update-profile-anz.com
Open in
urlscan Pro
45.9.149.135
Malicious Activity!
Public Scan
Submission: On April 22 via manual from AU — Scanned from NL
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on April 21st 2022. Valid for: 3 months.
This is the only time update-profile-anz.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ANZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 45.9.149.135 45.9.149.135 | 49447 (NICEIT) (NICEIT) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
15 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
update-profile-anz.com
update-profile-anz.com |
410 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 647 |
83 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
14 | update-profile-anz.com |
update-profile-anz.com
code.jquery.com |
1 | code.jquery.com |
update-profile-anz.com
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
update-profile-anz.com ZeroSSL RSA Domain Secure Site CA |
2022-04-21 - 2022-07-20 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://update-profile-anz.com/login/
Frame ID: 887A2ADB53359AD8814B2E77015DBA58
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
ANZ Australia Internet BankingDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
update-profile-anz.com/login/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
update-profile-anz.com/static/css/ |
194 KB 194 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
update-profile-anz.com/static/css/ |
11 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.js
code.jquery.com/ |
281 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
update-profile-anz.com/static/ |
59 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
update-profile-anz.com/static/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ib-login-support.1.0.0.svg
update-profile-anz.com/static/ |
11 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-loading.png
update-profile-anz.com/static/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MyriadPro-Regular.1.0.0.woff
update-profile-anz.com/static/css/fonts/ |
51 KB 52 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MyriadPro-Semibold.1.0.0.woff
update-profile-anz.com/static/css/fonts/ |
52 KB 52 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
update-profile-anz.com/redirect_page/ |
21 B 270 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
update-profile-anz.com/redirect_page/ |
21 B 270 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
update-profile-anz.com/redirect_page/ |
21 B 270 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
update-profile-anz.com/redirect_page/ |
21 B 270 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
update-profile-anz.com/redirect_page/ |
21 B 270 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ANZ Bank (Banking)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| $ function| jQuery object| bootstrap function| get_redirect_to_page function| submited1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
update-profile-anz.com/ | Name: client_uuid Value: a3058989-62c7-4aec-a6e1-cd5f30b8896b |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
update-profile-anz.com
2001:4de0:ac18::1:a:2b
45.9.149.135
0f2f421d03f0dd094f5eeea11c1b78898bb8c38cdc6a9859627617bbb4db363e
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
470cfaeba07fb709f835abeeaa7233282cca4fd8f73894b1ea8e67a49993dec6
5883670c91bc904352d1885f1d36b74b5eb8511118e17be4304f96300f591fa8
7c3a27dcff4c6a1ef889f7bff67014d712e89ecb9e73049c315ae14b5d35abd6
9af4df3b7f044525975716b175351fa75553070734627cf3b1325332284208c5
a4de87a5a1e4e1111c1adaff04cb84d88bfde7feb4daad3d0811fe7b40e89ace
add48cfd0baeed18fd06f47d714e178f6b14e01c91e6d3433d8f5415b192956e
b6bf163550dd994ccb01b937f1210281ec8681bfea58b38cf92b266a3d257cfc
d619bbc4f158e072ff18f7d6cf9f7991c34b566b8c0b8de73da8284215936f9f