sgmallsales.com
Open in
urlscan Pro
162.0.239.174
Malicious Activity!
Public Scan
Submission: On October 01 via manual from FR — Scanned from FR
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 8th 2022. Valid for: a year.
This is the only time sgmallsales.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ANZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 23 | 162.0.239.174 162.0.239.174 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
22 | 1 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server1.superglobalmall.com
sgmallsales.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
sgmallsales.com
1 redirects
sgmallsales.com |
298 KB |
22 | 1 |
Domain | Requested by | |
---|---|---|
23 | sgmallsales.com |
1 redirects
sgmallsales.com
|
22 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
digital.anz.co.nz |
www.anz.co.nz |
www.microsoft.com |
www.google.com |
www.mozilla.org |
help.anz.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sgmallsales.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-08 - 2023-04-17 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://sgmallsales.com/.well-known/BANK/torsion/index.php
Frame ID: 277EE7A00ED548A81E81E695E5AEECFF
Requests: 20 HTTP requests in this frame
Frame:
https://sgmallsales.com/.well-known/BANK/torsion/1_files/dest5.html
Frame ID: 69F8D6A266F951CACD531BAD17FDAEE3
Requests: 1 HTTP requests in this frame
Frame:
https://sgmallsales.com/.well-known/BANK/torsion/1_files/anz_logo_gradient.svg
Frame ID: 3997B9272FE1A86D5FD8B50AA572C40D
Requests: 1 HTTP requests in this frame
16 Outgoing links
These are links going to different origins than the main page.
Title: Skip to main content
Search URL Search Domain Scan URL
Title: Skip to secondary menu
Search URL Search Domain Scan URL
Title: Find out more
Search URL Search Domain Scan URL
Title: ANZ Bank New Zealand Limited
Search URL Search Domain Scan URL
Title: Register now
Search URL Search Domain Scan URL
Title: Edge ®
Search URL Search Domain Scan URL
Title: Chrome ®
Search URL Search Domain Scan URL
Title: Firefox ®
Search URL Search Domain Scan URL
Title: More about our recommended software settings
Search URL Search Domain Scan URL
Title: Forgot password?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Log on
Search URL Search Domain Scan URL
Title: Security & Privacy Statement
Search URL Search Domain Scan URL
Title: Website Terms of Use
Search URL Search Domain Scan URL
Title: Electronic Banking Conditions
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://sgmallsales.com/preauth/assets/fonts/licenced/myriad-pro//c/pff0kwo-d.css HTTP 301
- https://sgmallsales.com/preauth/assets/fonts/licenced/myriad-pro/c/pff0kwo-d.css
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
sgmallsales.com/.well-known/BANK/torsion/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
841 B 801 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d-all-full-lood-when-holence-to-all-pratesse-I-p
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
150 KB 48 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo.js.t%C3%A9l%C3%A9chargement
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo-d.css
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.responsive.css
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
129 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor.js.t%C3%A9l%C3%A9chargement
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preauth.js.t%C3%A9l%C3%A9chargement
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
primary-spinner.svg
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
57 KB 57 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DaffodilDay.jpg
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
sgmallsales.com/.well-known/BANK/torsion/1_files/ |
149 KB 21 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pff0kwo-d.css
sgmallsales.com/preauth/assets/fonts/licenced/myriad-pro/c/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-gradient.png
sgmallsales.com/preauth/assets/images/brand/ |
57 KB 57 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anz-icons.woff
sgmallsales.com/preauth/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proximanova-semibold-webfont.woff2
sgmallsales.com/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
sgmallsales.com/.well-known/BANK/torsion/1_files/ Frame 69F8 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anz_logo_gradient.svg
sgmallsales.com/.well-known/BANK/torsion/1_files/ Frame 3997 |
5 KB 2 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Incapsula_Resource
sgmallsales.com/ |
54 KB 54 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anz-icons.ttf
sgmallsales.com/preauth/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proximanova-semibold-webfont.woff
sgmallsales.com/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proximanova-semibold-webfont.ttf
sgmallsales.com/preauth/assets/fonts/licenced/proxima-nova/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ANZ Bank (Banking)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| a0_0x1553 function| a0_0x554f undefined| reese84 function| reese84interrogator function| initializeProtection object| Typekit object| digitalData object| pageModelInfo1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sgmallsales.com/ | Name: ___utmvc Value: I8fGYBO7YsMBEe+PA9VBoWnUjNJMYicEWDuKYV0J10G60cWD6iXOkIzLHDeEHUrVIM7Y7ESvEFAaRU4pD2IXy8+1e97phk0whZHrCGeCl49hlhR2LX4sR/qJb7Ml8LfcPQS5vJnPpooggXXzZSW0YXL3JXsoTUR2wln84LmXc9WtsJCdlHJUYTleYLgW8Lwo4ySqYkACDUmCJ5UxjRI/2aUrN6CG8PC8iVyd/3dNHFxpDDRGHWqIEQU2o/TbQXOR9UHNEVp3JI1Smvvm8MiNjOwM/1qWgmGIBWnSFA1ecRnpBtUP+dKQ48hmwn+xKgtnVZVptGeEgia8+48Vay45B6OydvYf2Tr0WKocQqlS+SapDhTv/VBVvV8oE3uRGgDFC343SNQFmZwXZJpRhJujrb6RzIyLM3pX5wImqkL/Lhg4WdMK1muDjP8sr40trVjSO8MkO7RcKhHvRgvxjt9+q94+0ylv49E+P0MlmWuq76aAWcJi0qzh6/dn739OzKCt+9M3tPefpfC5shx18awFo1HCr+wPiX6ad0+b6pJYZsJjRZ+wg16tVj0Z/NRFhgf+1DVC4ebuDlWH3GHPKmJBgZINRQfVMwFqmeRxhoTSEWjfUi+CcuW0pP+OtuT+EU5ClQbW/fDXlaNF2ipEEblvKkU+sifQT7dpqZMvcCvbjnjWkH8kX5JyoQ/vM1PF2Sk9EtkJCe0sLDA9Icm0K2gFQ2s6l6JchCadXQ60/tAnYGt9Ay3A4fRORUI8WssCvyWmyrg/QCPup+XDnp3VmlUUJINLIffHdzn6/7o0oA7oOzPHpmBdJiL263mYJ0Nhnp8KVQDV8SsDzfwFVXn1qdpIy8/pBn/JNfURdV4vER+7PkSZyuuicqV24rmgqftfRc25rz0Enhihww+Rw1peimJAHtO0m4RcMtAYGfJsLLrL85/ZzTTGekvs3CFxrRucuf5OuL98XSP1lwKYFVmspzSB2V9lFw6y7dmh0Hy3yw3UPhMfV2P9o5RHnou4J/oT+lmWjLD9JWa0F8vJDty0VtfYvg/sj8soLQM/PxzSWJ6CX119iR5bzhQTDTnsFzORc8IvmfJClEq3kX2xKWEd0WRHtwdPVoVrylVeB4FKgfN/1cIleYaJgK+bp4CB0imT/Lym9uLReZU8gMRKY2S0T5sc7AnuHi2JFZaNwfytfI0PpaDsfGxHJSE8Pa7Bqkyv+99yUfgKeLUJYng22ysn4E4by0u2PjS6C3rJv3KJohiZGFAO9wLS4Jk+A28moiIvrfaUYrIEncfp2BSJZiE62VnvxuPoV8IEK0nhWHAM+17k0XpH+iU0etdxD7awJeo5yOfK+x9ur+LuznCJuZYfLi+mJhY67zUWariD08Ycjcv1tfC4BLZMrebHeuCMThxoU9JNmuFVouCYVNTfm4hVGIyA1Kk7Dge+X1FCoJfoWY0wU6MZ0oCAimUdGWcYk9/kdqaR1R3Rxi3zWBMoHPxz1UIffh9fKF2MvjsvHimqvBItRdsuau8j7yYS6rx6TadikfkqHBkakqri90k3CrPaDnstAZJTkNo34pf20rpWT81e7JaDD1GW91tpzAHM53peNTkB1BFdkw6wj+BA3AptjBm+SscsaDofPh7mbT+DV9JHkmnPCu0R30hFPio7y7eJmackHX/YtiDV6fp6Ii4Fl927kCKfFD7MilG+8rVPG9uoE2phRqjrqkuE1Xbw4hsY2B12HboFo1s9LSlFQtbjdwmkuv9TNE4YWL0K5cqAeEMI+JnrD34ycZmKEaY1UU8MXweWHeNr1CkdQiKTFqoJSrkGSpkmn9L4hhnBXTxb1pQd9BrZ4aC3xpBcU9dZ1/GWJg9RtjnGklkmcAqceucQ+zhzpaPdMHVYjBv6XhTGFymBtwKsEJrWTEUhVlfdON1aWBgmC0i5YbYCn/KcR/gyax1Ui3Mt51/fHTTzz4TRqLedWytxRbGNA0A7X8Bp86V+2xoyvNl89j/tRm75NJPlE4WxxA/okVbpDlnpx/qOYvEzSAMoeDy36ZPcQ/Kexgc+hynctinUOb44oJaKptmF3Sun62qr+DSMU2OEw1b2FCbqDRK0f8g+HdoEID+M+o+fcaJFve8UcNXnid5opH4GcfAO6JEV2eDQxrNCee78GoiS72tj7+7dQtrLCl0yFrWXLh1mTUd4yaTnllO0dUh9QMfPJsU0eXL7F5TXrKs9xAFG+/h9ndR4S9RWziR7/9XryeJSa9XkuxnT0l30L6R6Mu2bqW0k21sezgvK6cwiVcCodlyhTD02BZQIugpszhDZpQmvpY/gqDpkgXr9JDGbz7S0Ibqlc5CKMcgIm4439uTDlpzEAc8kSsFULB4hOmUXaYHRL/KXFlNHvh5I6MMtXmiV2X0nx2iH4vhIyyXvQPnHvTgPc/5yMsVxehYAKmKSDqGFVTzfeic5g/YyKcvHmpmysUEtH060n/tzPhZhijEd0cak+zgm1PfMvSg1osa+RM67NiE1ECAVyfYWv70fC+s5q7XqUGA8KN7oM0z71+in0YyLNljWU5H0hMzfe+TIPSBhwQFTYbhrd+bw61bt8oOaGpU2Oe+fxBaSSYMiPOMt/I8WWdUv9NTESatQ2Ryc2RsJFKh65LPbZP67gt5+d67yKV2Fz87BBFyZLXfGccW9yZUit07aajOY8b5Y1pWMCfTcLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4= |
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sgmallsales.com
162.0.239.174
023765179f47ae2a84659c8255ec8b0a8719af1c9b8d0080da5a14867aee8f8c
033507aeefb0c4b634f96824777a8edf96ea06fb69f0aaac3f79fe00b37e9383
1f28ea9436c68880d59893a79eb2d2ea7760ce944ee00d8612919aa913760bf8
2c7b3dd2fa4af0700f4c540b065201859e9034c1ba6313486bdbbc2a9613c4cb
37cf447214099b2c3b2feee418425a79c66c4ce4f2aef5614982dcc46706abac
77b9590300b054e499cc271a3c314d3cf38e5ce28120e5bcf6140b32ffdad334
7da163db8f249030ed11d1f9f866ab2969c3afb8b88d5c022294d218b1eda4a6
ab51a5b653d3843f495e265255d7447e82a0e92299cb1c43b8dc42b4728e69fd
c4d7f00f038109f7232783f1dc8f0bfb5069850148cca33b3fba9fd32c83f664
c89404f1564e543aa95db072387fd1f3f84998b748be83af3e1df75910991925
cb7ee1dd771f11716a272506f5da97104402b4ebe382e96fbf3530ed7189ac3e