www.initialab.co Open in urlscan Pro
66.147.244.128 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php
Submission: On July 24 via manual (July 24th 2017, 7:21:13 pm UTC) from AU

Summary HTTP 44 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 44 HTTP transactions. The main IP is 66.147.244.128, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is www.initialab.co.

This is the only time www.initialab.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Kiwibank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
26	66.147.244.128 66.147.244.128	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
16	202.12.250.201 202.12.250.201	24074 (NZPOST-NZ...) (NZPOST-NZ-AP New Zealand Post)
44	3

26 66.147.244.128 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: box828.bluehost.com

www.initialab.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 202.12.250.201 (Wellington, New Zealand)

ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ)

www.ib.kiwibank.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	initialab.co www.initialab.co	4 KB
16	kiwibank.co.nz www.ib.kiwibank.co.nz	61 KB
44	2

	Domain	Requested by
26	www.initialab.co	www.initialab.co
16	www.ib.kiwibank.co.nz	www.initialab.co
44	2

This site contains links to these domains. Also see Links.

Domain
www.kiwibank.co.nz
www.ib.kiwibank.co.nz

Subject Issuer	Validity	Valid
www.ib.kiwibank.co.nz DigiCert SHA2 Extended Validation Server CA	`2017-07-06` - `2019-07-10`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php
Frame ID: 6602.1
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

44
Requests

36 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

65 kB
Transfer

219 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kiwibank.co.nz/
Title:

Search URL Search Domain Scan URL

URL: https://www.kiwibank.co.nz/personal-banking/ways-to-bank/on-the-internet/register.asp
Title: More about internet banking

Search URL Search Domain Scan URL

URL: https://www.kiwibank.co.nz/personal-banking/ways-to-bank/on-the-internet/forgotten-password.asp
Title: access number

Search URL Search Domain Scan URL

URL: https://www.kiwibank.co.nz/about-us/security/guarantee.asp
Title:

Search URL Search Domain Scan URL

URL: https://www.kiwibank.co.nz/about-us/security/keepSafe.asp
Title: KeepSafe

Search URL Search Domain Scan URL

URL: https://www.kiwibank.co.nz/about-us/security/protect-yourself/
Title: Staying safe online

Search URL Search Domain Scan URL

URL: https://www.kiwibank.co.nz/about-us/security/protect-yourself/suspicious-email.asp
Title: Forward suspicious emails

Search URL Search Domain Scan URL

URL: https://www.kiwibank.co.nz/about-us/security/how-we-protect-you/other-steps.asp#phishlabs
Title:

Search URL Search Domain Scan URL

URL: http://www.kiwibank.co.nz/about-us/contact-us/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.ib.kiwibank.co.nz/mobile/
Title: Mobile banking login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response www.initialab.co/gnota2/.co.nz/login/personal-banking/login/	10 KB 4 KB	982ms 435ms	Document text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash `d9a7b59235f301abf355fe42aebb97683a606864228ca54c51c5cfaef4180b93` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:55 GMT Content-Encoding gzip Server nginx/1.12.1 Vary Accept-Encoding Content-Type text/html X-Acc-Exp 600 Connection keep-alive Content-Length 4549 X-Proxy-Cache BYPASS www.initialab.co
GET H/1.1	200 OK	main.css www.ib.kiwibank.co.nz/css/	163 KB 38 KB	1483ms 292ms	Stylesheet text/css	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Full URL https://www.ib.kiwibank.co.nz/css/main.css Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `0f8c5f683ad3308ccf3db277f329be86461803b377fdc95ef4abfbcf4194ae92` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Last-Modified Thu, 15 Jun 2017 02:50:44 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "0dabf2e82e5d21:0" ntCoent-Length 166592 Transfer-Encoding chunked Content-Type text/css Cache-Control private Accept-Ranges bytes X-UA-Compatible IE=edge
GET H/1.1	200 OK	splash.css www.ib.kiwibank.co.nz/css/	967 B 450 B	1480ms 289ms	Stylesheet text/css	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Full URL https://www.ib.kiwibank.co.nz/css/splash.css Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `c5da1e3c59ac82dccbf66e5d07c2cf0041905effd50f696116bee8726aa15047` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Last-Modified Thu, 15 Jun 2017 02:50:44 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "0dabf2e82e5d21:0" ntCoent-Length 967 Content-Type text/css Cache-Control private Accept-Ranges bytes Content-Length 450 X-UA-Compatible IE=edge
GET H/1.1	200 OK	jquery-ui-1.7.2.custom.css www.ib.kiwibank.co.nz/css/	27 KB 5 KB	1483ms 292ms	Stylesheet text/css	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Full URL https://www.ib.kiwibank.co.nz/css/jquery-ui-1.7.2.custom.css Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `6c3e7b16cb1e9c721f21ae1b04a36ef1ac06a2e9d7235070069aea2185842f1d` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Last-Modified Thu, 15 Jun 2017 02:50:44 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "0dabf2e82e5d21:0" ntCoent-Length 27575 Content-Type text/css Cache-Control private Accept-Ranges bytes Content-Length 5341 X-UA-Compatible IE=edge
GET H/1.1	200 OK	jquery-ui-mods.css www.ib.kiwibank.co.nz/css/	783 B 337 B	1480ms 289ms	Stylesheet text/css	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Full URL https://www.ib.kiwibank.co.nz/css/jquery-ui-mods.css Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `2db4f3cd21f4308a1541c8b29d73e799ae6c5d12d50cfb165c61fae2bcb421dd` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Last-Modified Thu, 15 Jun 2017 02:50:44 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "0dabf2e82e5d21:0" ntCoent-Length 783 Content-Type text/css Cache-Control private Accept-Ranges bytes Content-Length 337 X-UA-Compatible IE=edge
GET H/1.1	404 Not Found	jquery-1.7.1.min.js www.initialab.co/includes/	0 0	419ms 419ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/jquery-1.7.1.min.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	jquery-ui-1.7.2.custom.min.js www.initialab.co/includes/	0 0	321ms 321ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/jquery-ui-1.7.2.custom.min.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:55 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	namespace.js www.initialab.co/includes/	0 0	529ms 368ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/namespace.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	domain-objects.js www.initialab.co/includes/	0 0	530ms 360ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/domain-objects.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	common.js www.initialab.co/includes/	0 0	561ms 388ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/common.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	others.js www.initialab.co/includes/	0 0	613ms 432ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/others.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	urchin.js www.initialab.co/includes/	0 0	664ms 343ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/urchin.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	pinObjects.js www.initialab.co/includes/	0 0	761ms 342ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/pinObjects.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	jquery.blockui.js www.initialab.co/includes/	0 0	907ms 379ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/jquery.blockui.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:56 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	200 OK	logo.png www.ib.kiwibank.co.nz/images/	2 KB 2 KB	288ms 288ms	Image image/png	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/logo.png Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `e5daaf172c17258918b5e67dd776c7a85fcd64adaabeabe14ec37f6118dc4ed3` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:57 GMT Last-Modified Thu, 15 Jun 2017 02:50:48 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "034223182e5d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 2220 X-UA-Compatible IE=edge
GET H/1.1	404 Not Found	ScriptResource.axd www.initialab.co/	0 0	298ms 297ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/ScriptResource.axd?d=q1xULFynD-RecF6bEAu-8k_FjY_ppWK79kByC7ysrA3TEAbB076XEmuJk-gW-yre3wESKLm6hXwgV3le97p8Qg3ytEn0Y3oSXmwRMcp6Xg1hv3mJgOGfvXXriBO9289ukD9LHTqFs-1TXz9yep2oGHWuCA42ovHNy0pquczpEro1&t=ffffffff940d030f Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:57 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	ScriptResource.axd www.initialab.co/	0 0	317ms 317ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/ScriptResource.axd?d=uT7m1VlVD-n0XVOhXGlKV3d92_c4SicBiFVzDdvHouBZgl_bWIOW_D8nyCjVzGPuupLPlbeG5nhn2nRmD_Ayg4YudyHNFjKmaVHzLu4Doc0cCSPy7HpYemOQZIE-chdYdudZa7mVjtkmZ5A5DWyq5jtXd2WFciTPohUfHrQTSB-FfiPSdURW5f_ZkVz2du5D0&t=ffffffff940d030f Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:57 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	ScriptResource.axd www.initialab.co/	0 0	290ms 290ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/ScriptResource.axd?d=e0eLYxgQwDE9zj9K-Ilwwrx1pGJW7v98bviwzyWH6fJGmvRz045QveU-MmPKj0gp3fiycSnUnVNeipSzaOSwOSL44xrbDyEklFyF8gxfNFsFG1FXHLpq_gKXlwN5nTk-uRQQPOL5TCS0K-fN0Fvjke-GrNTAUDU6GnnmrW8J15VfBD73M0eqD2qikoZadeX9_L6hVStLjp91CZJqMYbQ-xWYCdHi6RjXGyQC9O3gp4gRHdzly9vodNbE2MIooDZDBkOgoDLVw9a0IhAsbo4h-v-skBTTg5iaGUirL8dG-eldHd7W0M8usLPn9uIfO72H96pA90eD7t2tEt6g9E48UofSaB3smj_-K0jqYcbHW2kzvfiua5bTlGw90k48Rlb8FRrI1KcW2uRBxZ4onRqaDOMvr7kLDV6LNtVsiZtZCnQ_NR_4rPvsMiOPdSyv6vIiml-_saJMg9eWX5ce5P-Rehwvpfv-4MROBqNx_33UYwHA8PnIoksiyXKEOCW74fGTv0-OXJvKN4tqSXwHkMMJFoiK6rmOovalkMyb51JXQEn5gehZbZDUq_Xc3bU1FJqgESnZrk3ajwJ4vMzXOo4KSR1g0OulIni8tVLJat7ss7vntCJkYii9WSV8RMruSUgVCzd4MfWqfSmq7A1T4Xc4H5Q2ny9MzJCHFZWV-a_2rh41 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:58 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	WebResource.axd www.initialab.co/	0 0	291ms 291ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/WebResource.axd?d=BC0VctxeYdFYLK_CdmYkehpYMF2QpnSsVG1hhzPoMktFhZtAUxgsDPddZe65PMUEE8EKrm6rJC3zasbqTB5ab2sdHfLrwLykHBnqpPpHycM1&t=634944867119702478 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:58 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	200 OK	keepsafe_logo_login.png www.ib.kiwibank.co.nz/images/	5 KB 5 KB	289ms 288ms	Image image/png	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/keepsafe_logo_login.png Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `242500ec22cc151fa8b97755cc7825251779a6b1133f1cb2365c5cf6f6ad2bfb` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:58 GMT Last-Modified Thu, 15 Jun 2017 02:50:48 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "034223182e5d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 4633 X-UA-Compatible IE=edge
GET H/1.1	403 Forbidden	phishlabs-logo.gif www.ib.kiwibank.co.nz/images/	0 0	289ms 289ms	Image text/plain	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/phishlabs-logo.gif Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:58 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET Content-Length 0 X-UA-Compatible IE=edge
GET H/1.1	404 Not Found	jquery-ui-1.7.2.custom.min.js www.initialab.co/includes/	0 0	323ms 323ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/jquery-ui-1.7.2.custom.min.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:57 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	namespace.js www.initialab.co/includes/	0 0	321ms 321ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/namespace.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:58 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	domain-objects.js www.initialab.co/includes/	0 0	304ms 304ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/domain-objects.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:58 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	common.js www.initialab.co/includes/	0 0	300ms 300ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/common.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:58 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	others.js www.initialab.co/includes/	0 0	300ms 300ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/others.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:58 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	urchin.js www.initialab.co/includes/	0 0	323ms 323ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/urchin.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:59 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	pinObjects.js www.initialab.co/includes/	0 0	307ms 306ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/pinObjects.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:59 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	jquery.blockui.js www.initialab.co/includes/	0 0	318ms 317ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/includes/jquery.blockui.js?v=5443547 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:59 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	200 OK	print.css www.ib.kiwibank.co.nz/css/	1 KB 613 B	289ms 288ms	Stylesheet text/css	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Full URL https://www.ib.kiwibank.co.nz/css/print.css Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `5e61ff74eef97c5613869e0ac3513b90a317d6c0410c69f78394195bf144882e` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:59 GMT Content-Encoding gzip Last-Modified Thu, 15 Jun 2017 02:50:44 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "0dabf2e82e5d21:0" ntCoent-Length 1283 Content-Type text/css Cache-Control private Accept-Ranges bytes Content-Length 613 X-UA-Compatible IE=edge
GET H/1.1	404 Not Found	ScriptResource.axd www.initialab.co/	0 0	311ms 311ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/ScriptResource.axd?d=q1xULFynD-RecF6bEAu-8k_FjY_ppWK79kByC7ysrA3TEAbB076XEmuJk-gW-yre3wESKLm6hXwgV3le97p8Qg3ytEn0Y3oSXmwRMcp6Xg1hv3mJgOGfvXXriBO9289ukD9LHTqFs-1TXz9yep2oGHWuCA42ovHNy0pquczpEro1&t=ffffffff940d030f Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:00 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	200 OK	body.gif www.ib.kiwibank.co.nz/images/	1 KB 1 KB	288ms 288ms	Image image/gif	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/body.gif Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `ad8d668865c8787e38bf20ebab2d59615710950a075994da73901ac04ac11279` Request headers Referer https://www.ib.kiwibank.co.nz/css/main.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:20:59 GMT Last-Modified Thu, 15 Jun 2017 02:50:46 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "07f12f82e5d21:0" Content-Type image/gif Accept-Ranges bytes Content-Length 1262 X-UA-Compatible IE=edge
GET H/1.1	404 Not Found	ScriptResource.axd www.initialab.co/	0 0	682ms 682ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/ScriptResource.axd?d=uT7m1VlVD-n0XVOhXGlKV3d92_c4SicBiFVzDdvHouBZgl_bWIOW_D8nyCjVzGPuupLPlbeG5nhn2nRmD_Ayg4YudyHNFjKmaVHzLu4Doc0cCSPy7HpYemOQZIE-chdYdudZa7mVjtkmZ5A5DWyq5jtXd2WFciTPohUfHrQTSB-FfiPSdURW5f_ZkVz2du5D0&t=ffffffff940d030f Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:00 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	ScriptResource.axd www.initialab.co/	0 0	319ms 319ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/ScriptResource.axd?d=e0eLYxgQwDE9zj9K-Ilwwrx1pGJW7v98bviwzyWH6fJGmvRz045QveU-MmPKj0gp3fiycSnUnVNeipSzaOSwOSL44xrbDyEklFyF8gxfNFsFG1FXHLpq_gKXlwN5nTk-uRQQPOL5TCS0K-fN0Fvjke-GrNTAUDU6GnnmrW8J15VfBD73M0eqD2qikoZadeX9_L6hVStLjp91CZJqMYbQ-xWYCdHi6RjXGyQC9O3gp4gRHdzly9vodNbE2MIooDZDBkOgoDLVw9a0IhAsbo4h-v-skBTTg5iaGUirL8dG-eldHd7W0M8usLPn9uIfO72H96pA90eD7t2tEt6g9E48UofSaB3smj_-K0jqYcbHW2kzvfiua5bTlGw90k48Rlb8FRrI1KcW2uRBxZ4onRqaDOMvr7kLDV6LNtVsiZtZCnQ_NR_4rPvsMiOPdSyv6vIiml-_saJMg9eWX5ce5P-Rehwvpfv-4MROBqNx_33UYwHA8PnIoksiyXKEOCW74fGTv0-OXJvKN4tqSXwHkMMJFoiK6rmOovalkMyb51JXQEn5gehZbZDUq_Xc3bU1FJqgESnZrk3ajwJ4vMzXOo4KSR1g0OulIni8tVLJat7ss7vntCJkYii9WSV8RMruSUgVCzd4MfWqfSmq7A1T4Xc4H5Q2ny9MzJCHFZWV-a_2rh41 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:01 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	404 Not Found	WebResource.axd www.initialab.co/	0 0	326ms 325ms	Script text/html	66.147.244.128 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.initialab.co/WebResource.axd?d=BC0VctxeYdFYLK_CdmYkehpYMF2QpnSsVG1hhzPoMktFhZtAUxgsDPddZe65PMUEE8EKrm6rJC3zasbqTB5ab2sdHfLrwLykHBnqpPpHycM1&t=634944867119702478 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Server 66.147.244.128 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS box828.bluehost.com Software nginx/1.12.1 / Resource Hash Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:01 GMT Content-Encoding gzip Server nginx/1.12.1 Connection keep-alive Content-Length 1108 Vary Accept-Encoding Content-Type text/html
GET H/1.1	403 Forbidden	phishlabs-logo.gif www.ib.kiwibank.co.nz/images/	0 0	291ms 291ms	Image text/plain	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/phishlabs-logo.gif Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:00 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET Content-Length 0 X-UA-Compatible IE=edge
GET		Meta-Serif-Web-Pro-Bold.woff www.ib.kiwibank.co.nz/fonts/kiwibank/	0 0

GET H/1.1	200 OK	bg-block-header-light.png www.ib.kiwibank.co.nz/images/	313 B 313 B	288ms 288ms	Image image/png	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/bg-block-header-light.png Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `e3b027a5fa3feb0cf20c75388b9e3fe3ffbb8893cb71871fc71198c3c1140c9d` Request headers Referer https://www.ib.kiwibank.co.nz/css/main.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:00 GMT Last-Modified Thu, 15 Jun 2017 02:50:46 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "07f12f82e5d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 313 X-UA-Compatible IE=edge
GET H/1.1	200 OK	button-bg-start.png www.ib.kiwibank.co.nz/images/	509 B 509 B	289ms 289ms	Image image/png	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/button-bg-start.png Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `e5a6081f5e9aa51a805db5e1eb9e43fe615fd71530d164f0cd902e2264fadc8a` Request headers Referer https://www.ib.kiwibank.co.nz/css/main.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:00 GMT Last-Modified Thu, 15 Jun 2017 02:50:46 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "07f12f82e5d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 509 X-UA-Compatible IE=edge
GET H/1.1	200 OK	button-bg-round.png www.ib.kiwibank.co.nz/images/	2 KB 2 KB	289ms 289ms	Image image/png	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/button-bg-round.png?nocache=1 Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `898aacff9ca5bbabb20cc8d95194ac050ee91b25fbc5897dd397aaea4a4755f8` Request headers Referer https://www.ib.kiwibank.co.nz/css/main.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:00 GMT Last-Modified Thu, 15 Jun 2017 02:50:46 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "07f12f82e5d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 2035 X-UA-Compatible IE=edge
GET H/1.1	200 OK	arrow-blue-sm-right.gif www.ib.kiwibank.co.nz/images/	49 B 49 B	578ms 288ms	Image image/gif	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/arrow-blue-sm-right.gif Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `c86f525e2bd64646ee66904133b5b96fb068693940bf8967e31eb7b9b6fa9e5a` Request headers Referer https://www.ib.kiwibank.co.nz/css/main.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:01 GMT Last-Modified Thu, 15 Jun 2017 02:50:46 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "07f12f82e5d21:0" Content-Type image/gif Accept-Ranges bytes Content-Length 49 X-UA-Compatible IE=edge
GET H/1.1	200 OK	footer.png www.ib.kiwibank.co.nz/images/	1 KB 1 KB	563ms 288ms	Image image/png	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/footer.png Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `1bfc997ecfd8b5093ec2db1f08d6575858aeaa23d0162dd3acf9d8e0c50eeecc` Request headers Referer https://www.ib.kiwibank.co.nz/css/main.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:01 GMT Last-Modified Thu, 15 Jun 2017 02:50:46 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "07f12f82e5d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 1037 X-UA-Compatible IE=edge
GET H/1.1	200 OK	raymond-footer.png www.ib.kiwibank.co.nz/images/	4 KB 4 KB	566ms 289ms	Image image/png	202.12.250.201 NZPOST-NZ-AP New ...
General Check archive.org Show headers Download Go to Show image Full URL https://www.ib.kiwibank.co.nz/images/raymond-footer.png Requested by Host: www.initialab.co URL: http://www.initialab.co/gnota2/.co.nz/login/personal-banking/login/login.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.12.250.201 Wellington, New Zealand, ASN24074 (NZPOST-NZ-AP New Zealand Post, NZ), Reverse DNS Software Microsoft-IIS/7.0 / ASP.NET Resource Hash `600f1c274576ddd7b55332ecafcd135f6d581d4469f843d1383775986b0734d1` Request headers Referer https://www.ib.kiwibank.co.nz/css/main.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36 Response headers Date Mon, 24 Jul 2017 19:21:01 GMT Last-Modified Thu, 15 Jun 2017 02:50:48 GMT Server Microsoft-IIS/7.0 X-Powered-By ASP.NET ETag "034223182e5d21:0" Content-Type image/png Accept-Ranges bytes Content-Length 4023 X-UA-Compatible IE=edge
GET		Meta-Serif-Web-Pro-Bold.ttf www.ib.kiwibank.co.nz/fonts/kiwibank/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.ib.kiwibank.co.nz
URL: https://www.ib.kiwibank.co.nz/fonts/kiwibank/Meta-Serif-Web-Pro-Bold.woff

Domain: www.ib.kiwibank.co.nz
URL: https://www.ib.kiwibank.co.nz/fonts/kiwibank/Meta-Serif-Web-Pro-Bold.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Kiwibank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.ib.kiwibank.co.nz
www.initialab.co
www.ib.kiwibank.co.nz
202.12.250.201
66.147.244.128
0f8c5f683ad3308ccf3db277f329be86461803b377fdc95ef4abfbcf4194ae92
1bfc997ecfd8b5093ec2db1f08d6575858aeaa23d0162dd3acf9d8e0c50eeecc
242500ec22cc151fa8b97755cc7825251779a6b1133f1cb2365c5cf6f6ad2bfb
2db4f3cd21f4308a1541c8b29d73e799ae6c5d12d50cfb165c61fae2bcb421dd
5e61ff74eef97c5613869e0ac3513b90a317d6c0410c69f78394195bf144882e
600f1c274576ddd7b55332ecafcd135f6d581d4469f843d1383775986b0734d1
6c3e7b16cb1e9c721f21ae1b04a36ef1ac06a2e9d7235070069aea2185842f1d
898aacff9ca5bbabb20cc8d95194ac050ee91b25fbc5897dd397aaea4a4755f8
ad8d668865c8787e38bf20ebab2d59615710950a075994da73901ac04ac11279
c5da1e3c59ac82dccbf66e5d07c2cf0041905effd50f696116bee8726aa15047
c86f525e2bd64646ee66904133b5b96fb068693940bf8967e31eb7b9b6fa9e5a
d9a7b59235f301abf355fe42aebb97683a606864228ca54c51c5cfaef4180b93
e3b027a5fa3feb0cf20c75388b9e3fe3ffbb8893cb71871fc71198c3c1140c9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a6081f5e9aa51a805db5e1eb9e43fe615fd71530d164f0cd902e2264fadc8a
e5daaf172c17258918b5e67dd776c7a85fcd64adaabeabe14ec37f6118dc4ed3

www.initialab.co Open in urlscan Pro 66.147.244.128 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

44 Requests

36 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

65 kBTransfer

219 kBSize

0 Cookies

10 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.initialab.co Open in urlscan Pro
66.147.244.128 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

36 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

65 kB
Transfer

219 kB
Size

0
Cookies

44 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!