charge-ezy.stagingenv.co.nz
Open in
urlscan Pro
184.168.124.105
Malicious Activity!
Public Scan
Effective URL: https://charge-ezy.stagingenv.co.nz/mobileapp/32.65.74.01.23.44/App.anz.nz/login1.html
Submission: On April 28 via api from DE — Scanned from NZ
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 1st 2023. Valid for: 3 months.
This is the only time charge-ezy.stagingenv.co.nz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ANZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 184.168.124.105 184.168.124.105 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
8 24 | 45.60.160.117 45.60.160.117 | 19551 (INCAPSULA) (INCAPSULA) | |
22 | 3 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 105.124.168.184.host.secureserver.net
charge-ezy.stagingenv.co.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
anz.co.nz
8 redirects
digital.anz.co.nz |
151 KB |
2 |
stagingenv.co.nz
1 redirects
charge-ezy.stagingenv.co.nz |
16 KB |
22 | 2 |
Domain | Requested by | |
---|---|---|
24 | digital.anz.co.nz |
8 redirects
charge-ezy.stagingenv.co.nz
digital.anz.co.nz |
2 | charge-ezy.stagingenv.co.nz | 1 redirects |
22 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.anz.co.nz |
windows.microsoft.com |
www.mozilla.org |
www.google.com |
digital.anz.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
charge-ezy.stagingenv.co.nz cPanel, Inc. Certification Authority |
2023-04-01 - 2023-06-30 |
3 months | crt.sh |
digital.anz.co.nz DigiCert SHA2 Extended Validation Server CA |
2022-08-16 - 2023-09-16 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://charge-ezy.stagingenv.co.nz/mobileapp/32.65.74.01.23.44/App.anz.nz/login1.html
Frame ID: C0CD6438A4CED2B9CD9E125BAA811981
Requests: 25 HTTP requests in this frame
Frame:
https://digital.anz.co.nz/preauth/assets/images/svg/brand/anz_logo_gradient.svg
Frame ID: 0D96426E2FC1F52DE69D56BB3115F839
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
ANZ: Internet Banking Log OnPage URL History Show full URLs
-
http://charge-ezy.stagingenv.co.nz/mobileapp/32.65.74.01.23.44/App.anz.nz/login1.html
HTTP 301
https://charge-ezy.stagingenv.co.nz/mobileapp/32.65.74.01.23.44/App.anz.nz/login1.html Page URL
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Internet Explorer �
Search URL Search Domain Scan URL
Title: Firefox �
Search URL Search Domain Scan URL
Title: Chrome �
Search URL Search Domain Scan URL
Title: More about our recommended software settings
Search URL Search Domain Scan URL
Title: Log on
Search URL Search Domain Scan URL
Title: Security & Privacy Statement
Search URL Search Domain Scan URL
Title: Website Terms of Use
Search URL Search Domain Scan URL
Title: Electronic Banking Conditions
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://charge-ezy.stagingenv.co.nz/mobileapp/32.65.74.01.23.44/App.anz.nz/login1.html
HTTP 301
https://charge-ezy.stagingenv.co.nz/mobileapp/32.65.74.01.23.44/App.anz.nz/login1.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://digital.anz.co.nz/preauth/dtagent_ICA23jrx_7000000031020.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/vendor/modernizr.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/config.require.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/vendor/require.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/vendor.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/config.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/app/app.js HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
- https://digital.anz.co.nz/preauth/assets/core.print.css HTTP 302
- https://digital.anz.co.nz/preauth/web/service/login
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login1.html
charge-ezy.stagingenv.co.nz/mobileapp/32.65.74.01.23.44/App.anz.nz/ Redirect Chain
|
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script
digital.anz.co.nz/preauth/web/service/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo.js
digital.anz.co.nz/preauth/assets/fonts/licenced/myriad-pro/ |
19 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo-d.css
digital.anz.co.nz/preauth/assets/fonts/licenced/myriad-pro//c/ |
108 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.nonresponsive.css
digital.anz.co.nz/preauth/assets/ |
129 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
primary-spinner.svg
digital.anz.co.nz/preauth/assets/images/svg/brand/ |
522 B 669 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
140717-goMoney_login.jpg
digital.anz.co.nz/App_Themes/Common/Images/sidebar/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
digital.anz.co.nz/preauth/web/service/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-gradient.png
digital.anz.co.nz/preauth/assets/images/brand/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-semibold-webfont.woff2
digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anz-icons.woff
digital.anz.co.nz/preauth/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 20 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anz_logo_gradient.svg
digital.anz.co.nz/preauth/assets/images/svg/brand/ Frame 0D96 |
5 KB 2 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-semibold-webfont.woff
digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
anz-icons.ttf
digital.anz.co.nz/preauth/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
proximanova-semibold-webfont.ttf
digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/proximanova-semibold-webfont.woff2
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/anz-icons.woff?88b0600a601495d043793b3d6c58d55c
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/proximanova-semibold-webfont.woff
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/anz-icons.ttf?88b0600a601495d043793b3d6c58d55c
- Domain
- digital.anz.co.nz
- URL
- https://digital.anz.co.nz/preauth/assets/fonts/licenced/proxima-nova/proximanova-semibold-webfont.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ANZ Bank (Banking)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| PreAuthPage function| isIE object| Typekit object| digitalData object| pageModelInfo3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.anz.co.nz/ | Name: nlbi_2646974 Value: RjpyU6IcZF+0P+13DGrZtAAAAACDPKZL5iyLphAbZmyggHNL |
|
.anz.co.nz/ | Name: visid_incap_2646974 Value: 5PxjOW91RnOVh8z0woeXYcZiS2QAAAAAQUIPAAAAAAAQ5KIJ+C9JdVJ7dGxtBbEd |
|
.anz.co.nz/ | Name: incap_ses_364_2646974 Value: 7WTSYtcbix8g5oQf+zANBcZiS2QAAAAAes6LB6YkiPhqo01SVyL7/A== |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
charge-ezy.stagingenv.co.nz
digital.anz.co.nz
digital.anz.co.nz
184.168.124.105
45.60.160.117
033507aeefb0c4b634f96824777a8edf96ea06fb69f0aaac3f79fe00b37e9383
0aa257dd4f2480ac9580c8137d344623eafe2a78dab2c6169acf16cbdf3dcdce
6b9c3e1cdac34aa860caabd9530a5376891b7a0bc6e56d73d2c7b52455316722
94d9d7a604727a6112f35f344d0190b2e86e0beb40c6a17644f0699e03361694
9b461e8e2d58e6a5fceaa1146cc332688c484af9b331208480d25a4b1ebd2886
a2ecd495b2cb054b889984abb7f9602fd858d05608a5fd2efcbcd0b6b79b50a7
affe814530b0a75b0babdd571ffcd7ca1a3b5a1bc7ebe25f292d27f774df7281
c48627cca0acac1bbb30401c842c8c0b31b2429575fa27daa6ffcdd64f2f7da2
c89404f1564e543aa95db072387fd1f3f84998b748be83af3e1df75910991925
ca56be0afd8ae811b855bffe503e095c0b6deb1b52d7a7d42d0b6e6624e8bc97
e0b1acb0e098f44401d9d89902d17604b0eeb90d9873398e89efaadb2f4e0b43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e933d79c9c46b88f678fff582138d682bd48c30fc3d69d9a8fc599f56d8bff27
f34c3e99f6630a426fa9194695c46e549167ddbd1b48ca4825c517511a24fef8