109 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nexi (Banking) Westpac (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 20	45.9.168.109 45.9.168.109	211619 (MAXKO) (MAXKO)
1	185.198.118.126 185.198.118.126	35051 (NEXI-AS) (NEXI-AS)
1	110.5.81.221 110.5.81.221	9426 (WESTPAC-A...) (WESTPAC-AS-AP Westpac Bank)
1	185.198.118.43 185.198.118.43	35051 (NEXI-AS) (NEXI-AS)
2	202.7.41.228 202.7.41.228	4830 (AS-WESTPA...) (AS-WESTPACNZ-AP Westpactrust)
37	6

20 45.9.168.109 (Hungary) 1 redirects

ASN211619 (MAXKO, HR)
PTR: cleanmx5.boulangeriehaubourdin.fr

45.9.168.109	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.198.118.126 (Italy)

ASN35051 (NEXI-AS, IT)

www.nexi.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 110.5.81.221 (Sydney, Australia)

ASN9426 (WESTPAC-AS-AP Westpac Bank, AU)

banking.westpac.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.198.118.43 (Italy)

ASN35051 (NEXI-AS, IT)

business.nexi.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.7.41.228 (New Zealand)

ASN4830 (AS-WESTPACNZ-AP Westpactrust, NZ)

bank.westpac.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	westpac.co.nz bank.westpac.co.nz Failed	13 KB
2	nexi.it www.nexi.it — Cisco Umbrella Rank: 898291 business.nexi.it	7 KB
1	westpac.com.au banking.westpac.com.au — Cisco Umbrella Rank: 460719	2 KB
37	3

	Domain	Requested by
2	bank.westpac.co.nz	45.9.168.109
1	business.nexi.it	45.9.168.109
1	banking.westpac.com.au	45.9.168.109
1	www.nexi.it	45.9.168.109
37	4

This site contains no links.

Subject Issuer	Validity	Valid
www.nexi.it GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
banking.westpac.com.au Entrust Certification Authority - L1M	`2022-04-13` - `2023-04-13`	a year	crt.sh
business.nexi.it GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2023-07-01`	a year	crt.sh
bank.westpac.co.nz Entrust Certification Authority - L1M	`2022-03-16` - `2023-04-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://45.9.168.109/westpac/index1.php
Frame ID: 7AF83464DE66C53128D30908C488B573
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Westpac One® - Online Banking

Page URL History Show full URLs

http://45.9.168.109/westpac/ HTTP 302
http://45.9.168.109/westpac/index1.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

14 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

6
IPs

4
Countries

608 kB
Transfer

1818 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://45.9.168.109/westpac/ HTTP 302
http://45.9.168.109/westpac/index1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index1.php Show response
45.9.168.109/westpac/
Redirect Chain

http://45.9.168.109/westpac/
http://45.9.168.109/westpac/index1.php

33 KB
7 KB

103ms
103ms

Document
text/html

45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 41b845c09c573e9a0941b055e38eaa411a44b2068763e0d11e12d5cb1326e6b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6516
Content-Type: text/html; charset=UTF-8
Date: Wed, 17 Aug 2022 12:02:19 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 17 Aug 2022 12:02:19 GMT
Keep-Alive: timeout=5, max=100
Location: index1.php
Server: Apache/2.4.41 (Ubuntu)

GET
H/1.1 200
OK all.css
45.9.168.109/westpac/index_files/ 275 B
532 B 50ms
50ms Stylesheet
text/css 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/all.css
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 08ef93a94050a0163b4f527a389e2391cbbd513844e239e96cbc752ce7b108b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 22:32:06 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "113-5dd45cbd88580-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 197

GET
H/1.1 200
OK vendor.f7f52137a28f445d9986.css
45.9.168.109/westpac/index_files/ 20 KB
3 KB 100ms
50ms Stylesheet
text/css 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/vendor.f7f52137a28f445d9986.css
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 0662948e18bfefa0ad7a432d7c68e1ca5cb86df231f785931e84c519360bae04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 22:32:06 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "511a-5dd45cbd88580-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2978

GET
H/1.1 200
OK app.53084dd392914e25de4f.css
45.9.168.109/westpac/index_files/ 1 B
280 B 103ms
52ms Stylesheet
text/css 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/app.53084dd392914e25de4f.css
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Last-Modified: Fri, 22 Apr 2022 22:32:06 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "1-5dd45cbd88580"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1

GET
H/1.1 200
OK styles.0788bdac6057c9cfea7d.css
45.9.168.109/westpac/index_files/ 1 MB
149 KB 118ms
68ms Stylesheet
text/css 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/styles.0788bdac6057c9cfea7d.css
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 1bf71bfcdca3d5a631316535350da96f02cf11957362019c87b15898a09721d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 22:35:53 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "12af56-5dd45d9604440-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK main.css
45.9.168.109/westpac/index_files/ 47 KB
8 KB 102ms
51ms Stylesheet
text/css 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/main.css
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 5369dc4f0b41a153ff04319dc335fdd308ccc468878fb18760a9dcc2cdac03b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Aug 2022 14:09:05 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "bcde-5e65c4a828240-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7652

GET
H/1.1 200
OK jquery.js Show response
45.9.168.109/westpac/cntdjs/ 87 KB
31 KB 110ms
59ms Script
application/javascript 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/cntdjs/jquery.js
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 22:38:33 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "15d9d-5dd45e2e9ac40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30902

GET
H/1.1 200
OK jquery.mask.js Show response
45.9.168.109/westpac/cntdjs/ 23 KB
6 KB 104ms
53ms Script
application/javascript 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/cntdjs/jquery.mask.js
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Apr 2022 22:38:33 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5a88-5dd45e2e9ac40-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5877

GET
H/1.1 200
OK cntd.js Show response
45.9.168.109/westpac/cntdjs/ 2 KB
1 KB 150ms
50ms Script
application/javascript 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/cntdjs/cntd.js
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 7cb16eaa505542e5bdcda6c3e764e241fbb4e35e07bf21a820cc19fac1bb3864

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Aug 2022 11:37:09 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "91b-5e65a2b276340-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 914

GET
H/1.1 200
OK logo--dark.svg
www.nexi.it/content/dam/nexi/img/logo/ 2 KB
3 KB 289ms
49ms Image
image/svg+xml 185.198.118.126
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nexi.it/content/dam/nexi/img/logo/logo--dark.svg
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.198.118.126 , Italy, ASN35051 (NEXI-AS, IT),
Reverse DNS
Software: /
Resource Hash: 790272db4f81bd54720506a836a513fb2ef6520b5227ce392be7c1dac52f4621

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:20 GMT
Last-Modified: Tue, 26 Jul 2022 13:18:10 GMT
ETag: "938-5e4b521c38698"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID DEVi OUR BUS INT"
Cache-Control: max-age=300, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/svg+xml
Keep-Alive: timeout=5, max=99
Content-Length: 2360

GET
H/1.1 200
OK logo_white_bg.png.ce5c4c19ec61b56796f0e218fc8329c558421fd8.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Core/Images/ 1 KB
2 KB 2099ms
319ms Image
image/png 110.5.81.221
WESTPAC-AS-AP Wes...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Core/Images/logo_white_bg.png.ce5c4c19ec61b56796f0e218fc8329c558421fd8.png

Requested by

Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

110.5.81.221 Sydney, Australia, ASN9426 (WESTPAC-AS-AP Westpac Bank, AU),

Reverse DNS

Software

Resource Hash

cf1c352b986e083292b5713ac5556b02832a8cf248485e627708110e62a83820

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.westpac.com.au
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 12:02:21 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jun 2022 11:48:42 GMT
etag: "803821def67bd81:0"
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
content-security-policy: frame-ancestors 'self' https://*.westpac.com.au
accept-ranges: bytes
content-type: image/png
content-length: 1183
x-content-type-options: nosniff
x-ua-compatible: IE=8;FF=3;OtherUA=4

GET
H/1.1 200
OK phone-rotate.gif
45.9.168.109/westpac/index_files/ 18 KB
18 KB 50ms
49ms Image
image/gif 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://45.9.168.109/westpac/index_files/phone-rotate.gif
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: fb3a6e43bc13dd8ba3d4cb557202ace068d523d832d6a0312efa3282ede43df8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:20 GMT
Last-Modified: Fri, 22 Apr 2022 22:32:06 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4742-5dd45cbd88580"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 18242

GET
H/1.1 200
OK phone-rotate@2.gif
45.9.168.109/westpac/index_files/ 40 KB
41 KB 50ms
50ms Image
image/gif 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://45.9.168.109/westpac/index_files/phone-rotate@2.gif
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index1.php
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 23e22334f525b2759e87148b6f29191ac1ebb8d411456a70496e6734f5a5c7dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:20 GMT
Last-Modified: Fri, 22 Apr 2022 22:32:06 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a0ea-5dd45cbd88580"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 41194

GET
H/1.1 404
Not Found base.css
45.9.168.109/westpac/index_files/ 0
0 51ms
50ms Stylesheet
text/html 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/base.css
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/all.css
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index_files/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 274
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found theme.css
45.9.168.109/westpac/index_files/ 0
0 50ms
50ms Stylesheet
text/html 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/theme.css
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/all.css
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/westpac/index_files/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:19 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 274
Content-Type: text/html; charset=iso-8859-1

GET sprite.f35ac.svg
bank.westpac.co.nz/wone/images/ 0
0

GET SourceSansPro-Bold.ttf
bank.westpac.co.nz/wone/fonts/ 0
0

GET SourceSansPro-Regular.ttf
bank.westpac.co.nz/wone/fonts/ 0
0

GET national-2-web-medium.woff2
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ 0
0

GET national-2-web-regular-italic.woff2
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ 0
0

GET national-2-web-regular.woff2
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ 0
0

GET
H/1.1 200 NexiLogoBlue.svg
business.nexi.it/cas/themes/icbpi/images/ 3 KB
4 KB 174ms
69ms Image
image/svg+xml 185.198.118.43
NEXI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://business.nexi.it/cas/themes/icbpi/images/NexiLogoBlue.svg

Requested by

Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.198.118.43 , Italy, ASN35051 (NEXI-AS, IT),

Reverse DNS

Software

Resource Hash

65ed35fd0b6fef076e7a0af5b7bb5ddab00e6d2ab6c82e88d4182cb55b9ad4cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Dec 2021 16:04:35 GMT
Date: Wed, 17 Aug 2022 12:02:19 GMT
X-Frame-Options: DENY
Content-Type: image/svg+xml;charset=UTF-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Content-Length: 3572
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200
OK online-guardian-guarantee.svg
bank.westpac.co.nz/images/security/ 18 KB
8 KB 1622ms
308ms Image
image/svg+xml 202.7.41.228
AS-WESTPACNZ-AP W...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.westpac.co.nz/images/security/online-guardian-guarantee.svg

Requested by

Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.41.228 , New Zealand, ASN4830 (AS-WESTPACNZ-AP Westpactrust, NZ),

Reverse DNS

Software

Resource Hash

099c8a9a4c3795739754be1f82022a41db3a6f035d811a4168ac9f654d94695f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 00:00:25 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Server-Timing: dtSInfo;desc="0", dtRpid;desc="663563095"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 17 Aug 2022 18:02:21 GMT

GET
H/1.1 200
OK ssl-entrust.png
bank.westpac.co.nz/images/security/ 4 KB
5 KB 1602ms
299ms Image
image/png 202.7.41.228
AS-WESTPACNZ-AP W...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bank.westpac.co.nz/images/security/ssl-entrust.png

Requested by

Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.41.228 , New Zealand, ASN4830 (AS-WESTPACNZ-AP Westpactrust, NZ),

Reverse DNS

Software

Resource Hash

cc84eadbd134138804b1e470aaf40d8f801539386400b56b58cebd0d27e3bdb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://45.9.168.109/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:21 GMT
Last-Modified: Thu, 28 Jul 2022 00:00:25 GMT
Etag: "62e1d199-feb"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=21600
Server-Timing: dtSInfo;desc="0", dtRpid;desc="211487308"
Accept-Ranges: bytes
Content-Length: 4075
Expires: Wed, 17 Aug 2022 18:02:21 GMT

GET national-2-web-medium.woff
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ 0
0

GET national-2-web-regular.woff
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ 0
0

GET national-2-web-regular-italic.woff
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ 0
0

GET
H/1.1 404
Not Found SourceSansPro-Bold.ttf
45.9.168.109/westpac/index_files/ 0
0 50ms
50ms Font
text/html 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/SourceSansPro-Bold.ttf
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/styles.0788bdac6057c9cfea7d.css
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Referer: http://45.9.168.109/westpac/index_files/styles.0788bdac6057c9cfea7d.css
Origin: http://45.9.168.109
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:22 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 274
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK SourceSansPro-Regular.ttf
45.9.168.109/westpac/index_files/ 262 KB
262 KB 50ms
49ms Font
font/ttf 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/SourceSansPro-Regular.ttf
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/styles.0788bdac6057c9cfea7d.css
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ba6f9cec5b7703aa912c81886e901804decc82685cc2c6ed1a1d7d66469e0147

Request headers

Referer: http://45.9.168.109/westpac/index_files/styles.0788bdac6057c9cfea7d.css
Origin: http://45.9.168.109
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:22 GMT
Last-Modified: Fri, 22 Apr 2022 22:35:11 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4169c-5dd45d6df65c0"
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 267932

GET
H/1.1 200
OK national-2-web-medium.woff2
45.9.168.109/westpac/index_files/ 32 KB
32 KB 49ms
49ms Font
font/woff2 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/national-2-web-medium.woff2
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/main.css
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 34efa6b825e55ddb3678ccf4370187ee65e85724851e821cec0f31d07bcfd0e0

Request headers

Referer: http://45.9.168.109/westpac/index_files/main.css
Origin: http://45.9.168.109
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:22 GMT
Last-Modified: Fri, 22 Apr 2022 22:35:03 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "7e7b-5dd45d66553c0"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 32379

GET
H/1.1 200
OK national-2-web-regular.woff2
45.9.168.109/westpac/index_files/ 29 KB
29 KB 50ms
50ms Font
font/woff2 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/national-2-web-regular.woff2
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/main.css
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 4d0a006b40d857b4ac68aeb5ddef50b7dd29abddd4ee9b5e7108d4a9ce4e0102

Request headers

Referer: http://45.9.168.109/westpac/index_files/main.css
Origin: http://45.9.168.109
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:23 GMT
Last-Modified: Fri, 22 Apr 2022 22:35:10 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "737b-5dd45d6d02380"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 29563

GET
H/1.1 404
Not Found national-2-web-regular-italic.woff2
45.9.168.109/westpac/index_files/ 0
0 50ms
50ms Font
text/html 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/national-2-web-regular-italic.woff2
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/main.css
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Referer: http://45.9.168.109/westpac/index_files/main.css
Origin: http://45.9.168.109
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:23 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 274
Content-Type: text/html; charset=iso-8859-1

GET SourceSansPro-Italic.ttf
bank.westpac.co.nz/wone/fonts/ 0
0

GET
H/1.1 404
Not Found SourceSansPro-Italic.ttf
45.9.168.109/westpac/index_files/ 0
0 50ms
49ms Font
text/html 45.9.168.109
MAXKO

General

Check archive.org

Show headers Download Go to

Full URL: http://45.9.168.109/westpac/index_files/SourceSansPro-Italic.ttf
Requested by: Host: 45.9.168.109
URL: http://45.9.168.109/westpac/index_files/styles.0788bdac6057c9cfea7d.css
Protocol: HTTP/1.1
Server: 45.9.168.109 , Hungary, ASN211619 (MAXKO, HR),
Reverse DNS: cleanmx5.boulangeriehaubourdin.fr
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Referer: http://45.9.168.109/westpac/index_files/styles.0788bdac6057c9cfea7d.css
Origin: http://45.9.168.109
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Wed, 17 Aug 2022 12:02:24 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 274
Content-Type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Bold.ttf

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Regular.ttf

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-medium.woff2

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular-italic.woff2

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular.woff2

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-medium.woff

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular.woff

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular-italic.woff

Domain: bank.westpac.co.nz
URL: https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Italic.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nexi (Banking) Westpac (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			45.9.168.109/	1969-12-31 23:59:59	Name: PHPSESSID Value: mivtq9ok1oauv5nns47s3icl5l

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://45.9.168.109/westpac/index_files/theme.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://45.9.168.109/westpac/index_files/base.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: http://45.9.168.109/westpac/index1.php(Line 321) Message: Unsafe attempt to load URL https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg from frame with URL http://45.9.168.109/westpac/index1.php. Domains, protocols and ports must match.
security	error	URL: http://45.9.168.109/westpac/index1.php(Line 331) Message: Unsafe attempt to load URL https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg from frame with URL http://45.9.168.109/westpac/index1.php. Domains, protocols and ports must match.
security	error	URL: http://45.9.168.109/westpac/index1.php(Line 341) Message: Unsafe attempt to load URL https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg from frame with URL http://45.9.168.109/westpac/index1.php. Domains, protocols and ports must match.
security	error	URL: http://45.9.168.109/westpac/index1.php(Line 351) Message: Unsafe attempt to load URL https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg from frame with URL http://45.9.168.109/westpac/index1.php. Domains, protocols and ports must match.
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-medium.woff2' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular.woff2' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular-italic.woff2' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular-italic.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Bold.ttf' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Bold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Regular.ttf' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-medium.woff' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-medium.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://45.9.168.109/westpac/index_files/SourceSansPro-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular.woff' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular-italic.woff' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular-italic.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://45.9.168.109/westpac/index_files/national-2-web-regular-italic.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: http://45.9.168.109/westpac/index1.php Message: Access to font at 'https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Italic.ttf' from origin 'http://45.9.168.109' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Italic.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://45.9.168.109/westpac/index_files/SourceSansPro-Italic.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.westpac.co.nz
banking.westpac.com.au
business.nexi.it
www.nexi.it
bank.westpac.co.nz
110.5.81.221
185.198.118.126
185.198.118.43
202.7.41.228
45.9.168.109
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0662948e18bfefa0ad7a432d7c68e1ca5cb86df231f785931e84c519360bae04
08ef93a94050a0163b4f527a389e2391cbbd513844e239e96cbc752ce7b108b4
099c8a9a4c3795739754be1f82022a41db3a6f035d811a4168ac9f654d94695f
1bf71bfcdca3d5a631316535350da96f02cf11957362019c87b15898a09721d4
23e22334f525b2759e87148b6f29191ac1ebb8d411456a70496e6734f5a5c7dc
34efa6b825e55ddb3678ccf4370187ee65e85724851e821cec0f31d07bcfd0e0
41b845c09c573e9a0941b055e38eaa411a44b2068763e0d11e12d5cb1326e6b2
4d0a006b40d857b4ac68aeb5ddef50b7dd29abddd4ee9b5e7108d4a9ce4e0102
5369dc4f0b41a153ff04319dc335fdd308ccc468878fb18760a9dcc2cdac03b8
65ed35fd0b6fef076e7a0af5b7bb5ddab00e6d2ab6c82e88d4182cb55b9ad4cc
790272db4f81bd54720506a836a513fb2ef6520b5227ce392be7c1dac52f4621
7cb16eaa505542e5bdcda6c3e764e241fbb4e35e07bf21a820cc19fac1bb3864
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
ba6f9cec5b7703aa912c81886e901804decc82685cc2c6ed1a1d7d66469e0147
cc84eadbd134138804b1e470aaf40d8f801539386400b56b58cebd0d27e3bdb0
cf1c352b986e083292b5713ac5556b02832a8cf248485e627708110e62a83820
fb3a6e43bc13dd8ba3d4cb557202ace068d523d832d6a0312efa3282ede43df8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

45.9.168.109 Open in urlscan Pro 45.9.168.109 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

14 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

6 IPs

4 Countries

608 kBTransfer

1818 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

27 Console Messages

Indicators

45.9.168.109 Open in urlscan Pro
45.9.168.109 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

14 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

6
IPs

4
Countries

608 kB
Transfer

1818 kB
Size

1
Cookies

37 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!