update-profile-anz.com Open in urlscan Pro
45.9.149.135  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response update-profile-anz.com/login/	8 KB 3 KB	489ms 54ms	Document text/html	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 470cfaeba07fb709f835abeeaa7233282cca4fd8f73894b1ea8e67a49993dec6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Fri, 22 Apr 2022 07:31:09 GMT Referrer-Policy same-origin Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-Content-Type-Options nosniff X-Frame-Options DENY
GET H/1.1	200 OK	bootstrap.css update-profile-anz.com/static/css/	194 KB 194 KB	36ms 35ms	Stylesheet text/css	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/static/css/bootstrap.css Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash d619bbc4f158e072ff18f7d6cf9f7991c34b566b8c0b8de73da8284215936f9f Request headers accept-language nl-NL,nl;q=0.9 Referer https://update-profile-anz.com/login/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:09 GMT Last-Modified Tue, 12 May 2020 16:52:00 GMT Server nginx/1.14.0 (Ubuntu) ETag "5ebad430-306a9" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 198313
GET H/1.1	200 OK	main.css update-profile-anz.com/static/css/	11 KB 11 KB	57ms 19ms	Stylesheet text/css	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/static/css/main.css Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash add48cfd0baeed18fd06f47d714e178f6b14e01c91e6d3433d8f5415b192956e Request headers accept-language nl-NL,nl;q=0.9 Referer https://update-profile-anz.com/login/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:09 GMT Last-Modified Sat, 04 Sep 2021 16:16:50 GMT Server nginx/1.14.0 (Ubuntu) ETag "61339bf2-2a56" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 10838
GET H2	200	jquery-3.5.1.js Show response code.jquery.com/	281 KB 83 KB	59ms 19ms	Script application/javascript	2001:4de0:ac18::1:a:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.js Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37 Request headers Referer Origin https://update-profile-anz.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Fri, 22 Apr 2022 07:31:09 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-4638e" vary Accept-Encoding x-hw 1650612669.dop142.am5.t,1650612669.cds310.am5.hn,1650612669.cds131.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 84374
GET H/1.1	200 OK	bootstrap.min.js Show response update-profile-anz.com/static/	59 KB 59 KB	76ms 36ms	Script application/javascript	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/static/bootstrap.min.js Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff Request headers accept-language nl-NL,nl;q=0.9 Referer https://update-profile-anz.com/login/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:09 GMT Last-Modified Tue, 12 May 2020 16:52:00 GMT Server nginx/1.14.0 (Ubuntu) ETag "5ebad430-eb0e" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 60174
GET H/1.1	200 OK	logo.png update-profile-anz.com/static/	9 KB 9 KB	17ms 17ms	Image image/png	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Show image Full URL https://update-profile-anz.com/static/logo.png Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 5883670c91bc904352d1885f1d36b74b5eb8511118e17be4304f96300f591fa8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://update-profile-anz.com/login/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:09 GMT Last-Modified Mon, 07 Dec 2020 16:32:42 GMT Server nginx/1.14.0 (Ubuntu) ETag "5fce592a-239e" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 9118
GET H/1.1	200 OK	ib-login-support.1.0.0.svg update-profile-anz.com/static/	11 KB 11 KB	20ms 20ms	Image image/svg+xml	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Show image Full URL https://update-profile-anz.com/static/ib-login-support.1.0.0.svg Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 0f2f421d03f0dd094f5eeea11c1b78898bb8c38cdc6a9859627617bbb4db363e Request headers accept-language nl-NL,nl;q=0.9 Referer https://update-profile-anz.com/login/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:09 GMT Last-Modified Sun, 29 Aug 2021 20:20:54 GMT Server nginx/1.14.0 (Ubuntu) ETag "612bec26-2b1d" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 11037
GET H/1.1	200 OK	logo-loading.png update-profile-anz.com/static/	18 KB 18 KB	21ms 21ms	Image image/png	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Show image Full URL https://update-profile-anz.com/static/logo-loading.png Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/login/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 7c3a27dcff4c6a1ef889f7bff67014d712e89ecb9e73049c315ae14b5d35abd6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://update-profile-anz.com/login/ User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:09 GMT Last-Modified Tue, 08 Dec 2020 16:28:20 GMT Server nginx/1.14.0 (Ubuntu) ETag "5fcfa9a4-48d0" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 18640
GET H/1.1	200 OK	MyriadPro-Regular.1.0.0.woff update-profile-anz.com/static/css/fonts/	51 KB 52 KB	20ms 20ms	Font application/font-woff	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/static/css/fonts/MyriadPro-Regular.1.0.0.woff Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/static/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 9af4df3b7f044525975716b175351fa75553070734627cf3b1325332284208c5 Request headers Referer https://update-profile-anz.com/static/css/main.css Origin https://update-profile-anz.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:09 GMT Last-Modified Sun, 29 Aug 2021 19:09:28 GMT Server nginx/1.14.0 (Ubuntu) ETag "612bdb68-cdb0" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 52656
GET H/1.1	200 OK	MyriadPro-Semibold.1.0.0.woff update-profile-anz.com/static/css/fonts/	52 KB 52 KB	28ms 18ms	Font application/font-woff	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/static/css/fonts/MyriadPro-Semibold.1.0.0.woff Requested by Host: update-profile-anz.com URL: https://update-profile-anz.com/static/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash b6bf163550dd994ccb01b937f1210281ec8681bfea58b38cf92b266a3d257cfc Request headers Referer https://update-profile-anz.com/static/css/main.css Origin https://update-profile-anz.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:09 GMT Last-Modified Sun, 29 Aug 2021 19:09:24 GMT Server nginx/1.14.0 (Ubuntu) ETag "612bdb64-ce48" Content-Type application/font-woff Connection keep-alive Accept-Ranges bytes Content-Length 52808
GET H/1.1	200 OK	/ Show response update-profile-anz.com/redirect_page/	21 B 270 B	73ms 73ms	XHR application/json	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/redirect_page/ Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a4de87a5a1e4e1111c1adaff04cb84d88bfde7feb4daad3d0811fe7b40e89ace Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://update-profile-anz.com/login/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:10 GMT Referrer-Policy same-origin Server nginx/1.14.0 (Ubuntu) X-Frame-Options DENY Content-Type application/json Connection keep-alive Content-Length 21 X-Content-Type-Options nosniff
GET H/1.1	200 OK	/ Show response update-profile-anz.com/redirect_page/	21 B 270 B	45ms 45ms	XHR application/json	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/redirect_page/ Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a4de87a5a1e4e1111c1adaff04cb84d88bfde7feb4daad3d0811fe7b40e89ace Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://update-profile-anz.com/login/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:11 GMT Referrer-Policy same-origin Server nginx/1.14.0 (Ubuntu) X-Frame-Options DENY Content-Type application/json Connection keep-alive Content-Length 21 X-Content-Type-Options nosniff
GET H/1.1	200 OK	/ Show response update-profile-anz.com/redirect_page/	21 B 270 B	45ms 44ms	XHR application/json	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/redirect_page/ Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a4de87a5a1e4e1111c1adaff04cb84d88bfde7feb4daad3d0811fe7b40e89ace Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://update-profile-anz.com/login/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:12 GMT Referrer-Policy same-origin Server nginx/1.14.0 (Ubuntu) X-Frame-Options DENY Content-Type application/json Connection keep-alive Content-Length 21 X-Content-Type-Options nosniff
GET H/1.1	200 OK	/ Show response update-profile-anz.com/redirect_page/	21 B 270 B	45ms 45ms	XHR application/json	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/redirect_page/ Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a4de87a5a1e4e1111c1adaff04cb84d88bfde7feb4daad3d0811fe7b40e89ace Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://update-profile-anz.com/login/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:13 GMT Referrer-Policy same-origin Server nginx/1.14.0 (Ubuntu) X-Frame-Options DENY Content-Type application/json Connection keep-alive Content-Length 21 X-Content-Type-Options nosniff
GET H/1.1	200 OK	/ Show response update-profile-anz.com/redirect_page/	21 B 270 B	35ms 34ms	XHR application/json	45.9.149.135 NICEIT
General Check archive.org Show headers Download Go to Full URL https://update-profile-anz.com/redirect_page/ Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.5.1.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.9.149.135 Amsterdam, Netherlands, ASN49447 (NICEIT, DM), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash a4de87a5a1e4e1111c1adaff04cb84d88bfde7feb4daad3d0811fe7b40e89ace Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://update-profile-anz.com/login/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Fri, 22 Apr 2022 07:31:14 GMT Referrer-Policy same-origin Server nginx/1.14.0 (Ubuntu) X-Frame-Options DENY Content-Type application/json Connection keep-alive Content-Length 21 X-Content-Type-Options nosniff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ANZ Bank (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| bootstrap function| get_redirect_to_page function| submited

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			update-profile-anz.com/	1969-12-31 23:59:59	Name: client_uuid Value: a3058989-62c7-4aec-a6e1-cd5f30b8896b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
update-profile-anz.com
2001:4de0:ac18::1:a:2b
45.9.149.135
0f2f421d03f0dd094f5eeea11c1b78898bb8c38cdc6a9859627617bbb4db363e
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
470cfaeba07fb709f835abeeaa7233282cca4fd8f73894b1ea8e67a49993dec6
5883670c91bc904352d1885f1d36b74b5eb8511118e17be4304f96300f591fa8
7c3a27dcff4c6a1ef889f7bff67014d712e89ecb9e73049c315ae14b5d35abd6
9af4df3b7f044525975716b175351fa75553070734627cf3b1325332284208c5
a4de87a5a1e4e1111c1adaff04cb84d88bfde7feb4daad3d0811fe7b40e89ace
add48cfd0baeed18fd06f47d714e178f6b14e01c91e6d3433d8f5415b192956e
b6bf163550dd994ccb01b937f1210281ec8681bfea58b38cf92b266a3d257cfc
d619bbc4f158e072ff18f7d6cf9f7991c34b566b8c0b8de73da8284215936f9f