hgmcgwh7t5.b.anzserving.cc Open in urlscan Pro
175.41.17.30  Malicious Activity! Public Scan

Submitted URL: http://b.anzserving.cc/
Effective URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Submission: On January 19 via api from JP — Scanned from JP

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 20 HTTP transactions. The main IP is 175.41.17.30, located in Hong Kong and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is hgmcgwh7t5.b.anzserving.cc.
This is the only time hgmcgwh7t5.b.anzserving.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ANZ Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
20 175.41.17.30 9744 (XLC-AS-AP...)
20 1
Apex Domain
Subdomains
Transfer
20 anzserving.cc
b.anzserving.cc
hgmcgwh7t5.b.anzserving.cc
189 KB
20 1
Domain Requested by
11 hgmcgwh7t5.b.anzserving.cc b.anzserving.cc
hgmcgwh7t5.b.anzserving.cc
9 b.anzserving.cc b.anzserving.cc
20 2

This site contains links to these domains. Also see Links.

Domain
www.recovery.anz.com
login.anz.com
register.anz.com
www.anz.com.au
Subject Issuer Validity Valid

This page contains 2 frames:

Primary Page: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Frame ID: 10C694C789BA7373ADC05DEDACDE3FC5
Requests: 19 HTTP requests in this frame

Frame: http://hgmcgwh7t5.b.anzserving.cc/online.asp
Frame ID: 86A3FFB83BE468BBAF90C2DDB2D5112C
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://b.anzserving.cc/ Page URL
  2. http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

189 kB
Transfer

364 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://b.anzserving.cc/ Page URL
  2. http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
b.anzserving.cc/
27 KB
5 KB
Document
General
Full URL
http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
686aed2ae006584d479d576097ba3a1889ac573f85ad59094fd8e0b7a7c2e6e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 18 Jan 2022 09:16:31 GMT
Accept-Ranges
bytes
ETag
"804198144ccd81:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Wed, 19 Jan 2022 04:04:51 GMT
Content-Length
5313
drop_ip.asp
b.anzserving.cc/
0
409 B
Script
General
Full URL
http://b.anzserving.cc/drop_ip.asp
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
private
Content-Length
119
3jitiaozhuan.js
b.anzserving.cc/
1 KB
1 KB
Script
General
Full URL
http://b.anzserving.cc/3jitiaozhuan.js
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
fc4823690b726cc8fb57ed8f7af0e538936210486cb04bcbc2d1f2860bbe8e93

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"1ec2e51880bd81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
747
jquery-1.9.1.min.js
b.anzserving.cc/app/js/
90 KB
32 KB
Script
General
Full URL
http://b.anzserving.cc/app/js/jquery-1.9.1.min.js
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0925e1880bd81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
32880
layer.js
b.anzserving.cc/app/js/
3 KB
2 KB
Script
General
Full URL
http://b.anzserving.cc/app/js/layer.js
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e638d65e345e5dce62ec180305e47d5d5afeb05584dd031b47bc091c5771ee2c

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0925e1880bd81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1532
layer.css
b.anzserving.cc/app/css/
7 KB
2 KB
Stylesheet
General
Full URL
http://b.anzserving.cc/app/css/layer.css
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bd7a73a5977d43a6d8a36b1675929e646fb55c266e8d97128a58ae5cd9b5cafc

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0925e1880bd81:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1445
anz-logo.1.0.0.svg
b.anzserving.cc/img/
38 KB
38 KB
Image
General
Full URL
http://b.anzserving.cc/img/anz-logo.1.0.0.svg
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"be6bf61880bd81:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
38862
Snipaste.png
b.anzserving.cc/img/
1 KB
1 KB
Image
General
Full URL
http://b.anzserving.cc/img/Snipaste.png
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Last-Modified
Mon, 17 Jan 2022 08:56:21 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"1ecdf81880bd81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1229
ib-login-support.1.0.0.svg
b.anzserving.cc/img/
11 KB
11 KB
Image
General
Full URL
http://b.anzserving.cc/img/ib-login-support.1.0.0.svg
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"be6bf61880bd81:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
11037
Primary Request /
hgmcgwh7t5.b.anzserving.cc/
27 KB
5 KB
Document
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Requested by
Host: b.anzserving.cc
URL: http://b.anzserving.cc/3jitiaozhuan.js
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
686aed2ae006584d479d576097ba3a1889ac573f85ad59094fd8e0b7a7c2e6e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
http://b.anzserving.cc/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Tue, 18 Jan 2022 09:16:31 GMT
Accept-Ranges
bytes
ETag
"804198144ccd81:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Length
5313
drop_ip.asp
hgmcgwh7t5.b.anzserving.cc/
0
409 B
Script
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/drop_ip.asp
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
private
Content-Length
119
3jitiaozhuan.js
hgmcgwh7t5.b.anzserving.cc/
1 KB
1 KB
Script
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/3jitiaozhuan.js
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
fc4823690b726cc8fb57ed8f7af0e538936210486cb04bcbc2d1f2860bbe8e93

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"1ec2e51880bd81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
747
jquery-1.9.1.min.js
hgmcgwh7t5.b.anzserving.cc/app/js/
90 KB
32 KB
Script
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/app/js/jquery-1.9.1.min.js
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0925e1880bd81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
32880
layer.js
hgmcgwh7t5.b.anzserving.cc/app/js/
3 KB
2 KB
Script
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/app/js/layer.js
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e638d65e345e5dce62ec180305e47d5d5afeb05584dd031b47bc091c5771ee2c

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0925e1880bd81:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1532
layer.css
hgmcgwh7t5.b.anzserving.cc/app/css/
7 KB
2 KB
Stylesheet
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/app/css/layer.css
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bd7a73a5977d43a6d8a36b1675929e646fb55c266e8d97128a58ae5cd9b5cafc

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0925e1880bd81:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1445
anz-logo.1.0.0.svg
hgmcgwh7t5.b.anzserving.cc/img/
38 KB
38 KB
Image
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/img/anz-logo.1.0.0.svg
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
df477d03866885295a31b44c475bc6150273fc522c3bd5c1db69478650ebc2a5

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"be6bf61880bd81:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
38862
Snipaste.png
hgmcgwh7t5.b.anzserving.cc/img/
1 KB
1 KB
Image
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/img/Snipaste.png
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
80c6f3734ed579d0ee0b0cbb97023be6b2f931a3e07232009ecab7bad27914c8

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Last-Modified
Mon, 17 Jan 2022 08:56:21 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"1ecdf81880bd81:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1229
ib-login-support.1.0.0.svg
hgmcgwh7t5.b.anzserving.cc/img/
11 KB
11 KB
Image
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/img/ib-login-support.1.0.0.svg
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0f2f421d03f0dd094f5eeea11c1b78898bb8c38cdc6a9859627617bbb4db363e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"be6bf61880bd81:0"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
11037
layer.css
hgmcgwh7t5.b.anzserving.cc/app/js/need/
7 KB
2 KB
Stylesheet
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/app/js/need/layer.css?2.0
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/app/js/layer.js
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
86f39f03f5df27a6b7af2bcbf9a7cd1b329240a5b7c9b4a2776c07c712a7dfb6

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Jan 2022 08:56:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0925e1880bd81:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1445
online.asp
hgmcgwh7t5.b.anzserving.cc/ Frame 86A3
143 B
444 B
Document
General
Full URL
http://hgmcgwh7t5.b.anzserving.cc/online.asp
Requested by
Host: hgmcgwh7t5.b.anzserving.cc
URL: http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005
Protocol
HTTP/1.1
Server
175.41.17.30 , Hong Kong, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d1e87b047c88ddb333e9be9151184a6d3c37b4350268fb2fc63f67f105b3c111

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
http://hgmcgwh7t5.b.anzserving.cc/?time=1642565095005

Response headers

Cache-Control
private
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Wed, 19 Jan 2022 04:04:52 GMT
Content-Length
221

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ANZ Bank (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| getQueryVariable function| randomString string| time undefined| rand undefined| q undefined| host undefined| newhost undefined| href undefined| newhref function| $ function| jQuery object| layer object| netease function| getUrlParam

2 Cookies

Domain/Path Name / Value
b.anzserving.cc/ Name: ASPSESSIONIDQSAQDRRQ
Value: ANMFHDDDFOPKOJLJEOMNLDGG
hgmcgwh7t5.b.anzserving.cc/ Name: ASPSESSIONIDQSAQDRRQ
Value: CNMFHDDDOKIOIIOODIJPDMDK