www.rckik-opole.com.pl
Open in
urlscan Pro
46.242.130.89
Malicious Activity!
Public Scan
Submission: On April 13 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by R3 on February 12th 2023. Valid for: 3 months.
This is the only time www.rckik-opole.com.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ANZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 46.242.130.89 46.242.130.89 | 12824 (HOMEPL-AS) (HOMEPL-AS) | |
8 24 | 45.60.160.117 45.60.160.117 | 19551 (INCAPSULA) (INCAPSULA) | |
22 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
anz.co.nz
8 redirects
digital.anz.co.nz |
151 KB |
1 |
rckik-opole.com.pl
www.rckik-opole.com.pl |
5 KB |
22 | 2 |
Domain | Requested by | |
---|---|---|
24 | digital.anz.co.nz |
8 redirects
www.rckik-opole.com.pl
digital.anz.co.nz |
1 | www.rckik-opole.com.pl | |
22 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.anz.co.nz |
windows.microsoft.com |
www.mozilla.org |
www.google.com |
digital.anz.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
rckik-opole.com.pl R3 |
2023-02-12 - 2023-05-13 |
3 months | crt.sh |
digital.anz.co.nz DigiCert SHA2 Extended Validation Server CA |
2022-08-16 - 2023-09-16 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.rckik-opole.com.pl/ftp1//App.anz.nz/login.html
Frame ID: 25DED703D5F1A8916E4BC5BF8EACF7E5
Requests: 25 HTTP requests in this frame
Frame:
https://digital.anz.co.nz/preauth/assets/images/svg/brand/anz_logo_gradient.svg
Frame ID: 2ADD74C646A71FBECDABCA3729C451F3
Requests: 1 HTTP requests in this frame
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Internet Explorer �
Search URL Search Domain Scan URL
Title: Firefox �
Search URL Search Domain Scan URL
Title: Chrome �
Search URL Search Domain Scan URL
Title: More about our recommended software settings
Search URL Search Domain Scan URL
Title: Log on
Search URL Search Domain Scan URL
Title: Security & Privacy Statement
Search URL Search Domain Scan URL
Title: Website Terms of Use
Search URL Search Domain Scan URL
Title: Electronic Banking Conditions
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://digital.anz.co.nz/preauth/dtagent_ICA23jrx_7000000031020.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/vendor/modernizr.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/config.require.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/vendor/require.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/vendor.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/config.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/app/app.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/assets/core.print.css HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.html
www.rckik-opole.com.pl/ftp1//App.anz.nz/ |
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script
digital.anz.co.nz/preauth/web/service/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo.js
digital.anz.co.nz/preauth/assets/fonts/licenced/myriad-pro/ |
19 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo-d.css
digital.anz.co.nz/preauth/assets/fonts/licenced/myriad-pro//c/ |
108 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.nonresponsive.css
digital.anz.co.nz/preauth/assets/ |
129 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
primary-spinner.svg
digital.anz.co.nz/preauth/assets/images/svg/brand/ |
522 B 669 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
140717-goMoney_login.jpg
digital.anz.co.nz/App_Themes/Common/Images/sidebar/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-gradient.png
digital.anz.co.nz/preauth/assets/images/brand/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-semibold-webfont.woff2
digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anz-icons.woff
digital.anz.co.nz/preauth/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anz_logo_gradient.svg
digital.anz.co.nz/preauth/assets/images/svg/brand/ Frame 2ADD |
5 KB 2 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-semibold-webfont.woff
digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anz-icons.ttf
digital.anz.co.nz/preauth/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-semibold-webfont.ttf
digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/proximanova-semibold-webfont.woff2
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/anz-icons.woff?88b0600a601495d043793b3d6c58d55c
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/proximanova-semibold-webfont.woff
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/anz-icons.ttf?88b0600a601495d043793b3d6c58d55c
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/proximanova-semibold-webfont.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ANZ Bank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| PreAuthPage function| isIE object| Typekit object| digitalData object| pageModelInfo3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.anz.co.nz/ | Name: nlbi_2646974 Value: WsSTc8bg0xWwdrPPDGrZtAAAAADgdXaN65iRTjUlW/IMlXGF |
|
.anz.co.nz/ | Name: visid_incap_2646974 Value: U4Ls3lMcSiGO+zMJcbS/x1iTN2QAAAAAQUIPAAAAAADjykB8jc8KXDzmlq31I/WN |
|
.anz.co.nz/ | Name: incap_ses_435_2646974 Value: fPWJWC79cS2daqPsL3AJBlmTN2QAAAAA8YuowJSRrMio5sbR8XhQug== |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
digital.anz.co.nz
www.rckik-opole.com.pl
digital.anz.co.nz
45.60.160.117
46.242.130.89
033507aeefb0c4b634f96824777a8edf96ea06fb69f0aaac3f79fe00b37e9383
0aa257dd4f2480ac9580c8137d344623eafe2a78dab2c6169acf16cbdf3dcdce
17e96da79f2323235f310a4278daac62014f11aaf3cbfd38caaccbe128b99226
6b9c3e1cdac34aa860caabd9530a5376891b7a0bc6e56d73d2c7b52455316722
94d9d7a604727a6112f35f344d0190b2e86e0beb40c6a17644f0699e03361694
9b461e8e2d58e6a5fceaa1146cc332688c484af9b331208480d25a4b1ebd2886
a2ecd495b2cb054b889984abb7f9602fd858d05608a5fd2efcbcd0b6b79b50a7
affe814530b0a75b0babdd571ffcd7ca1a3b5a1bc7ebe25f292d27f774df7281
c48627cca0acac1bbb30401c842c8c0b31b2429575fa27daa6ffcdd64f2f7da2
c89404f1564e543aa95db072387fd1f3f84998b748be83af3e1df75910991925
ca56be0afd8ae811b855bffe503e095c0b6deb1b52d7a7d42d0b6e6624e8bc97
e0b1acb0e098f44401d9d89902d17604b0eeb90d9873398e89efaadb2f4e0b43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e933d79c9c46b88f678fff582138d682bd48c30fc3d69d9a8fc599f56d8bff27