banque.axafr.tel Open in urlscan Pro
159.69.58.82 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dentalimplants.com.au/l
Effective URL:
https://banque.axafr.tel/login/
Submission Tags: https://phish.report @phish_report Search All
Submission: On July 03 via api (July 3rd 2023, 9:58:22 am UTC) from FI — Scanned from AU

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 19 HTTP transactions. The main IP is 159.69.58.82, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is banque.axafr.tel.
TLS certificate: Issued by R3 on July 1st 2023. Valid for: 3 months.

This is the only time banque.axafr.tel was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Axa (Insurance)

Domain & IP information

	IP Address	AS Autonomous System
2 2	45.114.226.228 45.114.226.228	13768 (COGECO-PEER1) (COGECO-PEER1)
1 18	159.69.58.82 159.69.58.82	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.204.138 142.250.204.138	15169 (GOOGLE) (GOOGLE)
19	3

2 45.114.226.228 (Canada) 2 redirects

ASN13768 (COGECO-PEER1, CA)
PTR: qnlvd732.hostpapavps.net

dentalimplants.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 159.69.58.82 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: linux1207.grserver.gr

banque.axafr.tel	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.138 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s41-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	axafr.tel 1 redirects banque.axafr.tel	887 KB
2	dentalimplants.com.au 2 redirects dentalimplants.com.au	182 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433	31 KB
19	3

	Domain	Requested by
18	banque.axafr.tel	1 redirects banque.axafr.tel
2	dentalimplants.com.au	2 redirects
1	ajax.googleapis.com	banque.axafr.tel
19	3

This site contains no links.

Subject Issuer	Validity	Valid
banque.axafr.tel R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://banque.axafr.tel/login/
Frame ID: 9B8A1D141ADBF63CA313057038250027
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Authentification

Page URL History Show full URLs

https://dentalimplants.com.au/l HTTP 301
https://dentalimplants.com.au/l/ HTTP 302
https://banque.axafr.tel/login HTTP 301
https://banque.axafr.tel/login/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

918 kB
Transfer

3089 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dentalimplants.com.au/l HTTP 301
https://dentalimplants.com.au/l/ HTTP 302
https://banque.axafr.tel/login HTTP 301
https://banque.axafr.tel/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
banque.axafr.tel/login/
Redirect Chain

https://dentalimplants.com.au/l
https://dentalimplants.com.au/l/
https://banque.axafr.tel/login
https://banque.axafr.tel/login/

22 KB
5 KB

348ms
348ms

Document
text/html

159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: faa5da3f63f443c8735d17772f17e1e7a994105fdcec66c09e7d9e88467e3ce3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 03 Jul 2023 09:58:13 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 239
content-type: text/html; charset=iso-8859-1
date: Mon, 03 Jul 2023 09:58:13 GMT
location: https://banque.axafr.tel/login/
server: nginx

GET
H2 200 style.css
banque.axafr.tel/login/css/ 123 KB
21 KB 345ms
343ms Stylesheet
text/css 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/css/style.css
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 65ea9eb1b0dd897dacf9a2b1d501456c43c60cfc2f63c0be026079bd5b67c38c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:26 GMT
server: nginx
etag: W/"64a0920a-1ebf5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 axb_app.css
banque.axafr.tel/login/css/ 195 KB
28 KB 685ms
682ms Stylesheet
text/css 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/css/axb_app.css
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: ab1912868016d8b637e414c6f955d5be881e1d93e48f952beaf3f05af99a7959

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:25 GMT
server: nginx
etag: W/"64a09209-30c6b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 app.css
banque.axafr.tel/login/css/ 5 KB
1 KB 687ms
684ms Stylesheet
text/css 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/css/app.css
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 4043288121a80631ae3f30ad21031a77e8937e729efbaedf0342efcba2ddd699

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:25 GMT
server: nginx
etag: W/"64a09209-136f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 axb_app2.css
banque.axafr.tel/login/css/ 41 KB
7 KB 687ms
684ms Stylesheet
text/css 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/css/axb_app2.css
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 1adf1f5ce75fd61ee93ee5c0addd2a67ca30c60a0e196aff94175adc8bb977c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:26 GMT
server: nginx
etag: W/"64a0920a-a4c4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 modules-hashes-lib.min.js Show response
banque.axafr.tel/login/js/ 10 KB
4 KB 1023ms
1021ms Script
application/javascript 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/js/modules-hashes-lib.min.js?nocache=true
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 621ac9d6e3205ec43743bc63947322782ad63dc3e39d25e6535005c0d3ef8086

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"64a0920c-27f3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 domi-auth-fat.js Show response
banque.axafr.tel/login/js/ 1005 KB
240 KB 1023ms
1021ms Script
application/javascript 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/js/domi-auth-fat.js
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 8ac6ff8e8cf78df0900957290ec8eea2e8cf1cdda638bfefcade7e0f00f26bb0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"64a0920c-fb52e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 brand-i18n-lib.min.js Show response
banque.axafr.tel/login/js/ 6 KB
2 KB 1024ms
1021ms Script
application/javascript 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/js/brand-i18n-lib.min.js
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: a1a1df7eb2feeeda70bfe572b27b892b8067bc13d7fe9904c873e18998bec4f6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:27 GMT
server: nginx
etag: W/"64a0920b-196f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 otp-wc-lib.min.js Show response
banque.axafr.tel/login/js/ 138 KB
35 KB 1024ms
1022ms Script
application/javascript 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/js/otp-wc-lib.min.js
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 832c33fc238d8718f406d04f43080ea70562892add487ba6745a3ef131461643

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"64a0920c-22944"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 bundle.js Show response
banque.axafr.tel/login/js/ 772 KB
126 KB 1023ms
1022ms Script
application/javascript 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/js/bundle.js
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 4d776fd13e3906339a1bccf1b0c243f9e9da2aaa05d09e58260a95c92f77a237

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: br
last-modified: Sat, 01 Jul 2023 20:52:28 GMT
server: nginx
etag: W/"64a0920c-c106b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 arrow_chevron_blue.svg
banque.axafr.tel/login/css/assets/images/ 975 B
754 B 1023ms
1022ms Image
image/svg+xml 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banque.axafr.tel/login/css/assets/images/arrow_chevron_blue.svg
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: b4759f6b003895de3b7a62daa34619d97be67545b16f1cacf595a2f7c854147f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:13 GMT
content-encoding: gzip
last-modified: Sat, 01 Jul 2023 20:52:29 GMT
server: nginx
etag: W/"64a0920d-3cf"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:13 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 772ms
222ms Script
text/javascript 142.250.204.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s41-in-f10.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 08:37:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jul 2024 08:37:20 GMT

GET
H2 200 sourcesanspro-bold.woff2
banque.axafr.tel/login/fonts/ 81 KB
82 KB 1007ms
1006ms Font
font/woff2 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/fonts/sourcesanspro-bold.woff2
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: eea9741a9a8fb7335f16385485f96b6156e438c9c7c9b248cbc8329e22b1fdf1

Request headers

Referer: https://banque.axafr.tel/login/css/style.css
Origin: https://banque.axafr.tel
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:14 GMT
last-modified: Sat, 01 Jul 2023 20:52:26 GMT
server: nginx
etag: "64a0920a-145bc"
content-type: font/woff2
cache-control: max-age=864000
accept-ranges: bytes
content-length: 83388
expires: Thu, 13 Jul 2023 09:58:14 GMT

GET
H2 200 sourcesanspro-regular.woff2
banque.axafr.tel/login/fonts/ 83 KB
83 KB 1006ms
1006ms Font
font/woff2 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/fonts/sourcesanspro-regular.woff2
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 89de2f207fac8289b2b0d7300b282db8347db9f3098a30662c72ced8c199971c

Request headers

Referer: https://banque.axafr.tel/login/css/style.css
Origin: https://banque.axafr.tel
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:14 GMT
last-modified: Sat, 01 Jul 2023 20:52:26 GMT
server: nginx
etag: "64a0920a-14b48"
content-type: font/woff2
cache-control: max-age=864000
accept-ranges: bytes
content-length: 84808
expires: Thu, 13 Jul 2023 09:58:14 GMT

GET
BLOB 200
OK efa44ed4-bac8-4519-b178-35ad16586659
https://banque.axafr.tel/ 6 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://banque.axafr.tel/efa44ed4-bac8-4519-b178-35ad16586659
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/js/otp-wc-lib.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8384d8da1d2066146afe05c62b2f5853d357d4efbd89e0cb91a89b5b6f01e3f

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 5942
Content-Type: text/css

GET
H2 200 authent.jpg
banque.axafr.tel/login/css/assets/images/ 100 KB
100 KB 340ms
340ms Image
image/jpeg 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banque.axafr.tel/login/css/assets/images/authent.jpg
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: 88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:15 GMT
last-modified: Sat, 01 Jul 2023 20:52:29 GMT
server: nginx
etag: "64a0920d-18f2f"
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
content-length: 102191
expires: Thu, 13 Jul 2023 09:58:15 GMT

GET
H2 200 icons.svg Show response
banque.axafr.tel/login/js/assets/images/ 205 KB
75 KB 346ms
346ms Fetch
image/svg+xml 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/js/assets/images/icons.svg
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/js/domi-auth-fat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: c5e8137f80f3bd8881e561b37b25b07dbaf7d70c7bf94b76769c2fb01e2969b3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:16 GMT
content-encoding: gzip
last-modified: Sat, 01 Jul 2023 20:52:31 GMT
server: nginx
etag: W/"64a0920f-33529"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:16 GMT

GET
H2 200 icons.svg Show response
banque.axafr.tel/login/js/assets/images/ 205 KB
75 KB 344ms
344ms Fetch
image/svg+xml 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://banque.axafr.tel/login/js/assets/images/icons.svg
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/js/domi-auth-fat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: c5e8137f80f3bd8881e561b37b25b07dbaf7d70c7bf94b76769c2fb01e2969b3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:16 GMT
content-encoding: gzip
last-modified: Sat, 01 Jul 2023 20:52:31 GMT
server: nginx
etag: W/"64a0920f-33529"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=864000
expires: Thu, 13 Jul 2023 09:58:16 GMT

GET
H2 200 logo.png
banque.axafr.tel/login/js/assets/images/ 2 KB
2 KB 340ms
340ms Image
image/png 159.69.58.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banque.axafr.tel/login/js/assets/images/logo.png
Requested by: Host: banque.axafr.tel
URL: https://banque.axafr.tel/login/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.58.82 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: linux1207.grserver.gr
Software: nginx /
Resource Hash: edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://banque.axafr.tel/login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 09:58:16 GMT
last-modified: Sat, 01 Jul 2023 20:52:31 GMT
server: nginx
etag: "64a0920f-618"
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
content-length: 1560
expires: Thu, 13 Jul 2023 09:58:16 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Axa (Insurance)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
banque.axafr.tel
dentalimplants.com.au
142.250.204.138
159.69.58.82
45.114.226.228
1adf1f5ce75fd61ee93ee5c0addd2a67ca30c60a0e196aff94175adc8bb977c1
4043288121a80631ae3f30ad21031a77e8937e729efbaedf0342efcba2ddd699
4d776fd13e3906339a1bccf1b0c243f9e9da2aaa05d09e58260a95c92f77a237
621ac9d6e3205ec43743bc63947322782ad63dc3e39d25e6535005c0d3ef8086
65ea9eb1b0dd897dacf9a2b1d501456c43c60cfc2f63c0be026079bd5b67c38c
832c33fc238d8718f406d04f43080ea70562892add487ba6745a3ef131461643
88cab827e057fb6324adcd3c2ed3eb208ac434a440f2cb6f32ef0c6f8af6156d
89de2f207fac8289b2b0d7300b282db8347db9f3098a30662c72ced8c199971c
8ac6ff8e8cf78df0900957290ec8eea2e8cf1cdda638bfefcade7e0f00f26bb0
a1a1df7eb2feeeda70bfe572b27b892b8067bc13d7fe9904c873e18998bec4f6
ab1912868016d8b637e414c6f955d5be881e1d93e48f952beaf3f05af99a7959
b4759f6b003895de3b7a62daa34619d97be67545b16f1cacf595a2f7c854147f
c5e8137f80f3bd8881e561b37b25b07dbaf7d70c7bf94b76769c2fb01e2969b3
d8384d8da1d2066146afe05c62b2f5853d357d4efbd89e0cb91a89b5b6f01e3f
edfea819415ff38872bae9e171c3e1bc2b9d9e1907b1b61d5e576c281dcf3f77
eea9741a9a8fb7335f16385485f96b6156e438c9c7c9b248cbc8329e22b1fdf1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
faa5da3f63f443c8735d17772f17e1e7a994105fdcec66c09e7d9e88467e3ce3

banque.axafr.tel Open in urlscan Pro 159.69.58.82 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

918 kBTransfer

3089 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

45 JavaScript Global Variables

0 Cookies

Indicators

banque.axafr.tel Open in urlscan Pro
159.69.58.82 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

918 kB
Transfer

3089 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!