www.bnk.1b.asbnz.info Open in urlscan Pro
199.255.138.88 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bnk.1b.asbnz.info/netter4147/asb/
Submission: On May 17 via automatic, source phishtank (May 17th 2018, 1:47:16 am UTC)

Summary HTTP 13 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 199.255.138.88, located in India and belongs to DACEN-2 - Centrilogic, Inc., US. The main domain is www.bnk.1b.asbnz.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 16th 2018. Valid for: 3 months.

This is the only time www.bnk.1b.asbnz.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ASB Bank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
13	199.255.138.88 199.255.138.88		31863 (DACEN-2) (DACEN-2 - Centrilogic)
13	1

13 199.255.138.88 (India)

ASN31863 (DACEN-2 - Centrilogic, Inc., US)
PTR: serv3.diemould.info

www.bnk.1b.asbnz.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	asbnz.info www.bnk.1b.asbnz.info	197 KB
13	1

	Domain	Requested by
13	www.bnk.1b.asbnz.info	www.bnk.1b.asbnz.info
13	1

This site contains links to these domains. Also see Links.

Domain
www.asb.co.nz

Subject Issuer	Validity	Valid
www.ib.bnk.asbnz.info Let's Encrypt Authority X3	`2018-05-16` - `2018-08-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.bnk.1b.asbnz.info/netter4147/asb/
Frame ID: 0334332F8C657784C78AFC279F0C824D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
env /^Modernizr$/i

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /underscore.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

197 kB
Transfer

204 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.asb.co.nz/
Title:

Search URL Search Domain Scan URL

URL: https://www.asb.co.nz/bank-accounts/joining-asb.html
Title: Join ASB

Search URL Search Domain Scan URL

URL: https://www.asb.co.nz/documents/banking-with-asb/fastnet-classic-terms-and-conditions.html
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.asb.co.nz/security
Title: About Security

Search URL Search Domain Scan URL

URL: https://www.asb.co.nz/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.asb.co.nz/documents/banking-with-asb/internet-access-terms-and-conditions.html
Title: Internet Access Terms

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.bnk.1b.asbnz.info/netter4147/asb/	15 KB 5 KB	549ms 210ms	Document text/html	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `3d2b89a833b79f50ed44cdcc2543be96a7f85629c7a34c61b8456c42a8f40c63` Request headers Host www.bnk.1b.asbnz.info Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 0334332F8C657784C78AFC279F0C824D Response headers Server nginx/1.2.1 Date Thu, 17 May 2018 01:51:52 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip
GET H/1.1	200 OK	screen.min.css www.bnk.1b.asbnz.info/netter4147/asb/files/	17 KB 18 KB	321ms 319ms	Stylesheet text/css	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/screen.min.css?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `df278401d7c83ecd9cbd213cc5b04b9eacecb5d30e3854f75a2fb1623134f3eb` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,/;q=0.1 Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:52 GMT Last-Modified Sun, 13 May 2018 17:04:11 GMT Server nginx/1.2.1 ETag "5af8700b-455f" Content-Type text/css Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 17759 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	modernizr-2.7.1.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	17 KB 17 KB	527ms 312ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/modernizr-2.7.1.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `ab514cb7bf1038d174499ce42942ba1d9098562df8b96cadd11b57cdabf8708c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:52 GMT Last-Modified Sun, 13 May 2018 13:12:12 GMT Server nginx/1.2.1 ETag "5af839ac-42f7" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 17143 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	json2.min.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	3 KB 4 KB	390ms 174ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/json2.min.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `ae53b8317e54a9e60cded2b876fa42538391c5d782b908995d5d54940f534ce5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:52 GMT Last-Modified Sun, 13 May 2018 13:12:25 GMT Server nginx/1.2.1 ETag "5af839b9-d97" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 3479 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	sha1.min.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	5 KB 5 KB	396ms 176ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/sha1.min.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `10b33fdad14719c081f524e492199133dab898e40a5da5a393df1a3b9a3d0633` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:52 GMT Last-Modified Sun, 13 May 2018 13:12:47 GMT Server nginx/1.2.1 ETag "5af839cf-1240" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 4672 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	jquery-1.11.0.min.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	94 KB 94 KB	540ms 319ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/jquery-1.11.0.min.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:52 GMT Last-Modified Sun, 13 May 2018 13:13:45 GMT Server nginx/1.2.1 ETag "5af83a09-1787d" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 96381 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	PopupManager.min.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	4 KB 5 KB	408ms 180ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/PopupManager.min.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `bce31cd5fcf9edb3c13f68c8270e8dd6181b0dcb12143342a0e55bcf805fc92d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:52 GMT Last-Modified Sun, 13 May 2018 13:13:17 GMT Server nginx/1.2.1 ETag "5af839ed-10db" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 4315 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	custFontSize.min.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	986 B 1 KB	497ms 176ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/custFontSize.min.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `3a79180eacf1e553ebb962ece4941f267a92abdbe98c69c151afdffbb9f08e32` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:52 GMT Last-Modified Sun, 13 May 2018 13:13:28 GMT Server nginx/1.2.1 ETag "5af839f8-3da" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 986 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	underscore-min.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	16 KB 16 KB	704ms 314ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/underscore-min.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:52 GMT Last-Modified Sun, 13 May 2018 13:14:07 GMT Server nginx/1.2.1 ETag "5af83a1f-401a" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 16410 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	logo-asb.png www.bnk.1b.asbnz.info/netter4147/asb/files/	6 KB 6 KB	177ms 177ms	Image image/png	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Show image Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/logo-asb.png Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `e315f2355d6b4b81b7d76ceead1530b04c38d85d3684f3a8cc9db79688464ea2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://www.bnk.1b.asbnz.info/netter4147/asb/ Cookie IV_JCT=%2Fauth Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:53 GMT Last-Modified Sun, 13 May 2018 13:15:52 GMT Server nginx/1.2.1 ETag "5af83a88-179e" Content-Type image/png Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 6046 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	loginBody.min.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	3 KB 3 KB	174ms 173ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/loginBody.min.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `504f09636d122b21c1d2b12792e43dcacb2e757bbcf7831ddfd9725e80ffc2a8` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:53 GMT Last-Modified Sun, 13 May 2018 13:16:34 GMT Server nginx/1.2.1 ETag "5af83ab2-bde" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 3038 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	p.min.js Show response www.bnk.1b.asbnz.info/netter4147/asb/files/	2 KB 2 KB	175ms 174ms	Script application/javascript	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/p.min.js?v=1.0.5.6 Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `d0f9fcead3b420bf003b420818181a7428accd2d7c2340297c3a03135f19d4d4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:53 GMT Last-Modified Sun, 13 May 2018 13:16:50 GMT Server nginx/1.2.1 ETag "5af83ac2-64b" Content-Type application/javascript Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 1611 Expires Fri, 01 Jun 2018 01:47:05 GMT
GET H/1.1	200 OK	I-AM-SSO-icons-sprite.png www.bnk.1b.asbnz.info/netter4147/asb/files/	21 KB 21 KB	313ms 313ms	Image image/png	199.255.138.88 Centrilogic
General Check archive.org Show headers Download Go to Show image Full URL https://www.bnk.1b.asbnz.info/netter4147/asb/files/I-AM-SSO-icons-sprite.png Requested by Host: www.bnk.1b.asbnz.info URL: https://www.bnk.1b.asbnz.info/netter4147/asb/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.255.138.88 , India, ASN31863 (DACEN-2 - Centrilogic, Inc., US), Reverse DNS serv3.diemould.info Software nginx/1.2.1 / Resource Hash `92fb342fe80c3213c3e49dc9b4b566ff4aec31e4dafb4dba0e5628dc7f2c8ab6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.bnk.1b.asbnz.info User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://www.bnk.1b.asbnz.info/netter4147/asb/files/screen.min.css?v=1.0.5.6 Cookie IV_JCT=%2Fauth Connection keep-alive Cache-Control no-cache Referer https://www.bnk.1b.asbnz.info/netter4147/asb/files/screen.min.css?v=1.0.5.6 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Thu, 17 May 2018 01:51:53 GMT Last-Modified Sun, 13 May 2018 16:48:26 GMT Server nginx/1.2.1 ETag "5af86c5a-5435" Content-Type image/png Cache-Control max-age=1296000 Connection keep-alive Accept-Ranges bytes Content-Length 21557 Expires Fri, 01 Jun 2018 01:47:05 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ASB Bank (Banking)

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.bnk.1b.asbnz.info/	1969-12-31 23:59:59	Name: IV_JCT Value: %2Fauth

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.bnk.1b.asbnz.info
199.255.138.88
10b33fdad14719c081f524e492199133dab898e40a5da5a393df1a3b9a3d0633
3a79180eacf1e553ebb962ece4941f267a92abdbe98c69c151afdffbb9f08e32
3d2b89a833b79f50ed44cdcc2543be96a7f85629c7a34c61b8456c42a8f40c63
4f5b2528815d8b1cd9b68b1a4bb1fe689696f8dcbc2c4a5104343b886ee68828
504f09636d122b21c1d2b12792e43dcacb2e757bbcf7831ddfd9725e80ffc2a8
92fb342fe80c3213c3e49dc9b4b566ff4aec31e4dafb4dba0e5628dc7f2c8ab6
ab514cb7bf1038d174499ce42942ba1d9098562df8b96cadd11b57cdabf8708c
ae53b8317e54a9e60cded2b876fa42538391c5d782b908995d5d54940f534ce5
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bce31cd5fcf9edb3c13f68c8270e8dd6181b0dcb12143342a0e55bcf805fc92d
d0f9fcead3b420bf003b420818181a7428accd2d7c2340297c3a03135f19d4d4
df278401d7c83ecd9cbd213cc5b04b9eacecb5d30e3854f75a2fb1623134f3eb
e315f2355d6b4b81b7d76ceead1530b04c38d85d3684f3a8cc9db79688464ea2

www.bnk.1b.asbnz.info Open in urlscan Pro 199.255.138.88 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

197 kBTransfer

204 kBSize

1 Cookies

6 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

44 JavaScript Global Variables

1 Cookies

Indicators

www.bnk.1b.asbnz.info Open in urlscan Pro
199.255.138.88 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

197 kB
Transfer

204 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!