anzprotodesk.com Open in urlscan Pro
104.21.8.205  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pages Show response anzprotodesk.com/	50 KB 10 KB	878ms 661ms	Document text/html	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/pages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa7cc8717264592be3072abeb196785df5b75e1da7d15c9d9ffc4587a927c321 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 767b220abce7a7e9-SYD content-encoding br content-type text/html; charset=UTF-8 date Thu, 10 Nov 2022 01:49:41 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iA2YoRuipfmzciPKYJTfqooLw%2BPXVGoMoc05x5krJ4ietQJj8rUqdVVnT3PN9Y%2BIS98MRZ5s5MiEEMaunuYkgQY2VlgJRDX4rJ9mWtJ4CjzO5QG88rjVn1DYmuCCg%2Bq8ohiX"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	jquery.js Show response anzprotodesk.com/js/cntdjs/	87 KB 31 KB	1177ms 1176ms	Script application/javascript	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/js/cntdjs/jquery.js Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language en-AU,en;q=0.9 Referer https://anzprotodesk.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 29 May 2022 02:03:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLKgAYffZRjnIj6rgF2bj4WNPznwU2NuplQD8617FpsqKcbVIaM79x4ze34E6psqUATcaXxsf1oVY921hbpWsn7Lryg%2Bkkq0qNNKQ806Qo9AXo7u0sOGIVjMqjBQXsIj%2FumI"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 767b220eea3ea7e9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.mask.js Show response anzprotodesk.com/js/cntdjs/	23 KB 6 KB	935ms 934ms	Script application/javascript	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/js/cntdjs/jquery.mask.js Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8 Request headers accept-language en-AU,en;q=0.9 Referer https://anzprotodesk.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 29 May 2022 02:03:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQiQFZNKfdM8O%2FDeALFc3aV9QjKAzpa7PAlJfD6YI835fLFiQssgsUhtdqt0s8llITBDTD%2FbZdoUJrFvdqSNrOQ2UHhJQ%2FrMSSBFcc1%2BmGm8M7QrW%2FelQv%2FfSMcKyzef2XUP"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 767b220eea42a7e9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	cntd.js Show response anzprotodesk.com/js/cntdjs/	3 KB 1 KB	666ms 665ms	Script application/javascript	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/js/cntdjs/cntd.js Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca Request headers accept-language en-AU,en;q=0.9 Referer https://anzprotodesk.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 29 May 2022 02:03:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMoOSrL1XpbekhH51S8Lctc9dSB5Sfbok0hmbtisZyR%2BwBUyiZq0W5zs%2BpgWhuwcNcVRi%2FKn0oLsFQ4evRSe3mh4Ic2jjIc8jcqA2kUCoEdLivCKffaklZRcxbX7uQQykFTg"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 767b220eea46a7e9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	loading.js Show response anzprotodesk.com/js/shared/	2 KB 1 KB	653ms 652ms	Script application/javascript	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/js/shared/loading.js Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134 Request headers accept-language en-AU,en;q=0.9 Referer https://anzprotodesk.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 29 May 2022 02:03:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwpIaoMloOr5YmjSIk1sMgXotZmTKHxHM81QYMyU4tdbV4%2FR0b1vdzOHY%2FeNlnJ7BZfkMDe%2BudZzhNb5aUGb7pVF7mA2QPI%2BBzmHjOSo%2FejBYcKrb1jBpfEUfz1uy7mcPJ%2FM"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 767b220eea47a7e9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	online_status.js Show response anzprotodesk.com/js/shared/	998 B 701 B	658ms 658ms	Script application/javascript	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/js/shared/online_status.js Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7 Request headers accept-language en-AU,en;q=0.9 Referer https://anzprotodesk.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:42 GMT content-encoding br cf-cache-status MISS last-modified Sun, 29 May 2022 02:03:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7iBmjHC3P%2B%2F7Wob1Iq6NQ3q0TBtMHHTUoJ7o8X%2Fo5FZvxmzxERp%2BsSKA9KTYn9mNAZ%2BKG1OgRcswUYgEBFtATkdSsHtf%2BJ8w36fX0lo2FyCbNMcl8z5kATdMm7TELmIJDwd"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 767b220eea4aa7e9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	anz-logo.1.0.0.svg anzprotodesk.com/front_end/front_end_files/	38 KB 28 KB	918ms 917ms	Image image/svg+xml	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://anzprotodesk.com/front_end/front_end_files/anz-logo.1.0.0.svg Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df477d03866885295a31b44c475bc6150273fc522c3bd5c1db69478650ebc2a5 Request headers accept-language en-AU,en;q=0.9 Referer https://anzprotodesk.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:43 GMT content-encoding br cf-cache-status MISS last-modified Sun, 29 May 2022 02:09:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jq8FL3FBt%2FGfCMjqYfDXOKWg%2FGtNFnhm6eRcxfgm0Q%2FqebwRoOm5Gusk7%2FbO8EmedTmHNIkIN0BZ8qnJlVWaOzz4Ry0Pd6s3mQ87ulkdgfihEJWHaQh6CfZXjTeVRIiWYBNg"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 767b2214cdacaad2-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	ib-login-support.1.0.0.svg anzprotodesk.com/front_end/front_end_files/	11 KB 4 KB	754ms 754ms	Image image/svg+xml	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://anzprotodesk.com/front_end/front_end_files/ib-login-support.1.0.0.svg Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f2f421d03f0dd094f5eeea11c1b78898bb8c38cdc6a9859627617bbb4db363e Request headers accept-language en-AU,en;q=0.9 Referer https://anzprotodesk.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:43 GMT content-encoding br cf-cache-status MISS last-modified Sun, 29 May 2022 02:09:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pySxKCHkcKOPExCgS1%2F811ogUtOlDlML8V19yImiwFT8TvwtpmhbfaJoGgrb46LjqnwFrfGngkSaboKH17%2F7N6%2FHCiWcUWLQ2xVptlfF4c3v3rTfJVpQdObYeb05A6Ot5Imz"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 cf-ray 767b2216780faad2-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	anz-logo.1.0.0.svg anzprotodesk.com/assets/img/	0 503 B	741ms 741ms	Image text/html	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://anzprotodesk.com/assets/img/anz-logo.1.0.0.svg Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://anzprotodesk.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers pragma no-cache date Thu, 10 Nov 2022 01:49:43 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVpK6LUn5qW5pjea7kSclNdMt%2BqkM%2BdqSar%2BgO69ryqaeyCwHH3XY%2BkI19kueNduUJf51G8Q6lMlzRvYfIX97puxc7tdXS1Bo8XcDKVCHdjHEmiVPrors3AtNM0%2FJ8Oc3XmF"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 767b2216781eaad2-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3	200	MyriadPro-Semibold.1.0.0.woff anzprotodesk.com/front_end/front_end_files/	52 KB 52 KB	1271ms 1270ms	Font font/woff	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/front_end/front_end_files/MyriadPro-Semibold.1.0.0.woff Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b6bf163550dd994ccb01b937f1210281ec8681bfea58b38cf92b266a3d257cfc Request headers Referer https://anzprotodesk.com/pages Origin https://anzprotodesk.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:43 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 02:09:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3HZqmKclMtIQ8SRN8lbJhIVN%2FsRbnD1Qe0zpPxjc5IQ%2FRQfBmNVCXd%2BVELzDg%2FYItTdyTQZeBEs1B29aL4yGhsX8SSDfCBy1GgjOb127RO83Us0gSvYumAW%2B70obljKWN1x"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 767b22168828aad2-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 52808
GET H3	200	MyriadPro-Regular.1.0.0.woff anzprotodesk.com/front_end/front_end_files/	51 KB 52 KB	1171ms 1171ms	Font font/woff	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/front_end/front_end_files/MyriadPro-Regular.1.0.0.woff Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9af4df3b7f044525975716b175351fa75553070734627cf3b1325332284208c5 Request headers Referer https://anzprotodesk.com/pages Origin https://anzprotodesk.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:43 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 02:09:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJRQm%2FQimGDOUgMU0z7nLvLAbsqVaXucpQPX%2BDpLr3ci9pNXof1OU%2BNVnIp6%2FqZomGWm%2F7ISy6AqN0GxMzGOS1TwJDk41gqIZADI5VSmu74eRSYxIUazuJi8nFpNbCPHfiHu"}],"group":"cf-nel","max_age":604800} content-type font/woff cache-control max-age=14400 accept-ranges bytes cf-ray 767b2216882caad2-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 52656
GET H3	200	invisible.js Show response anzprotodesk.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 5EF8	32 KB 14 KB	107ms 107ms	Script application/javascript	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668038400 Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 186c6e3cf101e590937bf6da6dbb7db4ce29ca14b4a8e28c45e72d8ec5b73c0c Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:43 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqN9BBvvqz3y3oKKfcxdinA3tXFkoukWkNMKeiSwFce%2FHfjzuf2AHkwjv5dHG8VYCTGEWNDZUIVFMQdxkvI3OVaDX00HhbIKAeudqr%2FvwMUPmNs4PONAetUnwPzHXMN%2F9Is8"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 767b221b2fb4aad2-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	pica.js anzprotodesk.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 5EF8	22 KB 9 KB	107ms 107ms	Other application/javascript	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/pages Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0ce6fa42c0d72f571ad5112a7d68caa1686ee20b77df4c4334f11babf4bd208 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 10 Nov 2022 01:49:43 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgKuJ8vu8cgKI7jZUFZxyhbVC1KZno6c9x1f55UnLj6qA%2F2OLWrO%2FcBc2bqgvgzvumcJrxWD%2BFScH9L2Tz908JDzJXZvuT3mpMZ7j3uxCIpO7erDUZTWm6azIKb9%2BKvNndd0"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 767b221bd8c4aad2-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	200	767b220abce7a7e9 Show response anzprotodesk.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 5EF8	2 B 651 B	137ms 133ms	XHR text/plain	104.21.8.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anzprotodesk.com/cdn-cgi/challenge-platform/h/b/cv/result/767b220abce7a7e9 Requested by Host: anzprotodesk.com URL: https://anzprotodesk.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1668038400 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.8.205 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json Response headers date Thu, 10 Nov 2022 01:49:44 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxuqIlueonUM7xpdFXCav12lBDwKs1wqRLn1xhTrLB9v3pb78o1aSit2sdHZraUeX%2BWf0xXVURT%2BQA3L%2FdfvUlmkixb0%2BAjqoOeMNmxPA6iRum%2FvNBHg%2BUCZkny%2BTwZT%2BaX3"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 767b221e3c93aad2-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ANZ Bank (Banking)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| urlroot string| uniqueid function| $ function| jQuery object| controller string| url

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			anzprotodesk.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: de4cd259f55ef7b7a590a5f8c0d3115f
			.anzprotodesk.com/	1970-01-20 07:20:46	Name: __cf_bm Value: gSBMPJlWho.9rTnnJGiwi6gqVYfWUjpdFN_vCsXiiJc-1668044984-0-AWnP5dawkkh4jRYz/DNwx5HSMbWtQLp4T+HyAFZzVracAF0vbtcYDtOGttK8cGrMUmnzcQUI4hQURSoECRIA9PxmFAB/GZEgsxs9/Fz7xizD7nGIRD7BqzPfuaaZRaQcmQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://anzprotodesk.com/assets/img/anz-logo.1.0.0.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anzprotodesk.com
104.21.8.205
0f2f421d03f0dd094f5eeea11c1b78898bb8c38cdc6a9859627617bbb4db363e
186c6e3cf101e590937bf6da6dbb7db4ce29ca14b4a8e28c45e72d8ec5b73c0c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
9af4df3b7f044525975716b175351fa75553070734627cf3b1325332284208c5
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
b6bf163550dd994ccb01b937f1210281ec8681bfea58b38cf92b266a3d257cfc
d0ce6fa42c0d72f571ad5112a7d68caa1686ee20b77df4c4334f11babf4bd208
df477d03866885295a31b44c475bc6150273fc522c3bd5c1db69478650ebc2a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
fa7cc8717264592be3072abeb196785df5b75e1da7d15c9d9ffc4587a927c321
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e