envirotechindia.net
Open in
urlscan Pro
103.108.220.11
Malicious Activity!
Public Scan
URL:
https://envirotechindia.net/Absa%20OTP/secure/absa/AbsaOnline.htm
Submission Tags: @ipnigh
Submission: On July 08 via api from GB
Submission Tags: @ipnigh
Submission: On July 08 via api from GB
Summary
This website contacted 3 IPs
in 2 countries
across 3 domains to perform 27 HTTP transactions.
The main IP is 103.108.220.11, located in
India and
belongs to WEBWERKS-AS Web Werks India Pvt Ltd, IN.
The main domain is envirotechindia.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 4th 2019. Valid for: 3 months.
This is the only time envirotechindia.net was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 4th 2019. Valid for: 3 months.
This is the only time envirotechindia.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ABSA (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 14 | 103.108.220.11 103.108.220.11 | 133295 (WEBWERKS-...) (WEBWERKS-AS Web Werks India Pvt Ltd) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 27 | 3 |
14
103.108.220.11
(India)
ASN133295 (WEBWERKS-AS Web Werks India Pvt Ltd, IN)
PTR: triumph.herosite.pro
ASN133295 (WEBWERKS-AS Web Werks India Pvt Ltd, IN)
PTR: triumph.herosite.pro
| envirotechindia.net |
1
2a00:1450:4001:809::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| ajax.googleapis.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
envirotechindia.net
envirotechindia.net |
131 KB |
| 1 |
googleapis.com
ajax.googleapis.com |
33 KB |
| 0 |
absa.co.za
Failed
ib.absa.co.za Failed |
|
| 27 | 3 |
| Domain | Requested by | |
|---|---|---|
| 14 | envirotechindia.net |
envirotechindia.net
ajax.googleapis.com |
| 1 | ajax.googleapis.com |
envirotechindia.net
|
| 0 | ib.absa.co.za Failed |
ajax.googleapis.com
|
| 27 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| ib.absa.co.za |
| www.absa.co.za |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| envirotechindia.net cPanel, Inc. Certification Authority |
2019-07-04 - 2019-10-02 |
3 months | crt.sh |
| *.googleapis.com Google Internet Authority G3 |
2019-06-11 - 2019-09-03 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://envirotechindia.net/Absa%20OTP/secure/absa/AbsaOnline.htm
Frame ID: CD8E3E56FD57755D954270BA559E0C9B
Requests: 26 HTTP requests in this frame
Frame:
https://envirotechindia.net/Absa%20OTP/secure/absa/images/dot_002.gif
Frame ID: C69FF30AAA0C17A9C66994DDFC752014
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
URL: https://ib.absa.co.za/absa-online/registration/?lang=en
Title: Registration
Title: Registration
Search URL Search Domain Scan URL
URL: http://www.absa.co.za/
Title: Absa home page
Title: Absa home page
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/content/dam/south-africa/absa/pdf/2018/tax-certificate-now-available-online.pdf
Title: 2018 Tax certificates now available online
Title: 2018 Tax certificates now available online
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/planned-maintenance/
Title: Planned Maintenance
Title: Planned Maintenance
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/media-centre/press-statements/absa-online-payments-issue-notice
Title: Inter-Bank Payment delay
Title: Inter-Bank Payment delay
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/security-centre/online-security
Title: Security enhancement
Title: Security enhancement
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/talk-to-us/
Title: Contact us
Title: Contact us
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/security-centre/online-security/
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/security-centre/tips-and-tools/scams
Title: Latest scams
Title: Latest scams
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/security-centre/tips-and-tools/antivirus-software
Title: Latest internet security software
Title: Latest internet security software
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/content/dam/south-africa/absa/pdf/legal/Terms-of-Use-en.pdf
Title: Terms of use
Title: Terms of use
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/legal-and-compliance/browser-requirements
Title: Software requirements
Title: Software requirements
Search URL Search Domain Scan URL
URL: https://www.absa.co.za/about-us/absa-bank/corporate-information
Title: Banking regulations
Title: Banking regulations
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
AbsaOnline.htm
envirotechindia.net/Absa%20OTP/secure/absa/ |
51 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
absa.css
envirotechindia.net/Absa%20OTP/secure/absa/css/ |
151 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
login.css
envirotechindia.net/Absa%20OTP/secure/absa/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jcaptcha.css
envirotechindia.net/Absa%20OTP/secure/absa/css/ |
1 KB 764 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
absajslogo.php
envirotechindia.net/Absa%20OTP/secure/absa/php/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ajax-loader-2.gif
envirotechindia.net/Absa%20OTP/secure/absa/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
absa-logo-2018.png
envirotechindia.net/Absa%20OTP/secure/absa/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ao-logo2.png
envirotechindia.net/Absa%20OTP/secure/absa/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dot_002.gif
envirotechindia.net/Absa%20OTP/secure/absa/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
locale_en.gif
envirotechindia.net/Absa%20OTP/secure/absa/images/ |
70 B 382 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
orange_banner_en_2.jpg
envirotechindia.net/Absa%20OTP/secure/absa/images/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
orange_banner_en_1.jpg
envirotechindia.net/Absa%20OTP/secure/absa/images/ |
44 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dot_002.gif
envirotechindia.net/Absa%20OTP/secure/absa/images/ Frame C69F |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
main-navigation-rounded-2018.gif
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sprite-titlebar-no-gradients-2018.png
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sprite-dividers.gif
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sprite-corners-rounded.png
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
gadget-bg.png
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
gadget-login-bg.png
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-questionmark-grey.png
envirotechindia.net/Absa%20OTP/secure/absa/static/style/resources/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
keypad-bg.gif
ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/keypad/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
key-button.gif
ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
keypad-backspace.png
ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
button.png
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
buttonArrowWhite.png
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sprite-icons-bar-status.png
ib.absa.co.za/absa-online/static/style/resources/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/main-navigation-rounded-2018.gif
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/sprite-titlebar-no-gradients-2018.png
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/sprite-dividers.gif
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/sprite-corners-rounded.png
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/gadget-bg.png
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/gadget-login-bg.png
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/keypad/keypad-bg.gif
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/key-button.gif
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/www.absa.co.za.2009.ui/resources/keypad-backspace.png
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/button.png
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/buttonArrowWhite.png
- Domain
- ib.absa.co.za
- URL
- https://ib.absa.co.za/absa-online/static/style/resources/sprite-icons-bar-status.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ABSA (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| checkPwd function| loginContinue2 function| onForm1Submit object| absa function| google string| siteURL0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
envirotechindia.net
ib.absa.co.za
ib.absa.co.za
103.108.220.11
2a00:1450:4001:809::200a
1475a83b0105a5ff5bbe381dc83916ba8c343a2a6d2fec9d52ae2d285a191344
3c243a2d63452b7a8392cdf93e637ec423b3241149831b2082283063d1e34413
3f596c191ddbe25572cfb3ace361b84724d6dd5ac3a486ed5cbbfde21865163f
4c526a8ac3b7f6304c22445b81f50b2614373ceb70bb200c1af33fdb7481f0e7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83
b2a69df0d82365bf7a07a5205972818c68d95aba64e13c42d6eaea8e534548f3
b6b693de4c17c014dad29abe5294359606104283674d45ee8348e9dc731ff540
b90e9d891c1b60bbb442d0c18a93bef607f0c49854a151e204bb66ca409ca1e4
bdeef2e16c3c26f27cb1607e9b5b4370b0907150d5fa5a9a1bca38901026d851
c66a747ea5c78d9a59e00f76f285ea5367ad6e9b5285f1aad18ec87572bf8ceb
e5bd1cfaace748c07f5c9bc61b20b721b87e82324ee0d57534b2b273e48bde44
fa22f0d8019602f6a0e614adc21c5ea838c141d566186e397737a8c917b2d641