urlscan.io logo urlscan.io
SecurityTrails logo

bendigobank.com.au.blocked.wf Open in urlscan Pro
51.254.27.114  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rb.gy/tpwm8l
Effective URL: https://bendigobank.com.au.blocked.wf/restore/
Submission: On August 31 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 51.254.27.114, located in Paris, France and belongs to OVH, FR. The main domain is bendigobank.com.au.blocked.wf.
TLS certificate: Issued by R3 on August 28th 2022. Valid for: 3 months.
This is the only time bendigobank.com.au.blocked.wf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious2 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
1 1 76.223.86.4 16509 (AMAZON-02)
1 51.254.27.114 16276 (OVH)
4 74.125.24.147 15169 (GOOGLE)
4 142.251.12.94 15169 (GOOGLE)
12 4
Apex Domain
Subdomains		 Transfer
4 gstatic.com
www.gstatic.com
fonts.gstatic.com Failed
335 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
25 KB
1 blocked.wf
bendigobank.com.au.blocked.wf
2 KB
1 rb.gy
rb.gy — Cisco Umbrella Rank: 177233
237 B
12 4
Domain Requested by
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com bendigobank.com.au.blocked.wf
www.gstatic.com
www.google.com
1 bendigobank.com.au.blocked.wf
1 rb.gy 1 redirects
0 fonts.gstatic.com Failed www.google.com
12 5

This site contains no links.

Subject Issuer Validity Valid
bendigobank.com.au.blocked.wf
R3		 2022-08-28 -
2022-11-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://bendigobank.com.au.blocked.wf/restore/
Frame ID: AB274B9F2971AAFE65E76966313D3CF4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfWdrUhAAAAABy8Kzloxk68hnR4RohWVZBaAWMV&co=aHR0cHM6Ly9iZW5kaWdvYmFuay5jb20uYXUuYmxvY2tlZC53Zjo0NDM.&hl=en&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=2na5fj2dxus6
Frame ID: A579FAD8C2630CE1701622FDC40DF099
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LfWdrUhAAAAABy8Kzloxk68hnR4RohWVZBaAWMV
Frame ID: 64DD865E14C75824BA9B85FF5B1AAD69
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://rb.gy/tpwm8l HTTP 301
    https://bendigobank.com.au.blocked.wf/restore/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

12
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

362 kB
Transfer

896 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rb.gy/tpwm8l HTTP 301
    https://bendigobank.com.au.blocked.wf/restore/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bendigobank.com.au.blocked.wf/restore/
Redirect Chain
  • https://rb.gy/tpwm8l
  • https://bendigobank.com.au.blocked.wf/restore/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bendigobank.com.au.blocked.wf/restore/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.254.27.114 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
server.smsalertuk.com
Software
Apache /
Resource Hash
7f63ecae5428fd95148c131b1c7059faf3fc5558dbe83fc18a55147fd9d1f986

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1
accept-language
en-AU,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 31 Aug 2022 09:10:51 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache, no-store
Content-Length
0
Date
Wed, 31 Aug 2022 09:10:49 GMT
Engine
Rebrandly.redirect, version 2.1
Expires
-1
Location
https://bendigobank.com.au.blocked.wf/restore/
api.js
www.google.com/recaptcha/ 		850 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: bendigobank.com.au.blocked.wf
URL: https://bendigobank.com.au.blocked.wf/restore/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
66328fe4e64de72db9113cd3ccf39e2a8270c087cbf6e4fa1da7a21e12a7a556
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://bendigobank.com.au.blocked.wf/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Aug 2022 09:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Wed, 31 Aug 2022 09:10:52 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ 		387 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
ae5094eb990804e2d68ec85f32a8c021866d62fa05a77a76cad193539029a879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bendigobank.com.au.blocked.wf/
Origin
https://bendigobank.com.au.blocked.wf
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 29 Aug 2022 17:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158046
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 17:27:38 GMT
anchor
www.google.com/recaptcha/api2/ Frame A579 		43 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfWdrUhAAAAABy8Kzloxk68hnR4RohWVZBaAWMV&co=aHR0cHM6Ly9iZW5kaWdvYmFuay5jb20uYXUuYmxvY2tlZC53Zjo0NDM.&hl=en&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=2na5fj2dxus6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
92c1f26a35f030bb52f22fc660175c26add4ba83929c435f98cdd97473164c68
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-_94IQLECZ9ci1WW0Fp5uJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bendigobank.com.au.blocked.wf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22959
content-security-policy
script-src 'nonce-_94IQLECZ9ci1WW0Fp5uJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 09:10:53 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame A579 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfWdrUhAAAAABy8Kzloxk68hnR4RohWVZBaAWMV&co=aHR0cHM6Ly9iZW5kaWdvYmFuay5jb20uYXUuYmxvY2tlZC53Zjo0NDM.&hl=en&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=2na5fj2dxus6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 29 Aug 2022 17:01:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144573
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24251
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 17:01:21 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame A579 		387 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfWdrUhAAAAABy8Kzloxk68hnR4RohWVZBaAWMV&co=aHR0cHM6Ly9iZW5kaWdvYmFuay5jb20uYXUuYmxvY2tlZC53Zjo0NDM.&hl=en&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=2na5fj2dxus6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
ae5094eb990804e2d68ec85f32a8c021866d62fa05a77a76cad193539029a879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 29 Aug 2022 17:27:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158046
x-xss-protection
0
last-modified
Sun, 21 Aug 2022 22:02:06 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Aug 2023 17:27:38 GMT
truncated
/ Frame A579 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
truncated
/ Frame A579 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A579 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Aug 2022 12:41:52 GMT
x-content-type-options
nosniff
age
505743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 01 Sep 2022 12:41:52 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A579 		0
0
bframe
www.google.com/recaptcha/api2/ Frame 64DD 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=3TZgZIog-UsaFDv31vC4L9R_&k=6LfWdrUhAAAAABy8Kzloxk68hnR4RohWVZBaAWMV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
90cf8f94eb559ac4f5d9b9d09040bd88a22d5718a0565356718af91d4e7ab2f4
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-EFligTwCyJFSZLrWnl_TBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bendigobank.com.au.blocked.wf/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1125
content-security-policy
script-src 'nonce-EFligTwCyJFSZLrWnl_TBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Aug 2022 09:10:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
webworker.js
www.google.com/recaptcha/api2/ Frame A579 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3TZgZIog-UsaFDv31vC4L9R_
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfWdrUhAAAAABy8Kzloxk68hnR4RohWVZBaAWMV&co=aHR0cHM6Ly9iZW5kaWdvYmFuay5jb20uYXUuYmxvY2tlZC53Zjo0NDM.&hl=en&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=2na5fj2dxus6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f147.1e100.net
Software
GSE /
Resource Hash
97256e1fec9fd31cc18de7f74ff63fbbbdfd9b97807d54dcbefc4cbdccc6e564
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfWdrUhAAAAABy8Kzloxk68hnR4RohWVZBaAWMV&co=aHR0cHM6Ly9iZW5kaWdvYmFuay5jb20uYXUuYmxvY2tlZC53Zjo0NDM.&hl=en&v=3TZgZIog-UsaFDv31vC4L9R_&size=normal&cb=2na5fj2dxus6
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/92.0.4515.90 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 31 Aug 2022 09:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 31 Aug 2022 09:10:55 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 64DD 		0
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame 64DD 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__en.js

Verdicts & Comments Add Verdict or Comment

Malicious task.url
Submitted on August 31st 2022, 9:12:28 am UTC — From Australia

Threats: Phishing
Brands: Bendigo Bank AU
Comment: Url shorter to known bendigo bank phishing

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| notRobot object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_905803

0 Cookies