ib.boq.com.au.qobl.wf Open in urlscan Pro
51.83.30.6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ib.boq.com.au.qobl.wf/
Submission: On October 31 via api (October 31st 2022, 7:25:52 am UTC) from GB — Scanned from AU

Summary HTTP 21 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 51.83.30.6, located in France and belongs to OVH, FR. The main domain is ib.boq.com.au.qobl.wf.

This is the only time ib.boq.com.au.qobl.wf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
21	51.83.30.6 51.83.30.6		16276 (OVH) (OVH)
21	1

21 51.83.30.6 (France)

ASN16276 (OVH, FR)
PTR: ip6.ip-51-83-30.eu

ib.boq.com.au.qobl.wf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	qobl.wf ib.boq.com.au.qobl.wf	1 MB
21	1

	Domain	Requested by
21	ib.boq.com.au.qobl.wf	ib.boq.com.au.qobl.wf
21	1

This site contains links to these domains. Also see Links.

Domain
my.gov.au

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://ib.boq.com.au.qobl.wf/
Frame ID: B7D4131C072C0399A8B54D4322763EDA
Requests: 14 HTTP requests in this frame

Frame: http://ib.boq.com.au.qobl.wf/login_files/a.html
Frame ID: 271DEB7E9BDEFDA70307C0AEAA283886
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign-in - myGov

Page Statistics

21
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1224 kB
Transfer

1219 kB
Size

5
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://my.gov.au/mygov

Search URL Search Domain Scan URL

URL: https://my.gov.au/CredentialManager/recoverUserId.jsp?Origin=&Return=/sps/auth&Login=true
Title: Forgot username

Search URL Search Domain Scan URL

URL: https://my.gov.au/CredentialManager/resetPassword.jsp?Origin=&Return=/sps/auth&Login=true
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://my.gov.au/EnrolService/register.jsp?login=true&Return=/mygov
Title: Create an account

Search URL Search Domain Scan URL

URL: https://my.gov.au/mygov/content/html/security.html
Title: protect your information

Search URL Search Domain Scan URL

URL: https://my.gov.au/mygov/content/html/about.html
Title: About myGov

Search URL Search Domain Scan URL

URL: https://my.gov.au/mygov/content/html/contact.html
Title: Contact us

Search URL Search Domain Scan URL

URL: https://my.gov.au/mygov/content/html/terms.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://my.gov.au/mygov/content/html/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://my.gov.au/mygov/content/html/copyright.html
Title: Copyright

Search URL Search Domain Scan URL

URL: https://my.gov.au/mygov/content/html/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://my.gov.au/mygov/content/html/help.html
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ib.boq.com.au.qobl.wf/	8 KB 9 KB	816ms 431ms	Document text/html	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `aee718b454049f0dea06f63b6d4c7680fbf423fe1240c45817e6543fafa3b142` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Mon, 31 Oct 2022 07:25:45 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	dtagent_ICA23STVbjrx_7000100291007.js Show response ib.boq.com.au.qobl.wf/login_files/	118 KB 118 KB	394ms 394ms	Script application/javascript	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/dtagent_ICA23STVbjrx_7000100291007.js Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `a11ba53e03753ec16867238759218d80962b6b87a1b4c0dfdcb7dcc205ae610b` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:46 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 120952
GET H/1.1	200 OK	mgv2-application.css ib.boq.com.au.qobl.wf/login_files/	92 KB 92 KB	393ms 393ms	Stylesheet text/css	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/mgv2-application.css Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `36d18f0d542d9426760d3bd7ddff7e003c1c3259217a4a764312345399893bae` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:46 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 94441
GET H/1.1	200 OK	austgovt-inline-white.svg ib.boq.com.au.qobl.wf/login_files/	113 KB 113 KB	760ms 386ms	Image image/svg+xml	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ib.boq.com.au.qobl.wf/login_files/austgovt-inline-white.svg Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:47 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 115808
GET H/1.1	200 OK	mygov-logo.svg ib.boq.com.au.qobl.wf/login_files/	2 KB 2 KB	790ms 400ms	Image image/svg+xml	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ib.boq.com.au.qobl.wf/login_files/mygov-logo.svg Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:47 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2209
GET H/1.1	200 OK	hand-code-device.svg ib.boq.com.au.qobl.wf/login_files/	4 KB 4 KB	434ms 401ms	Image image/svg+xml	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ib.boq.com.au.qobl.wf/login_files/hand-code-device.svg Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `4fe25ba82974e388b37b9d893dd5cbb15f3c88a1f705d337d95101e5598062bd` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:47 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4134
GET H/1.1	200 OK	austgovt-inline.svg ib.boq.com.au.qobl.wf/login_files/	113 KB 113 KB	394ms 393ms	Image image/svg+xml	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ib.boq.com.au.qobl.wf/login_files/austgovt-inline.svg Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `f123bda4af8b57bf1a683920703c7841ba38aa4a98c02ef01b92d2b1d2696132` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:47 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 115806
GET H/1.1	200 OK	mgv2-vendor.js Show response ib.boq.com.au.qobl.wf/login_files/	147 KB 147 KB	395ms 394ms	Script application/javascript	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/mgv2-vendor.js Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `885aaaf3099bdd3ad736a1bdd2bf230053c58114e1f9358821983d41af9b055f` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:47 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 150743
GET H/1.1	200 OK	mgv2-application.js Show response ib.boq.com.au.qobl.wf/login_files/	62 KB 62 KB	751ms 392ms	Script application/javascript	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/mgv2-application.js Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `5a0df06a1ef208ed03a9d0609f39a3aedffcdac74499ffbf97ebc1b516d2bc85` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:47 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 63260
GET H/1.1	200 OK	login.js Show response ib.boq.com.au.qobl.wf/login_files/	106 B 361 B	756ms 385ms	Script application/javascript	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/login.js Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `d6e20b551788faad5ee8d08a843c1ca521b392065008f9a8051ca74152debba2` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:47 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 106
GET H/1.1	200 OK	a.html Show response ib.boq.com.au.qobl.wf/login_files/ Frame 271D	5 KB 5 KB	385ms 383ms	Document text/html	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/a.html Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `2864a6662507eeb582eb5b7bdfca074d30bf2ee8ebb9fada0a81082820dc69fe` Request headers Referer http://ib.boq.com.au.qobl.wf/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 4683 Content-Type text/html Date Mon, 31 Oct 2022 07:25:47 GMT Keep-Alive timeout=5, max=99 Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache
GET H/1.1	404 Not Found	va_arrowup.svg ib.boq.com.au.qobl.wf/icons/	315 B 315 B	395ms 393ms	Image text/html	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ib.boq.com.au.qobl.wf/icons/va_arrowup.svg Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/mgv2-application.css Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/login_files/mgv2-application.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:47 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
POST H/1.1	404 Not Found	vagt Show response ib.boq.com.au.qobl.wf/mga/sps/apiauthsvc/	315 B 515 B	398ms 398ms	XHR text/html	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/mga/sps/apiauthsvc/vagt Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/dtagent_ICA23STVbjrx_7000100291007.js Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Accept application/json Referer http://ib.boq.com.au.qobl.wf/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json Response headers Date Mon, 31 Oct 2022 07:25:48 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	botchat.css ib.boq.com.au.qobl.wf/login_files/a_data/ Frame 271D	20 KB 21 KB	384ms 384ms	Stylesheet text/css	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/a_data/botchat.css Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/a.html Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `e24c13b1ad998bdf3a2b66508f87db27891825d181a06704b1fdd1a86336e680` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/login_files/a.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:48 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 20803
GET H/1.1	200 OK	botchat-fullwindow.css ib.boq.com.au.qobl.wf/login_files/a_data/ Frame 271D	297 B 537 B	395ms 394ms	Stylesheet text/css	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/a_data/botchat-fullwindow.css Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/a.html Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `1870ce18de5358bfc0d09edfc4eae4968d43461c57a22b10a3aacc792479e33d` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/login_files/a.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:48 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 297
GET H/1.1	200 OK	botchat-dhs.css ib.boq.com.au.qobl.wf/login_files/a_data/ Frame 271D	25 KB 25 KB	407ms 406ms	Stylesheet text/css	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/a_data/botchat-dhs.css Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/a.html Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `0d3e9721ffc3bd9d8ca6308452cfe9d2eaf51b5f37b74093c4e05996bfa11611` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/login_files/a.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:48 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 25150
GET H/1.1	200 OK	bot.css ib.boq.com.au.qobl.wf/login_files/a_data/ Frame 271D	3 KB 4 KB	397ms 394ms	Stylesheet text/css	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/a_data/bot.css Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/a.html Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `8b8bd40554a405f3fe0982cd9f5d3d759810de50384c86ebf8fdd802814a4100` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/login_files/a.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:48 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 3504
GET H/1.1	200 OK	botchat.js Show response ib.boq.com.au.qobl.wf/login_files/a_data/ Frame 271D	495 KB 495 KB	436ms 400ms	Script application/javascript	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/a_data/botchat.js Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/a.html Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `351f51b382b9e3dbfd45d70ce61df4328963f32246e4523e21cfb2aba7d9bea0` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/login_files/a.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:48 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 506723
GET H/1.1	200 OK	sha256.js Show response ib.boq.com.au.qobl.wf/login_files/a_data/ Frame 271D	10 KB 10 KB	788ms 393ms	Script application/javascript	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/login_files/a_data/sha256.js Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/a.html Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `13d9a59399891dc5420e0c4faa65feb6fe0a5422a9ca388d3e7706ed56f679bf` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/login_files/a.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:48 GMT Last-Modified Thu, 13 Oct 2022 02:52:52 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 9947
GET H/1.1	404 Not Found	dynaTraceMonitor ib.boq.com.au.qobl.wf/LoginServices/main/	315 B 315 B	401ms 401ms	Image text/html	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Show image Full URL http://ib.boq.com.au.qobl.wf/LoginServices/main/dynaTraceMonitor?bwstate=0&unique=1667201149100&flavor=bandwidth Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/ Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-AU,en;q=0.9 Referer http://ib.boq.com.au.qobl.wf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 07:25:49 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 315 Content-Type text/html; charset=iso-8859-1
POST H/1.1	404 Not Found	dynaTraceMonitor Show response ib.boq.com.au.qobl.wf/LoginServices/main/	315 B 515 B	401ms 401ms	XHR text/html	51.83.30.6 OVH
General Check archive.org Show headers Download Go to Full URL http://ib.boq.com.au.qobl.wf/LoginServices/main/dynaTraceMonitor?type=js&session=J40FS4BRCVQTO9V56SJQH6VMSDPGLQ2B&flavor=post&referer=http%3A%2F%2Fib.boq.com.au.qobl.wf%2F&app=MyGov&format=lzw Requested by Host: ib.boq.com.au.qobl.wf URL: http://ib.boq.com.au.qobl.wf/login_files/dtagent_ICA23STVbjrx_7000100291007.js Protocol HTTP/1.1 Server 51.83.30.6 , France, ASN16276 (OVH, FR), Reverse DNS ip6.ip-51-83-30.eu Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer http://ib.boq.com.au.qobl.wf/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/octet-stream Response headers Date Mon, 31 Oct 2022 07:25:51 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ib.boq.com.au.qobl.wf/	1969-12-31 23:59:59	Name: PHPSESSID Value: 72134094daf9e2cb061b09b3dda8606c
ib.boq.com.au.qobl.wf/	1969-12-31 23:59:59	Name: dtSa Value: -
ib.boq.com.au.qobl.wf/	1969-12-31 23:59:59	Name: dtLatC Value: 193
ib.boq.com.au.qobl.wf/	1969-12-31 23:59:59	Name: dtCookie Value: J40FS4BRCVQTO9V56SJQH6VMSDPGLQ2B
ib.boq.com.au.qobl.wf/	1969-12-31 23:59:59	Name: dtPC Value: -

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ib.boq.com.au.qobl.wf/icons/va_arrowup.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ib.boq.com.au.qobl.wf/mga/sps/apiauthsvc/vagt Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ib.boq.com.au.qobl.wf/LoginServices/main/dynaTraceMonitor?bwstate=0&unique=1667201149100&flavor=bandwidth Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ib.boq.com.au.qobl.wf/LoginServices/main/dynaTraceMonitor?type=js&session=J40FS4BRCVQTO9V56SJQH6VMSDPGLQ2B&flavor=post&referer=http%3A%2F%2Fib.boq.com.au.qobl.wf%2F&app=MyGov&format=lzw Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ib.boq.com.au.qobl.wf
51.83.30.6
0d3e9721ffc3bd9d8ca6308452cfe9d2eaf51b5f37b74093c4e05996bfa11611
13d9a59399891dc5420e0c4faa65feb6fe0a5422a9ca388d3e7706ed56f679bf
1870ce18de5358bfc0d09edfc4eae4968d43461c57a22b10a3aacc792479e33d
2864a6662507eeb582eb5b7bdfca074d30bf2ee8ebb9fada0a81082820dc69fe
351f51b382b9e3dbfd45d70ce61df4328963f32246e4523e21cfb2aba7d9bea0
36d18f0d542d9426760d3bd7ddff7e003c1c3259217a4a764312345399893bae
42ded01e719714429c120fcb2076b685587196056c7e75306c7ba0da5fd91721
4fe25ba82974e388b37b9d893dd5cbb15f3c88a1f705d337d95101e5598062bd
5a0df06a1ef208ed03a9d0609f39a3aedffcdac74499ffbf97ebc1b516d2bc85
885aaaf3099bdd3ad736a1bdd2bf230053c58114e1f9358821983d41af9b055f
8b8bd40554a405f3fe0982cd9f5d3d759810de50384c86ebf8fdd802814a4100
91e0d494b2136f506c63c13ebf1ac4a220a6e53a176ee4714505cf3703d0bdbb
a11ba53e03753ec16867238759218d80962b6b87a1b4c0dfdcb7dcc205ae610b
aee718b454049f0dea06f63b6d4c7680fbf423fe1240c45817e6543fafa3b142
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d6e20b551788faad5ee8d08a843c1ca521b392065008f9a8051ca74152debba2
e24c13b1ad998bdf3a2b66508f87db27891825d181a06704b1fdd1a86336e680
f123bda4af8b57bf1a683920703c7841ba38aa4a98c02ef01b92d2b1d2696132

ib.boq.com.au.qobl.wf Open in urlscan Pro 51.83.30.6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

21 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1224 kBTransfer

1219 kBSize

5 Cookies

12 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

73 JavaScript Global Variables

5 Cookies

4 Console Messages

Indicators

ib.boq.com.au.qobl.wf Open in urlscan Pro
51.83.30.6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1224 kB
Transfer

1219 kB
Size

5
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!