www.anzshareinvesting.com.au Open in urlscan Pro
2.16.186.10 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://anzshareinvesting.com.au/
Effective URL:
https://www.anzshareinvesting.com.au/
Submission: On September 28 via api (September 28th 2021, 4:11:14 pm UTC) from CH — Scanned from DE

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 10 HTTP transactions. The main IP is 2.16.186.10, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.anzshareinvesting.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on July 15th 2021. Valid for: a year.

This is the only time www.anzshareinvesting.com.au was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ANZ Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	91.220.199.98 91.220.199.98	44548 (CMCMARKET...) (CMCMARKETS-AS)
6	2.16.186.10 2.16.186.10	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
10	5

1 91.220.199.98 (United Kingdom) 1 redirects

ASN44548 (CMCMARKETS-AS, GB)

anzshareinvesting.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.186.10 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-10.deploy.static.akamaitechnologies.com

www.anzshareinvesting.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

4456902.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	anzshareinvesting.com.au 1 redirects anzshareinvesting.com.au www.anzshareinvesting.com.au	374 KB
3	doubleclick.net 1 redirects 4456902.fls.doubleclick.net	1 KB
1	yahoo.com sp.analytics.yahoo.com	964 B
1	google.de 1 redirects adservice.google.de	888 B
1	google.com adservice.google.com	848 B
10	5

	Domain	Requested by
6	www.anzshareinvesting.com.au	www.anzshareinvesting.com.au
3	4456902.fls.doubleclick.net	1 redirects www.anzshareinvesting.com.au adservice.google.com
1	sp.analytics.yahoo.com	4456902.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	adservice.google.com	4456902.fls.doubleclick.net
1	anzshareinvesting.com.au	1 redirects
10	6

This site contains links to these domains. Also see Links.

Domain
webauthecc.anz.com
www.anzshareinvesting.com

Subject Issuer	Validity	Valid
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.anzshareinvesting.com.au/
Frame ID: 010EE960EAFD56F33AFB8A33BFE8DF1C
Requests: 8 HTTP requests in this frame

Frame: https://4456902.fls.doubleclick.net/activityi;dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513
Frame ID: EC8D544B89116B464B446F58076F37DF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/
Frame ID: B5C727E125FA94316A1B05C9C14D686A
Requests: 1 HTTP requests in this frame

Frame: https://4456902.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/
Frame ID: A85FE2F69C4F1F2EF3C0B038B80AF828
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to Trading Platform

Page URL History Show full URLs

https://anzshareinvesting.com.au/ HTTP 302
https://www.anzshareinvesting.com.au/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

10
Requests

40 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

416 kB
Transfer

517 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://webauthecc.anz.com/oamfed/idp/initiatesso?providerid=CMCShareInvesting
Title: Login

Search URL Search Domain Scan URL

URL: http://www.anzshareinvesting.com/
Title: www.anzshareinvesting.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://anzshareinvesting.com.au/ HTTP 302
https://www.anzshareinvesting.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://4456902.fls.doubleclick.net/activityi;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513 HTTP 302
https://4456902.fls.doubleclick.net/activityi;dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513

Request Chain 9

https://adservice.google.de/ddm/fls/i/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/ HTTP 302
https://4456902.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/

10 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.anzshareinvesting.com.au/
Redirect Chain

https://anzshareinvesting.com.au/
https://www.anzshareinvesting.com.au/

11 KB
12 KB

2855ms
2150ms

Document
text/html

2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.anzshareinvesting.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-10.deploy.static.akamaitechnologies.com

Software

001 /

Resource Hash

e2409d741330fad885f8ed8cc664df98cbe2c9624559e00bef06a1403b864844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.anzshareinvesting.com.au
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Server: 001
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, content-type, cmc.origin, authorization
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Access-Control-Max-Age: 600
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 10931
Expires: Tue, 28 Sep 2021 16:11:04 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 28 Sep 2021 16:11:04 GMT
Connection: keep-alive
Set-Cookie: ASP.NET_SessionId=zs53ql3y4riwxa53kaavwao0; path=/; secure; HttpOnly; SameSite=Lax ADRUM_BTa=R:0|g:e8083ecd-8db1-4504-91b6-b54d27d5b510|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1; expires=Tue, 28-Sep-2021 16:11:34 GMT; path=/; secure; HttpOnly SameSite=None; expires=Tue, 28-Sep-2021 16:11:34 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:0|i:549581|e:7; expires=Tue, 28-Sep-2021 16:11:34 GMT; path=/; secure; HttpOnly lb-sb-p=!AdAR9fw0Pg3v+GdjuceRiLrNxznKAJYsauu4RTUqeHnqe7sBx6LDqOhZDppRseTxtX1kgK7cNCF4uOCfNZ+4V3QLDQGiRUqwCVA58fI=; expires=Tue, 28-Sep-2021 16:16:04 GMT; path=/; Httponly; Secure site=au4;Path=/;Expires=Tue, 28-Sep-2021 16:41:04 GMT

Redirect headers

Location: https://www.anzshareinvesting.com.au/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK Cookie set external.less
www.anzshareinvesting.com.au/cdn/47794119842a/anz/ 248 KB
141 KB 1923ms
1923ms Stylesheet
text/css 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.anzshareinvesting.com.au/cdn/47794119842a/anz/external.less?v=47794119842a

Requested by

Host: www.anzshareinvesting.com.au
URL: https://www.anzshareinvesting.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-10.deploy.static.akamaitechnologies.com

Software

006 /

Resource Hash

015e1e172eeafed5a6c9e73798a48daa6d618089e6b65fd20b3ac715e8b39521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.anzshareinvesting.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.anzshareinvesting.com.au/
Cookie: ASP.NET_SessionId=zs53ql3y4riwxa53kaavwao0; ADRUM_BTa=R:0|g:e8083ecd-8db1-4504-91b6-b54d27d5b510|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1; SameSite=None; ADRUM_BT1=R:0|i:549581|e:7; lb-sb-p=!AdAR9fw0Pg3v+GdjuceRiLrNxznKAJYsauu4RTUqeHnqe7sBx6LDqOhZDppRseTxtX1kgK7cNCF4uOCfNZ+4V3QLDQGiRUqwCVA58fI=; site=au4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.anzshareinvesting.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 16:11:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: * Accept-Encoding
Content-Length: 142567
X-Xss-Protection: 1; mode=block
Pragma: no-cache
Server: 006
X-Frame-Options: SAMEORIGIN
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: https://www.anzshareinvesting.com.au:443
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Set-Cookie: ADRUM_BTa=R:37|g:3606b783-1fb5-4686-8236-c064d409d115|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1; expires=Tue, 28-Sep-2021 16:11:35 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:37|i:549581|e:10; expires=Tue, 28-Sep-2021 16:11:35 GMT; path=/; secure; HttpOnly SameSite=None; expires=Tue, 28-Sep-2021 16:11:35 GMT; path=/; secure; HttpOnly lb-sb-p=!xbpoF0hKButyLG3iMUJZloVXMdObaSdDheNq+EUuwm0EByMdEh0KtKDUB/QBc4Q09+F0IB9pnrdeTJAgrscyDrB1CzpmM6dbhqEPUD0=; expires=Tue, 28-Sep-2021 16:16:05 GMT; path=/; Httponly; Secure site=au5;Path=/;Expires=Tue, 28-Sep-2021 16:41:05 GMT
Access-Control-Allow-Headers: accept, content-type, cmc.origin, authorization
Expires: Tue, 28 Sep 2021 16:11:06 GMT

GET
H/1.1 200
OK Cookie set sitelogon Show response
www.anzshareinvesting.com.au/cdn/js/builds/ 116 KB
117 KB 2094ms
2080ms Script
text/javascript 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.anzshareinvesting.com.au/cdn/js/builds/sitelogon?v=o-xb3_zZZ3xoMrVQJdSRYpOl9BQxmilY6b_ur3YB-Hs1

Requested by

Host: www.anzshareinvesting.com.au
URL: https://www.anzshareinvesting.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-10.deploy.static.akamaitechnologies.com

Software

009 /

Resource Hash

81ee7af289acce609bf8053616ef4c48b6f8b44210f3d6175131146fcab1f6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.anzshareinvesting.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.anzshareinvesting.com.au/
Cookie: ASP.NET_SessionId=zs53ql3y4riwxa53kaavwao0; ADRUM_BTa=R:0|g:e8083ecd-8db1-4504-91b6-b54d27d5b510|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1; SameSite=None; ADRUM_BT1=R:0|i:549581|e:7; lb-sb-p=!AdAR9fw0Pg3v+GdjuceRiLrNxznKAJYsauu4RTUqeHnqe7sBx6LDqOhZDppRseTxtX1kgK7cNCF4uOCfNZ+4V3QLDQGiRUqwCVA58fI=; site=au4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.anzshareinvesting.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 16:11:06 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: User-Agent
Content-Length: 118428
X-Xss-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 28 Sep 2021 16:11:06 GMT
Server: 009
X-Frame-Options: SAMEORIGIN
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://www.anzshareinvesting.com.au:443
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Set-Cookie: ADRUM_BTa=R:37|g:8c95723f-c89f-4a87-b620-f2955a6a2895|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1; expires=Tue, 28-Sep-2021 16:11:36 GMT; path=/; secure; HttpOnly ADRUM_BT1=R:37|i:549581|e:83; expires=Tue, 28-Sep-2021 16:11:36 GMT; path=/; secure; HttpOnly SameSite=None; expires=Tue, 28-Sep-2021 16:11:36 GMT; path=/; secure; HttpOnly lb-sb-p=!X5lLPF/Gedc39KXiMUJZloVXMdObaU9e/b07OSQAPQHRl/TQrWc6l6bw5MsjW+wnAOZ4WWFG3ybT8udRVLokGSRGPMwanxHDW/uduuw=; expires=Tue, 28-Sep-2021 16:16:06 GMT; path=/; Httponly; Secure site=au5;Path=/;Expires=Tue, 28-Sep-2021 16:41:06 GMT
Access-Control-Allow-Headers: accept, content-type, cmc.origin, authorization
Expires: Tue, 28 Sep 2021 16:11:06 GMT

GET
H2

200

activityi;dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513 Show response
4456902.fls.doubleclick.net/ Frame EC8D
Redirect Chain

https://4456902.fls.doubleclick.net/activityi;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513?
https://4456902.fls.doubleclick.net/activityi;dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513?

450 B
535 B

35ms
35ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4456902.fls.doubleclick.net/activityi;dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513?

Requested by

Host: www.anzshareinvesting.com.au
URL: https://www.anzshareinvesting.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

84f07f248951a005fb2b5793a24336e0457a2bbb594b607cfc3ad4f1fc62cc93

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4456902.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.anzshareinvesting.com.au/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.anzshareinvesting.com.au/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Sep 2021 16:11:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 358
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 28-Sep-2021 16:26:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Sep 2021 16:11:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4456902.fls.doubleclick.net/activityi;dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Cookie set logo-anz.svg
www.anzshareinvesting.com.au/App_Themes/ANZ/images/ 38 KB
39 KB 380ms
380ms Image
image/svg+xml 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.anzshareinvesting.com.au/App_Themes/ANZ/images/logo-anz.svg

Requested by

Host: www.anzshareinvesting.com.au
URL: https://www.anzshareinvesting.com.au/cdn/47794119842a/anz/external.less?v=47794119842a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-10.deploy.static.akamaitechnologies.com

Software

009 /

Resource Hash

a90e280a3d63b56cdbe8eaae1514367f64039e0823caf1c6be56009555d0ab3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.anzshareinvesting.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.anzshareinvesting.com.au/cdn/47794119842a/anz/external.less?v=47794119842a
Cookie: ASP.NET_SessionId=zs53ql3y4riwxa53kaavwao0; SameSite=None; site=au5; ADRUM_BTa=R:37|g:8c95723f-c89f-4a87-b620-f2955a6a2895|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1; ADRUM_BT1=R:37|i:549581|e:83; lb-sb-p=!X5lLPF/Gedc39KXiMUJZloVXMdObaU9e/b07OSQAPQHRl/TQrWc6l6bw5MsjW+wnAOZ4WWFG3ybT8udRVLokGSRGPMwanxHDW/uduuw=
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.anzshareinvesting.com.au/cdn/47794119842a/anz/external.less?v=47794119842a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 16:11:09 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 39387
X-Xss-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 28 Sep 2021 00:59:30 GMT
Server: 009
X-Frame-Options: SAMEORIGIN
ETag: "0c5a0174b4d71:0"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Content-Type: image/svg+xml
Access-Control-Allow-Origin: https://www.anzshareinvesting.com.au:443
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Set-Cookie: lb-sb-p=!qgSUvhMfmWMhuZ3iMUJZloVXMdObaQIDtps/oZ9AW+sKB/U9+oz0gxWXHffAg2Z8DgMnLokd1lpyfeAxf7oD7q06I3qCJrZNtb6ikk8=; expires=Tue, 28-Sep-2021 16:16:08 GMT; path=/; Httponly; Secure site=au5;Path=/;Expires=Tue, 28-Sep-2021 16:41:08 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept, content-type, cmc.origin, authorization
Expires: Tue, 28 Sep 2021 16:11:09 GMT

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c04d4a52a7dcd4c6a6049391febdf8ee7dd58bac4a24c0ebdb1246e646473306

Request headers

Referer
Origin: https://www.anzshareinvesting.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H/1.1 200
OK Cookie set fontawesome-webfont.woff2
www.anzshareinvesting.com.au/client.shared/fonts/font-awesome/4.4.0/fonts/ 63 KB
64 KB 350ms
350ms Font
application/font-woff2 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.anzshareinvesting.com.au/client.shared/fonts/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: www.anzshareinvesting.com.au
URL: https://www.anzshareinvesting.com.au/cdn/47794119842a/anz/external.less?v=47794119842a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-10.deploy.static.akamaitechnologies.com

Software

009 /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.anzshareinvesting.com.au
Accept-Encoding: gzip, deflate, br
Host: www.anzshareinvesting.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.anzshareinvesting.com.au/cdn/47794119842a/anz/external.less?v=47794119842a
Cookie: ASP.NET_SessionId=zs53ql3y4riwxa53kaavwao0; SameSite=None; site=au5; ADRUM_BTa=R:37|g:8c95723f-c89f-4a87-b620-f2955a6a2895|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1; ADRUM_BT1=R:37|i:549581|e:83; lb-sb-p=!X5lLPF/Gedc39KXiMUJZloVXMdObaU9e/b07OSQAPQHRl/TQrWc6l6bw5MsjW+wnAOZ4WWFG3ybT8udRVLokGSRGPMwanxHDW/uduuw=
Connection: keep-alive
Referer: https://www.anzshareinvesting.com.au/cdn/47794119842a/anz/external.less?v=47794119842a
Origin: https://www.anzshareinvesting.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 16:11:08 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 64464
X-Xss-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 28 Sep 2021 00:59:30 GMT
Server: 009
X-Frame-Options: SAMEORIGIN
ETag: "0c5a0174b4d71:0"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: POST, GET, OPTIONS, HEAD
Content-Type: application/font-woff2
Access-Control-Allow-Origin: https://www.anzshareinvesting.com.au:443
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Set-Cookie: lb-sb-p=!gV5GXGsDIfIRo3XiMUJZloVXMdObaXrXaZyV8Ag2aH472XYG/cTTuV1GAJsti8uac3RD2GYxPSY7y7ovzOZ6x7UYie+0Fln0oxweD48=; expires=Tue, 28-Sep-2021 16:16:08 GMT; path=/; Httponly; Secure site=au5;Path=/;Expires=Tue, 28-Sep-2021 16:41:08 GMT
Accept-Ranges: bytes
Access-Control-Allow-Headers: accept, content-type, cmc.origin, authorization
Expires: Tue, 28 Sep 2021 16:11:08 GMT

GET
DATA 200
OK truncated
/ 20 KB
20 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058fbcdc9d7b65a895391f5c30878e18f0d7f89943702a5b6d522c26c468406c

Request headers

Referer
Origin: https://www.anzshareinvesting.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: font/opentype

POST
H/1.1 403
Forbidden Endpoint Show response
www.anzshareinvesting.com.au/ClientRequest/ 312 B
584 B 37ms
20ms XHR
text/html 2.16.186.10
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anzshareinvesting.com.au/ClientRequest/Endpoint?_app.id=CmcWeb&
Requested by: Host: www.anzshareinvesting.com.au
URL: https://www.anzshareinvesting.com.au/cdn/js/builds/sitelogon?v=o-xb3_zZZ3xoMrVQJdSRYpOl9BQxmilY6b_ur3YB-Hs1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.10 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-10.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 9dad9c4bb0851e0e9d508629bef2d728b474ee0805bf211fcc7398f91f841fe7

Request headers

Sec-Fetch-Mode: cors
Origin: https://www.anzshareinvesting.com.au
Accept-Encoding: gzip, deflate, br
Accept-Language: de-DE,de;q=0.9
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=zs53ql3y4riwxa53kaavwao0; SameSite=None; site=au5; ADRUM_BTa=R:37|g:8c95723f-c89f-4a87-b620-f2955a6a2895|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1; ADRUM_BT1=R:37|i:549581|e:83; lb-sb-p=!X5lLPF/Gedc39KXiMUJZloVXMdObaU9e/b07OSQAPQHRl/TQrWc6l6bw5MsjW+wnAOZ4WWFG3ybT8udRVLokGSRGPMwanxHDW/uduuw=
Connection: keep-alive
Content-Length: 201
Pragma: no-cache
Host: www.anzshareinvesting.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Referer: https://www.anzshareinvesting.com.au/
Sec-Fetch-Site: same-origin
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.anzshareinvesting.com.au/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Sep 2021 16:11:08 GMT
Server: AkamaiGHost
Mime-Version: 1.0
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 312
Expires: Tue, 28 Sep 2021 16:11:08 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/ Frame B5C7 449 B
848 B 114ms
58ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/

Requested by

Host: 4456902.fls.doubleclick.net
URL: https://4456902.fls.doubleclick.net/activityi;dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ece9f01fc16d595a72661fb981a907a61939468fef462b05154da9e84eb136b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4456902.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4456902.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Sep 2021 16:11:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

/ Show response
4456902.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/ Frame A85F
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/
https://4456902.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/

276 B
264 B

35ms
34ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4456902.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

7ddbca8388fa04b40cf43d04abda1c15679a117a7bd9cbe531decec7dc27b64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4456902.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Sep 2021 16:11:09 GMT
expires: Tue, 28 Sep 2021 16:11:09 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 239
x-xss-protection: 0
set-cookie: IDE=AHWqTUkP8mZPZhES_kY8w6vmpmeapdNHXO2GWktq6QJi1UHZ1TXL8_oDFs47vHIRKiU; expires=Sun, 23-Oct-2022 16:11:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Sep 2021 16:11:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://4456902.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK spp.pl
sp.analytics.yahoo.com/ Frame A85F 43 B
964 B 134ms
45ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=1000936088936&.yp=39290&js=no

Requested by

Host: 4456902.fls.doubleclick.net
URL: https://4456902.fls.doubleclick.net/ddm/fls/r/dc_pre=CJ3ti7GHovMCFSWVUQodxmwL-w;src=4456902;type=STBAc0;cat=stblo0;ord=1570412225260.3513;~oref=https://www.anzshareinvesting.com.au/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4456902.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 28 Sep 2021 16:11:09 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Tue, 28 Sep 2021 16:11:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ANZ Bank (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.anzshareinvesting.com.au/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: zs53ql3y4riwxa53kaavwao0
www.anzshareinvesting.com.au/	1970-01-19 21:34:05	Name: SameSite Value: None
www.anzshareinvesting.com.au/	1970-01-19 21:34:07	Name: site Value: au5
www.anzshareinvesting.com.au/	1970-01-19 21:34:05	Name: ADRUM_BTa Value: R:37\|g:8c95723f-c89f-4a87-b620-f2955a6a2895\|n:cmcmarketsapac-prod_425c35f0-471d-4a4e-b3fd-145892efd2e1
www.anzshareinvesting.com.au/	1970-01-19 21:34:05	Name: ADRUM_BT1 Value: R:37\|i:549581\|e:83
www.anzshareinvesting.com.au/	1970-01-19 21:34:05	Name: lb-sb-p Value: !qgSUvhMfmWMhuZ3iMUJZloVXMdObaQIDtps/oZ9AW+sKB/U9+oz0gxWXHffAg2Z8DgMnLokd1lpyfeAxf7oD7q06I3qCJrZNtb6ikk8=
.doubleclick.net/	1970-01-20 06:55:41	Name: IDE Value: AHWqTUkP8mZPZhES_kY8w6vmpmeapdNHXO2GWktq6QJi1UHZ1TXL8_oDFs47vHIRKiU
.yahoo.com/	1970-01-20 06:20:03	Name: A3 Value: d=AQABBJ0-U2ECELYOfpCIipD8PDh5iOyJu6YFEgEBAQGQVGFdYQAAAAAA_SMAAA&S=AQAAAnO1y6M8M8DedR4_vbzcOZU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.anzshareinvesting.com.au/ClientRequest/Endpoint?_app.id=CmcWeb& Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4456902.fls.doubleclick.net
adservice.google.com
adservice.google.de
anzshareinvesting.com.au
sp.analytics.yahoo.com
www.anzshareinvesting.com.au
142.250.186.102
142.250.186.130
142.250.186.66
2.16.186.10
212.82.100.181
91.220.199.98
015e1e172eeafed5a6c9e73798a48daa6d618089e6b65fd20b3ac715e8b39521
058fbcdc9d7b65a895391f5c30878e18f0d7f89943702a5b6d522c26c468406c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
7ddbca8388fa04b40cf43d04abda1c15679a117a7bd9cbe531decec7dc27b64a
81ee7af289acce609bf8053616ef4c48b6f8b44210f3d6175131146fcab1f6f4
84f07f248951a005fb2b5793a24336e0457a2bbb594b607cfc3ad4f1fc62cc93
9dad9c4bb0851e0e9d508629bef2d728b474ee0805bf211fcc7398f91f841fe7
a90e280a3d63b56cdbe8eaae1514367f64039e0823caf1c6be56009555d0ab3c
c04d4a52a7dcd4c6a6049391febdf8ee7dd58bac4a24c0ebdb1246e646473306
e2409d741330fad885f8ed8cc664df98cbe2c9624559e00bef06a1403b864844
ece9f01fc16d595a72661fb981a907a61939468fef462b05154da9e84eb136b4

www.anzshareinvesting.com.au Open in urlscan Pro 2.16.186.10 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

40 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

5 IPs

4 Countries

416 kBTransfer

517 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

8 Cookies

1 Console Messages

Security Headers

Indicators

www.anzshareinvesting.com.au Open in urlscan Pro
2.16.186.10 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

40 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

5
IPs

4
Countries

416 kB
Transfer

517 kB
Size

8
Cookies

10 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!