anz-net-verification.com
Open in
urlscan Pro
91.215.85.14
Malicious Activity!
Public Scan
Submission: On November 04 via api from AE — Scanned from DE
Summary
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.
This is the only time anz-net-verification.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ANZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 91.215.85.14 91.215.85.14 | 200593 (PROSPERO-AS) (PROSPERO-AS) | |
1 | 2a04:4e42:600... 2a04:4e42:600::649 | 54113 (FASTLY) (FASTLY) | |
15 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
anz-net-verification.com
anz-net-verification.com |
114 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 762 |
82 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
13 | anz-net-verification.com |
anz-net-verification.com
code.jquery.com |
1 | code.jquery.com |
anz-net-verification.com
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
anz-net-verification.com R3 |
2023-11-01 - 2024-01-30 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://anz-net-verification.com/
Frame ID: F656FBBA18696FA464173F0839B864AB
Requests: 15 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
anz-net-verification.com/ |
59 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.1.js
code.jquery.com/ |
279 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
option.js
anz-net-verification.com//js/ |
151 B 265 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
browser.js
anz-net-verification.com//js/ |
177 B 207 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.PNG
anz-net-verification.com//panel/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img-01.PNG
anz-net-verification.com//panel/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anz-logo.1.0.0.svg
anz-net-verification.com//panel/img/ |
59 KB 59 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MyriadPro-Semibold.1.0.0.woff
anz-net-verification.com/files/ |
59 KB 9 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MyriadPro-Regular.1.0.0.woff
anz-net-verification.com/files/ |
59 KB 9 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MyriadPro-Semibold.1.0.0.woff
anz-net-verification.com/assets/font/ |
59 KB 9 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MyriadPro-Regular.1.0.0.woff
anz-net-verification.com/assets/font/ |
59 KB 9 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
current_time
anz-net-verification.com//Page/ |
7 B 52 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
current_time
anz-net-verification.com//Page/ |
7 B 26 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
current_time
anz-net-verification.com//Page/ |
7 B 49 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
current_time
anz-net-verification.com//Page/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- anz-net-verification.com
- URL
- https://anz-net-verification.com//Page/current_time
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ANZ Bank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| urlroot string| uniqueid function| $ function| jQuery function| chageValue function| formSubmit1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
anz-net-verification.com/ | Name: PHPSESSID Value: 522042653f067447d7d477fb495f04c1 |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
anz-net-verification.com
code.jquery.com
anz-net-verification.com
2a04:4e42:600::649
91.215.85.14
0615069aba033505df5dcfde042bed3ae87651cda2bfe26a8bdca4a74c4d0036
2cc965136a07ebf479170d79b77c65cef1d2b2f8176a8d35f30a8380c0a5fce3
5f08778b0cc2e1437a7107d1086bf72f6171d8c13c6ea1b01e7da4ada2a0a285
75dbba8fd110adbe0bda707bcbfe667247f5a2d590c5380781abcde1ac20062d
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe
c900fdae2da61444bad633091da41c3b6b71b35b2363061e8623a34ac5a5d832
d38d18da868470b55dc34f97dd99e362691089007e3d778a53c62899127fc862
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855