www.bendligo-login.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bendligo-login.com/
Submission: On January 03 via automatic, source certstream-suspicious (January 3rd 2023, 10:46:16 pm UTC) — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.bendligo-login.com.
TLS certificate: Issued by E1 on January 3rd 2023. Valid for: 3 months.

This is the only time www.bendligo-login.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bendigo Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
7	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3033::6815:c55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2

7 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

www.bendligo-login.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::6815:c55 (United States)

ASN13335 (CLOUDFLARENET, US)

k54687913.group	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	bendligo-login.com www.bendligo-login.com	182 KB
4	k54687913.group k54687913.group	1 KB
11	2

	Domain	Requested by
7	www.bendligo-login.com	www.bendligo-login.com
4	k54687913.group	www.bendligo-login.com
11	2

This site contains no links.

Subject Issuer	Validity	Valid
*.bendligo-login.com E1	`2023-01-03` - `2023-04-03`	3 months	crt.sh
*.k54687913.group E1	`2022-12-04` - `2023-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.bendligo-login.com/
Frame ID: 4097F7C15EA590FACE4E43C3317A6ECB
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bendigo Bank - Log in to e-banking

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

183 kB
Transfer

299 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.bendligo-login.com/	38 KB 12 KB	482ms 411ms	Document text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bendligo-login.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash `27e2c1ba52b3fbdc60309a5f9002b6a906cdc43c16357def077104b48e085dde` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 783f44e3998b0bbf-AMS content-encoding br content-type text/html date Tue, 03 Jan 2023 22:46:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FPofxP4o%2BTTTNvXms6SrjFGzer98AIV1qS80FLrCi61mC44Z3UIOg7u%2BU7YhbsYJcoCf5mg15D8grDNmOp1gvGIwTsJjV22CAOJFYFBDYKVRtWIRfw%2BMpvMJZe9L1YycXoLMPKsGVAeKpxGHwjN7lbLZJHT"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/5.6.40
GET H2	200	app.css www.bendligo-login.com/assets/css/	15 KB 3 KB	132ms 130ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bendligo-login.com/assets/css/app.css Requested by Host: www.bendligo-login.com URL: https://www.bendligo-login.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f97bcb7f11995c4f4120e5484a9fc23566813c7080b93418f42da6ae81510ee4` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.bendligo-login.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 22:46:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Jan 2023 22:24:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63b4ab24-3a1a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI%2B%2BstK%2BWOPWYeGz22H7Xc%2Bo9bwTm0w0UzfoJUZUF2Tu7LJIezG1eCzSe524hjBn6Kfb%2F6gbQXGykBjuGmB6mahgIb5pTh1qIvzVbVPMr7PeTK5Dp97iWFGxEzYi8QAPBdxhGkVbkf9%2BL%2FTx2fITYy130HYA"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 783f44e62d490bbf-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 10 Jan 2023 22:46:12 GMT
GET H2	200	axios.min.js Show response www.bendligo-login.com/assets/js/	29 KB 11 KB	135ms 134ms	Script application/x-javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bendligo-login.com/assets/js/axios.min.js Requested by Host: www.bendligo-login.com URL: https://www.bendligo-login.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c493537a12290bafdb938d453332243c08dea3c718be71a7c5bbff62000cd688` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.bendligo-login.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 22:46:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Jan 2023 21:51:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63b4a352-7396" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5TcuB7ljLLIMlB218YezDWcr%2BPuthaqkK5iCSmxXiXL%2FMMIQl1xWrMnACWgzTUGitnEtZj80zij0vSUtqsF6KlkXIfNGdPkdvKkUKVgNNhp7rkLiQb%2BgMb1KYvKvebjKr3V%2BXqlmUY8531wtC3L%2BnDOW5l%2B"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=604800 cf-ray 783f44e63d4d0bbf-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 10 Jan 2023 22:46:12 GMT
GET H2	200	jquery.min.js Show response www.bendligo-login.com/assets/js/	87 KB 32 KB	188ms 187ms	Script application/x-javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bendligo-login.com/assets/js/jquery.min.js Requested by Host: www.bendligo-login.com URL: https://www.bendligo-login.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.bendligo-login.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 22:46:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Jan 2023 21:51:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63b4a352-15d84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX15HIAdWP8fz9S7FobqRw5UwXxN9UP%2F8o6mJJ5AD7iOzf%2BrqBnTv5vUqJjJs9DvIhHvbS%2FBX7Ze44V7yxg1%2B78EndMAIC6w8WriQ1rZXgfl2eYcKqq1fVzRBqPXi%2B9pCism92kqXyVwCkcHL88%2B4XwS1TvU"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=604800 cf-ray 783f44e63d4f0bbf-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 10 Jan 2023 22:46:12 GMT
GET H2	200	browser.js Show response www.bendligo-login.com/assets/js/	2 KB 996 B	138ms 138ms	Script application/x-javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bendligo-login.com/assets/js/browser.js Requested by Host: www.bendligo-login.com URL: https://www.bendligo-login.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `00475f82a523cbdc75170a661b62c432a03d74b658aaa6c22190da68cdef4501` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.bendligo-login.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 22:46:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Jan 2023 21:51:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63b4a352-9db" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fnyd9q8N7tVRSuTN%2BtF2U%2Fm9Rlu2xDANKvdzb8LvyyvEB85CmGUwhGIAIHfSMmsJo5M11GcMuSlnZmomezfpHrNZTdwLdeuTds%2F6Ejew7SxTYR5IQcJHf%2Bh0mUkoZG0EHibbKQGzu6Gk1wx6XZ%2Bz8K4226CV"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=604800 cf-ray 783f44e63d510bbf-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 10 Jan 2023 22:46:12 GMT
GET H2	200	app.js Show response www.bendligo-login.com/assets/js/	8 KB 2 KB	137ms 137ms	Script application/x-javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.bendligo-login.com/assets/js/app.js Requested by Host: www.bendligo-login.com URL: https://www.bendligo-login.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6011467dba0a8a7a640f5c72e5fd83b82778cac90681fb4d3b954da7bab33c05` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.bendligo-login.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 22:46:12 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Jan 2023 22:27:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63b4abd2-1f95" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okxaupcU%2FFcRl%2BlpBhhV2xPwHXWXJHYUbvdjwJIPPZ1%2BwIF6phWsmxcFbpket6G2sz3aTL9CsWdrfybCPMCrfDFH5bIdUWxeoCqpslq39fxVgNxywJXRfG6XDPoaasMsHZ5rhb2N59NhmUiTTD696OXcBIaI"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=604800 cf-ray 783f44e63d520bbf-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 10 Jan 2023 22:46:12 GMT
GET H3	200	switchnow.jpg www.bendligo-login.com/assets/img/	120 KB 121 KB	231ms 231ms	Image image/jpeg	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bendligo-login.com/assets/img/switchnow.jpg Requested by Host: www.bendligo-login.com URL: https://www.bendligo-login.com/assets/css/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `42bbce07fbfd4b2b2d7d8297065238543646ec3113de6e39ea3fde25a54a6b0d` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.bendligo-login.com/assets/css/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 22:46:12 GMT cf-cache-status MISS last-modified Tue, 03 Jan 2023 21:51:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "63b4a352-1e011" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYb86igxg2nc52%2BjNO%2FzmBjh2jShVggiiKDUphxO%2F0J%2Fb0%2BdU2vm5%2BcUMXQsWkummNCecEaAzHjHDOjnva7zXskijF4Iy4bD3ba0wPFINFdycQSCiI5RpvCVbt4rcLWhjCSi1oBoSjTJsWoSyofCqpWjzREg"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 783f44e7090d0e3a-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 122897 expires Thu, 02 Feb 2023 22:46:12 GMT
POST H3	200	detect Show response k54687913.group/api/	0 619 B	201ms 172ms	XHR text/html	2606:4700:3033::6815:c55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://k54687913.group/api/detect Requested by Host: www.bendligo-login.com URL: https://www.bendligo-login.com/assets/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:c55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/plain, / Referer https://www.bendligo-login.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers date Tue, 03 Jan 2023 22:46:12 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare x-ratelimit-remaining 999 access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rrq7X3Runt%2F61OMf4S05LzF6GDcxqVHlxDrl73ixLI34WNCBbulEUAXcMtMFj1qciv9Q4IUJfEwr4GGwIZKJwQpl0fesue6Wv2bnr4OVKotNgh5%2ByHrukxdoW7GQ3lJ1w2dS%2Fu%2BC0MD0ZD1VhI0%3D"}],"group":"cf-nel","max_age":604800} cache-control no-cache, private x-ratelimit-limit 1000 cf-ray 783f44e9be76b7a2-AMS access-control-allow-headers X-Requested-With, Content-Type, X-Token-Auth, Authorization vary Accept-Encoding
OPTIONS H2	204	detect k54687913.group/api/	0 0	295ms 139ms	Preflight	2606:4700:3033::6815:c55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://k54687913.group/api/detect Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:c55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.bendligo-login.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 0 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 783f44e8aca30eb0-AMS date Tue, 03 Jan 2023 22:46:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtjqGyNcEDfv6sXPYU67%2FFbPRNjr3u9rnpP3F2nQduBMKsKF1dCo3jS2BnWe9%2FIgXVYMQR6dC2LttSpt5alvHUThFSyExD%2FLUfouS3svbaDcDiwWuqsycvFm%2BOXx52R0Lze3kK15dGEwftGTADg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Access-Control-Request-Method,Access-Control-Request-Headers
POST H3	200	check-action Show response k54687913.group/api/	0 582 B	157ms 156ms	XHR text/html	2606:4700:3033::6815:c55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://k54687913.group/api/check-action Requested by Host: www.bendligo-login.com URL: https://www.bendligo-login.com/assets/js/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:c55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/plain, / Referer https://www.bendligo-login.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers date Tue, 03 Jan 2023 22:46:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare x-ratelimit-remaining 999 access-control-allow-methods OPTIONS, GET, POST, PUT, DELETE content-type text/html; charset=UTF-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRAEOnlRmLrV1WqkHwNjjS3ktd3WoVIRtVgO9yH6DkxvNgYA7OqXtVwkagyjTkxt0v%2BYN8sbfmo8lMg04GIz3zCX%2FkPNT0Cyq4wmmf70AA7Inpf%2FGUptmpUUebSe5P0DCjRrcQyz4P8aY9s6lyo%3D"}],"group":"cf-nel","max_age":604800} cache-control no-cache, private x-ratelimit-limit 1000 cf-ray 783f44fb1d76b7a2-AMS access-control-allow-headers X-Requested-With, Content-Type, X-Token-Auth, Authorization vary Accept-Encoding
OPTIONS H3	204	check-action k54687913.group/api/	0 0	99ms 98ms	Preflight	2606:4700:3033::6815:c55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://k54687913.group/api/check-action Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:c55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://www.bendligo-login.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 0 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 783f44fa7cf1b7a2-AMS date Tue, 03 Jan 2023 22:46:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYod%2Fpjrb0QIDZ%2BlobcLJQGFYU3sEV5lVLk6mU34RYZ0UiTug%2B1U8bDjtV05FkOqcs%2FxH6HAEpO0iWnLaDENmd7uchc2Qcfe7f4UdoMbwcTZVdxNOyulP796Egw2jGj8QzhK%2BrFLu7hip4maHzw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bendigo Bank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

k54687913.group
www.bendligo-login.com
2606:4700:3033::6815:c55
2a06:98c1:3120::c
00475f82a523cbdc75170a661b62c432a03d74b658aaa6c22190da68cdef4501
27e2c1ba52b3fbdc60309a5f9002b6a906cdc43c16357def077104b48e085dde
42bbce07fbfd4b2b2d7d8297065238543646ec3113de6e39ea3fde25a54a6b0d
6011467dba0a8a7a640f5c72e5fd83b82778cac90681fb4d3b954da7bab33c05
c493537a12290bafdb938d453332243c08dea3c718be71a7c5bbff62000cd688
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f97bcb7f11995c4f4120e5484a9fc23566813c7080b93418f42da6ae81510ee4

www.bendligo-login.com Open in urlscan Pro 2a06:98c1:3120::c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

183 kBTransfer

299 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

www.bendligo-login.com Open in urlscan Pro
2a06:98c1:3120::c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

183 kB
Transfer

299 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!