zghttf120.sa.com Open in urlscan Pro
185.221.216.115 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zghttf120.sa.com/System/questions.html
Effective URL:
https://zghttf120.sa.com/System/questions.html
Submission: On April 05 via manual (April 5th 2024, 5:25:57 am UTC) from AU — Scanned from GB

Summary HTTP 32 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 32 HTTP transactions. The main IP is 185.221.216.115, located in London, United Kingdom and belongs to HOST4GEEKS-LLC, US. The main domain is zghttf120.sa.com.
TLS certificate: Issued by R3 on March 25th 2024. Valid for: 3 months.

This is the only time zghttf120.sa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ANZ Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
11	185.221.216.115 185.221.216.115	393960 (HOST4GEEK...) (HOST4GEEKS-LLC)
20	45.60.124.46 45.60.124.46	19551 (INCAPSULA) (INCAPSULA)
32	3

11 185.221.216.115 (London, United Kingdom)

ASN393960 (HOST4GEEKS-LLC, US)
PTR: sokhanedoost.com

zghttf120.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 45.60.124.46 (United States)

ASN19551 (INCAPSULA, US)

apib1.anz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	anz.com apib1.anz.com	47 KB
11	sa.com zghttf120.sa.com	38 KB
32	2

	Domain	Requested by
20	apib1.anz.com	zghttf120.sa.com apib1.anz.com
11	zghttf120.sa.com	zghttf120.sa.com
32	2

This site contains links to these domains. Also see Links.

Domain
www.anz.com

Subject Issuer	Validity	Valid
zghttf120.sa.com R3	`2024-03-25` - `2024-06-23`	3 months	crt.sh
apib1.anz.com DigiCert EV RSA CA G2	`2024-01-30` - `2025-01-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://zghttf120.sa.com/System/questions.html
Frame ID: 6D93288CFD06BAECBC7BA67141F37DC9
Requests: 31 HTTP requests in this frame

Frame: https://zghttf120.sa.com/System/_blank.htm
Frame ID: 43CDCB2E2D4BC14C5725FC16CF4BCABF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ANZ Internet Banking

Page URL History Show full URLs

http://zghttf120.sa.com/System/questions.html HTTP 307
https://zghttf120.sa.com/System/questions.html Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Page Statistics

32
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

85 kB
Transfer

170 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.anz.com/ib-fj/en/log-on/logon
Title: Help

Search URL Search Domain Scan URL

URL: https://www.anz.com/ib-fj/en/ext/faqs/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.anz.com/ib-fj/en/ext/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.anz.com/ib-fj/en/ext/privacy/
Title: Security and Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.anz.com/ib-fj/en/ext/website-terms/
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://www.anz.com/ib-fj/en/ext/terms-conditions/
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zghttf120.sa.com/System/questions.html HTTP 307
https://zghttf120.sa.com/System/questions.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request questions.html Show response zghttf120.sa.com/System/ Redirect Chain http://zghttf120.sa.com/System/questions.html https://zghttf120.sa.com/System/questions.html	34 KB 35 KB	105ms 29ms	Document text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Full URL https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `e98be9daf98d9fe1370923c625baf98a5e9e994ef29a7d01b873b77ba752ab51` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 35134 Content-Type text/html Date Fri, 05 Apr 2024 05:25:53 GMT Keep-Alive timeout=5, max=100 Last-Modified Thu, 04 Apr 2024 21:30:16 GMT Server Apache Redirect headers Location https://zghttf120.sa.com/System/questions.html Non-Authoritative-Reason HttpsUpgrades
GET H2	200	ANZBEAMNetIB.css apib1.anz.com/apinetbank/	43 KB 8 KB	336ms 51ms	Stylesheet text/css	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/ANZBEAMNetIB.css Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `d5172c2249c75adb323bf51f944c25e6a09bbb95fec927b049d527ff48d497db` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Tue, 23 Jan 2024 06:30:40 GMT x-cdn Imperva etag "068f4aec54dda1:0" content-type text/css x-iinfo 13-93371724-93371768 2CNN RT(1712294752632 231) q(0 0 0 2) r(0 0) cache-control max-age=85771, public x-incap-sess-cookie-hdr i811DkDsmVMYD/eSARMhDGCLD2YAAAAA++zpkGF9d4l+9+NJIqRmgA== content-length 7270 expires Sat, 06 Apr 2024 05:15:23 GMT
GET H2	200	AjaxHandlerV510.js Show response apib1.anz.com/apinetbank/Ajax/JavaScript/	5 KB 2 KB	386ms 100ms	Script application/javascript	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/Ajax/JavaScript/AjaxHandlerV510.js Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `a035897fffc4a91edde74fc0cefe014f0a6e0bc840fc6a63743ed76b6f03ac75` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Tue, 23 Jan 2024 06:30:08 GMT x-cdn Imperva etag "098e19bc54dda1:0" content-type application/javascript x-iinfo 13-93371724-93371784 2CNN RT(1712294752632 260) q(0 0 1 3) r(1 1) cache-control max-age=45539, public x-incap-sess-cookie-hdr GZbgWDJGwxEYD/eSARMhDGCLD2YAAAAAym6tOsO7ag98p5t/340/fQ== content-length 1948 expires Fri, 05 Apr 2024 18:04:51 GMT
GET H2	200	AjaxBusinessRulesV510.js Show response apib1.anz.com/apinetbank/Ajax/JavaScript/	2 KB 936 B	362ms 77ms	Script application/javascript	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/Ajax/JavaScript/AjaxBusinessRulesV510.js Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `a759f24905fe6b321d5d8e0a7562a75bde726cbba7716a590d98f48e90e2e627` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Tue, 23 Jan 2024 06:30:16 GMT x-cdn Imperva etag "04ca6a0c54dda1:0" content-type application/javascript x-iinfo 13-93371724-93371774 2CNN RT(1712294752632 239) q(0 0 0 2) r(1 1) cache-control max-age=45539, public x-incap-sess-cookie-hdr h69/fCiypg4YD/eSARMhDGCLD2YAAAAAoKOt87MF7oLe+czlapdODQ== content-length 513 expires Fri, 05 Apr 2024 18:04:51 GMT
GET H2	200	ProgressBarV510.js Show response apib1.anz.com/apinetbank/controls/ANZ/JavaScript/	2 KB 1 KB	363ms 78ms	Script application/javascript	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/controls/ANZ/JavaScript/ProgressBarV510.js Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `a56d0d73b7adfed88c9b6eac84ac09f3c59b6cdb9757a724c71806aaf80ca96e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Tue, 23 Jan 2024 06:30:18 GMT x-cdn Imperva etag "079d7a1c54dda1:0" content-type application/javascript x-iinfo 13-93371724-93371777 2CNN RT(1712294752632 243) q(0 0 0 6) r(1 1) cache-control max-age=48194, public x-incap-sess-cookie-hdr OYLJGd3DVBcYD/eSARMhDGCLD2YAAAAARjcOz8+K7SxY0oPABLaM7A== content-length 633 expires Fri, 05 Apr 2024 18:49:06 GMT
GET H2	200	favoritesV510.js Show response apib1.anz.com/apinetbank/controls/ANZ/JavaScript/	868 B 791 B	341ms 56ms	Script application/javascript	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/controls/ANZ/JavaScript/favoritesV510.js Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `c6b66a87abe7e4fa958bb16ce3fd1847192b294ce8c2c76fbd97ad415c8204ba` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Tue, 23 Jan 2024 06:30:24 GMT x-cdn Imperva etag "006ba5c54dda1:0" content-type application/javascript x-iinfo 13-93371724-93371769 2CNN RT(1712294752632 232) q(0 0 0 5) r(0 0) cache-control max-age=48205, public x-incap-sess-cookie-hdr LpugTGCwrB0YD/eSARMhDGCLD2YAAAAA6J9HfEn8wsfVnT0v0a827A== content-length 354 expires Fri, 05 Apr 2024 18:49:17 GMT
GET H2	200	FunctionsInetV510.js Show response apib1.anz.com/apinetbank/JavaScript/	26 KB 9 KB	366ms 81ms	Script application/javascript	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/JavaScript/FunctionsInetV510.js Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `0699304ca15386f2c70c8f5ba09ed7e137952575015308cf34883f88b9e38e7d` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Tue, 23 Jan 2024 06:30:12 GMT x-cdn Imperva etag "0f2439ec54dda1:0" content-type application/javascript x-iinfo 13-93371724-93371769 2CNN RT(1712294752632 265) q(0 1 1 3) r(1 1) cache-control max-age=85771, public x-incap-sess-cookie-hdr eZ5NeJEFEw0YD/eSARMhDGCLD2YAAAAAhdhGS8Sc9UT7R+LB7W8ihg== content-length 8516 expires Sat, 06 Apr 2024 05:15:23 GMT
GET H2	200	ClientSideEventsV510.js Show response apib1.anz.com/apinetbank/JavaScript/	21 KB 7 KB	365ms 80ms	Script application/javascript	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/JavaScript/ClientSideEventsV510.js Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `1eeada6eabe24dde53b72caf102691b567060450aa55ab51e78a9e0438e44249` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Tue, 23 Jan 2024 06:30:40 GMT x-cdn Imperva etag "068f4aec54dda1:0" content-type application/javascript x-iinfo 13-93371724-93371779 2CNN RT(1712294752632 251) q(0 0 1 1) r(1 1) cache-control max-age=45539, public x-incap-sess-cookie-hdr ZimUZaVTyT8YD/eSARMhDGCLD2YAAAAA7di0mDxZq79Gtf18dooc6A== content-length 6407 expires Fri, 05 Apr 2024 18:04:51 GMT
GET H2	200	WebResource.axd Show response apib1.anz.com/apinetbank/apinetbank/	23 KB 6 KB	367ms 82ms	Script application/x-javascript	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/apinetbank/WebResource.axd?d=8eFYHcsif5gogwQ2Jj8sECsiCkd_QuTZhp7vdwMVQEn4lBvgmbgSBYfmhHUZ7kp5YXVKNPkPBYKu32dxiNpmiHRQhaw1&t=635696435464860816 Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Fri, 14 Apr 2023 13:04:21 GMT x-cdn Imperva etag "1681477462:dtagent10263230921131557gAUM" content-type application/x-javascript x-iinfo 13-93371724-0 0CNN RT(1712294752632 270) q(0 -1 -1 3) r(0 -1) cache-control max-age=30570893, public x-incap-sess-cookie-hdr IJjyMlsag3cYD/eSARMhDGCLD2YAAAAA6UaX6DSdxF7yhu/+Yuj8XA== content-length 6007 expires Tue, 25 Mar 2025 01:20:45 GMT
GET H2	200	WebResource.axd Show response apib1.anz.com/apinetbank/apinetbank/	3 KB 1 KB	364ms 79ms	Script application/x-javascript	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/apinetbank/WebResource.axd?d=A8yiGL2jLWRKH7ejJAelPSOQIMq_ul92CTMlFUVRHpg_cjdDaOsW966axlJw190iv6vhFh6wJIC7XUiIM2EyP8vJBP01&t=635696435464860816 Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT content-encoding gzip last-modified Fri, 14 Apr 2023 13:04:21 GMT x-cdn Imperva etag "1681477462:dtagent10263230921131557gAUM" content-type application/x-javascript x-iinfo 13-93371724-0 0CNN RT(1712294752632 253) q(0 -1 -1 4) r(1 -1) cache-control max-age=30570893, public x-incap-sess-cookie-hdr db1nCfvUEDMYD/eSARMhDGCLD2YAAAAA+/5ZYc7Y3nF7NeNkbKRH6A== content-length 978 expires Tue, 25 Mar 2025 01:20:45 GMT
GET H2	200	ANZFJ_Logo.gif apib1.anz.com/apinetbank/controls/ANZ/Images/Header/	3 KB 3 KB	51ms 51ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ANZFJ_Logo.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `ca29e41b4937c09b79e9bbfc366d0089061d503076f1523e31fd9a098abea21f` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT last-modified Tue, 23 Jan 2024 06:30:32 GMT x-cdn Imperva etag "0b42faac54dda1:0" content-type image/gif x-iinfo 13-93371724-93371791 2CNN RT(1712294752632 284) q(0 0 0 0) r(0 0) cache-control max-age=13840, public x-incap-sess-cookie-hdr vsfNbb60oA0YD/eSARMhDGCLD2YAAAAAtkGSM4rDr6CEYRfzPJzl4Q== content-length 2905 expires Fri, 05 Apr 2024 09:16:32 GMT
GET H2	200	ANZ_Tab_Spacer_2.gif apib1.anz.com/apinetbank/controls/ANZ/Images/Header/	67 B 473 B	50ms 49ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ANZ_Tab_Spacer_2.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `15c9bd600ed70158a9cd3737b87a79e3aefb9fd87db448ee8611d870986ea2e9` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT last-modified Tue, 23 Jan 2024 06:30:18 GMT x-cdn Imperva etag "079d7a1c54dda1:0" content-type image/gif x-iinfo 13-93371724-93371784 2CNN RT(1712294752632 285) q(0 0 0 2) r(0 0) cache-control max-age=45530, public x-incap-sess-cookie-hdr mAJ5P2w3rCoYD/eSARMhDGCLD2YAAAAAHR8MOJ7ER2Jigpg28SadrQ== content-length 67 expires Fri, 05 Apr 2024 18:04:42 GMT
GET H2	200	ANZ_Tab_Spacer.gif apib1.anz.com/apinetbank/controls/ANZ/Images/Header/	156 B 614 B	44ms 42ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ANZ_Tab_Spacer.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `158f70e2539bfb4179eb9e930d338f5047958c84c436d1284c5c6e1f01b40261` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT last-modified Tue, 23 Jan 2024 06:30:22 GMT x-cdn Imperva etag "0d339a4c54dda1:0" content-type image/gif x-iinfo 13-93371724-93371784 2CNN RT(1712294752632 345) q(0 0 0 0) r(0 0) cache-control max-age=45532, public x-incap-sess-cookie-hdr KNBSFmXIxX8YD/eSARMhDGCLD2YAAAAA//nh9wJICX/XRRhs57FYsg== content-length 156 expires Fri, 05 Apr 2024 18:04:44 GMT
GET H/1.1	404 Not Found	ANZ_Menu_Spacer_2.gif zghttf120.sa.com/System/controls/ANZ/Images/Content/	315 B 315 B	30ms 29ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/Content/ANZ_Menu_Spacer_2.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	ANZ_Menu_Spacer_1.gif apib1.anz.com/apinetbank/controls/ANZ/Images/Content/	274 B 695 B	48ms 46ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/Content/ANZ_Menu_Spacer_1.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `3cad4212a2fc105f7b3c346ce30eeb87a3dc02b7887264fcf4046b8a31c320ca` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT last-modified Tue, 23 Jan 2024 06:30:38 GMT x-cdn Imperva etag "03bc3adc54dda1:0" content-type image/gif x-iinfo 13-93371724-93371791 2CNN RT(1712294752632 349) q(0 0 0 2) r(0 0) cache-control max-age=11166, public x-incap-sess-cookie-hdr kajFahfq1ikYD/eSARMhDGCLD2YAAAAAU0ugntl1BAsHaeE2/7YqIQ== content-length 274 expires Fri, 05 Apr 2024 08:31:58 GMT
GET		ANZ_BG_Menu_Side_End.gif apib1.anz.com/apinetbank/ontrols/ANZ/Images/Content/	0 0

GET H2	200	progressbar_0.gif apib1.anz.com/apinetbank/controls/ANZ/Images/ProgressBar/	209 B 608 B	53ms 51ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/ProgressBar/progressbar_0.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `b77efb16727161c9824531e62e4a9a2e4357d416488a7b7d2f6ad8c592a5252c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:52 GMT last-modified Tue, 23 Jan 2024 06:30:38 GMT x-cdn Imperva etag "03bc3adc54dda1:0" content-type image/gif x-iinfo 13-93371724-93371769 2CNN RT(1712294752632 355) q(0 0 0 1) r(0 0) cache-control max-age=48198, public x-incap-sess-cookie-hdr 0VkMQORXZD0YD/eSARMhDGCLD2YAAAAAxhZSWkyJqg/mMsl6D8MjXQ== content-length 209 expires Fri, 05 Apr 2024 18:49:10 GMT
GET H/1.1	404 Not Found	progressbar_0.gif zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/	315 B 315 B	88ms 29ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_0.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	progressbar_1.gif zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/	315 B 315 B	90ms 30ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_1.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	progressbar_2.gif zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/	315 B 315 B	90ms 30ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_2.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	progressbar_3.gif zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/	315 B 315 B	91ms 29ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_3.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	progressbar_4.gif zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/	315 B 315 B	91ms 29ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_4.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	progressbar_5.gif zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/	315 B 315 B	29ms 29ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_5.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	progressbar_6.gif zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/	315 B 315 B	30ms 30ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_6.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=96 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	ANZ_Tab_Over.gif apib1.anz.com/apinetbank/controls/ANZ/Images/Header/	388 B 791 B	56ms 55ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ANZ_Tab_Over.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `781f44845576f0dfa93c7d764c30be923e1898cc4e4c9d1de6999a2f7ecd52e7` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:53 GMT last-modified Tue, 23 Jan 2024 06:30:38 GMT x-cdn Imperva etag "03bc3adc54dda1:0" content-type image/gif x-iinfo 13-93371724-93371791 2CNN RT(1712294752632 360) q(0 0 0 0) r(1 1) cache-control max-age=11166, public x-incap-sess-cookie-hdr 0lGCFFuu7jEYD/eSARMhDGGLD2YAAAAAQFurt38ghVgtH6NTp4+5iQ== content-length 388 expires Fri, 05 Apr 2024 08:31:59 GMT
GET H2	200	ANZ_Tab_Out.gif apib1.anz.com/apinetbank/controls/ANZ/Images/Header/	1 KB 1 KB	87ms 87ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ANZ_Tab_Out.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `d65109da0dae32d7c908381843341d0cb4622d718041c24784ebacbc2ecb71cc` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:53 GMT last-modified Tue, 23 Jan 2024 06:30:08 GMT x-cdn Imperva etag "098e19bc54dda1:0" content-type image/gif x-iinfo 13-93371724-93371826 2CNN RT(1712294752632 364) q(0 0 1 0) r(1 1) cache-control max-age=11166, public x-incap-sess-cookie-hdr //FgXr8xlAgYD/eSARMhDGGLD2YAAAAADijssZIDar2qz4PDpc0wLw== content-length 1122 expires Fri, 05 Apr 2024 08:31:59 GMT
GET H2	200	ANZ_Tab_Selected.gif apib1.anz.com/apinetbank/controls/ANZ/Images/Header/	397 B 779 B	80ms 80ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ANZ_Tab_Selected.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `23fcf9358ede3c2c1493bd02e97026a916a02de5ea466eb1e51fe903f2c5e372` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:53 GMT last-modified Tue, 23 Jan 2024 06:30:18 GMT x-cdn Imperva etag "079d7a1c54dda1:0" content-type image/gif x-iinfo 13-93371724-93371791 2CNN RT(1712294752632 369) q(0 0 0 16) r(0 0) cache-control max-age=11166, public x-incap-sess-cookie-hdr FxPZQlplgwQYD/eSARMhDGGLD2YAAAAAzIdIiW12uowpTYerG1d0Wg== content-length 397 expires Fri, 05 Apr 2024 08:31:59 GMT
GET H/1.1	404 Not Found	_blank.htm Show response zghttf120.sa.com/System/ Frame 43CD	315 B 515 B	60ms 31ms	Document text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Full URL https://zghttf120.sa.com/System/_blank.htm Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers Referer https://zghttf120.sa.com/System/questions.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-GB,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection Keep-Alive Content-Length 315 Content-Type text/html; charset=iso-8859-1 Date Fri, 05 Apr 2024 05:25:53 GMT Keep-Alive timeout=5, max=98 Server Apache
GET H2	200	ANZ_BG_Logo.gif apib1.anz.com/apinetbank/controls/ANZ/Images/Header/	276 B 654 B	80ms 80ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ANZ_BG_Logo.gif Requested by Host: apib1.anz.com URL: https://apib1.anz.com/apinetbank/ANZBEAMNetIB.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `b770759932dec13dbd50faf1c29389e5cf44489ebb17fff56c2fa8da2cd4b715` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://apib1.anz.com/apinetbank/ANZBEAMNetIB.css accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:53 GMT last-modified Tue, 23 Jan 2024 06:30:38 GMT x-cdn Imperva etag "03bc3adc54dda1:0" content-type image/gif x-iinfo 13-93371724-93371784 2CNN RT(1712294752632 376) q(0 0 0 11) r(0 0) cache-control max-age=45531, public x-incap-sess-cookie-hdr b01MHZZH80gYD/eSARMhDGGLD2YAAAAAFupRhZyznrl3bb6PINVkKw== content-length 276 expires Fri, 05 Apr 2024 18:04:44 GMT
GET H/1.1	404 Not Found	ANZ_BG_Toolbar.gif zghttf120.sa.com/System/controls/ANZ/Images/Header/	315 B 315 B	77ms 29ms	Image text/html	185.221.216.115 HOST4GEEKS-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://zghttf120.sa.com/System/controls/ANZ/Images/Header/ANZ_BG_Toolbar.gif Requested by Host: zghttf120.sa.com URL: https://zghttf120.sa.com/System/questions.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.216.115 London, United Kingdom, ASN393960 (HOST4GEEKS-LLC, US), Reverse DNS sokhanedoost.com Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/System/questions.html accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 05 Apr 2024 05:25:53 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H2	200	ANZ_Button.gif apib1.anz.com/apinetbank/controls/ANZ/Images/button/	264 B 684 B	93ms 93ms	Image image/gif	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://apib1.anz.com/apinetbank/controls/ANZ/Images/button/ANZ_Button.gif Requested by Host: apib1.anz.com URL: https://apib1.anz.com/apinetbank/ANZBEAMNetIB.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `f05790b42e6a5f26b2527a529cb1acda6d67dfd4fbeb4473fbae58c14702e2b0` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://apib1.anz.com/apinetbank/ANZBEAMNetIB.css accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:53 GMT last-modified Tue, 23 Jan 2024 06:30:42 GMT x-cdn Imperva etag "09525b0c54dda1:0" content-type image/gif x-iinfo 13-93371724-93371837 2CNN RT(1712294752632 381) q(0 0 0 8) r(0 0) cache-control max-age=11151, public x-incap-sess-cookie-hdr FNqgJDyQ/RMYD/eSARMhDGGLD2YAAAAA1V23b6p074g9VNLrbfdKHw== content-length 264 expires Fri, 05 Apr 2024 08:31:44 GMT
GET H2	200	favicon.ico apib1.anz.com/apinetbank/images/	1 KB 2 KB	40ms 40ms	Other image/x-icon	45.60.124.46 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://apib1.anz.com/apinetbank/images/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.124.46 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash `dfd39f8dd86061594b80b56bfb964e286d84220e326e6d0b290a2d0c47ab752a` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://zghttf120.sa.com/ accept-language en-GB,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Apr 2024 05:25:53 GMT last-modified Tue, 23 Jan 2024 06:30:08 GMT x-cdn Imperva etag "098e19bc54dda1:0" content-type image/x-icon x-iinfo 13-93371724-93371769 2CNN RT(1712294752632 473) q(0 0 0 1) r(0 0) cache-control max-age=52797, public x-incap-sess-cookie-hdr g+6oDY7GDUkYD/eSARMhDGGLD2YAAAAAAu63Ox6Rlzsdyxct0xOVBw== content-length 1406 expires Fri, 05 Apr 2024 20:05:50 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: apib1.anz.com
URL: chttps://apib1.anz.com/apinetbank/ontrols/ANZ/Images/Content/ANZ_BG_Menu_Side_End.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ANZ Bank (Banking)

299 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chttps://apib1.anz.com/apinetbank/ontrols/ANZ/Images/Content/ANZ_BG_Menu_Side_End.gif Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/Content/ANZ_Menu_Spacer_2.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/Header/ANZ_BG_Toolbar.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_0.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_1.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_2.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_3.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_4.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/_blank.htm Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_5.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://zghttf120.sa.com/System/controls/ANZ/Images/ProgressBar/progressbar_6.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apib1.anz.com
zghttf120.sa.com
apib1.anz.com
185.221.216.115
45.60.124.46
0699304ca15386f2c70c8f5ba09ed7e137952575015308cf34883f88b9e38e7d
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
158f70e2539bfb4179eb9e930d338f5047958c84c436d1284c5c6e1f01b40261
15c9bd600ed70158a9cd3737b87a79e3aefb9fd87db448ee8611d870986ea2e9
1eeada6eabe24dde53b72caf102691b567060450aa55ab51e78a9e0438e44249
23fcf9358ede3c2c1493bd02e97026a916a02de5ea466eb1e51fe903f2c5e372
3cad4212a2fc105f7b3c346ce30eeb87a3dc02b7887264fcf4046b8a31c320ca
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
781f44845576f0dfa93c7d764c30be923e1898cc4e4c9d1de6999a2f7ecd52e7
a035897fffc4a91edde74fc0cefe014f0a6e0bc840fc6a63743ed76b6f03ac75
a56d0d73b7adfed88c9b6eac84ac09f3c59b6cdb9757a724c71806aaf80ca96e
a759f24905fe6b321d5d8e0a7562a75bde726cbba7716a590d98f48e90e2e627
b770759932dec13dbd50faf1c29389e5cf44489ebb17fff56c2fa8da2cd4b715
b77efb16727161c9824531e62e4a9a2e4357d416488a7b7d2f6ad8c592a5252c
c6b66a87abe7e4fa958bb16ce3fd1847192b294ce8c2c76fbd97ad415c8204ba
ca29e41b4937c09b79e9bbfc366d0089061d503076f1523e31fd9a098abea21f
d5172c2249c75adb323bf51f944c25e6a09bbb95fec927b049d527ff48d497db
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d65109da0dae32d7c908381843341d0cb4622d718041c24784ebacbc2ecb71cc
dfd39f8dd86061594b80b56bfb964e286d84220e326e6d0b290a2d0c47ab752a
e98be9daf98d9fe1370923c625baf98a5e9e994ef29a7d01b873b77ba752ab51
f05790b42e6a5f26b2527a529cb1acda6d67dfd4fbeb4473fbae58c14702e2b0

zghttf120.sa.com Open in urlscan Pro 185.221.216.115 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

85 kBTransfer

170 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zghttf120.sa.com Open in urlscan Pro
185.221.216.115 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

85 kB
Transfer

170 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!