URL: https://getway-secur.ml/abzzzz/ABS/index.html
Submission: On February 07 via automatic, source openphish

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 35 HTTP transactions. The main IP is 13.236.119.44, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is getway-secur.ml.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 6th 2019. Valid for: 3 months.
This is the only time getway-secur.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ABSA (Banking)

Domain & IP information

IP Address AS Autonomous System
3 13.236.119.44 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
17 107.180.50.176 26496 (AS-26496-...)
1 52.19.161.56 16509 (AMAZON-02)
9 169.202.9.74 14115 (AMALGAMAT...)
35 6
Domain Requested by
17 metamorphosisbook.com getway-secur.ml
9 ib.absa.co.za getway-secur.ml
3 getway-secur.ml getway-secur.ml
1 www.absa.co.za getway-secur.ml
1 ajax.googleapis.com getway-secur.ml
35 5

This site contains links to these domains. Also see Links.

Domain
www.absa.co.za
ib.absa.co.za
Subject Issuer Validity Valid
getway-secur.ml
cPanel, Inc. Certification Authority
2019-02-06 -
2019-05-07
3 months crt.sh
*.googleapis.com
Google Internet Authority G3
2019-01-23 -
2019-04-17
3 months crt.sh
metamorphosisbook.professionalwebsiteservices.com
metamorphosisbook.professionalwebsiteservices.com
2018-08-09 -
2019-08-09
a year crt.sh
www.absa.africa
DigiCert SHA2 Extended Validation Server CA
2018-06-22 -
2019-06-22
a year crt.sh
ib.absa.co.za
DigiCert SHA2 Extended Validation Server CA
2018-08-14 -
2019-07-04
a year crt.sh

This page contains 1 frames:

Primary Page: https://getway-secur.ml/abzzzz/ABS/index.html
Frame ID: 34428D3461C88ACA94B82F7C659F5D8F
Requests: 35 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

35
Requests

40 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

976 kB
Transfer

1018 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.html
getway-secur.ml/abzzzz/ABS/
54 KB
55 KB
Document
General
Full URL
https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.236.119.44 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-236-119-44.ap-southeast-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8326499a44ebb726d6ae512841a0054a9cbedd0fb3de0ab638aa7993d059632e

Request headers

Host
getway-secur.ml
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Feb 2019 15:23:32 GMT
Server
Apache
Last-Modified
Thu, 07 Feb 2019 13:38:33 GMT
Accept-Ranges
bytes
Content-Length
55785
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
1.css
getway-secur.ml/abzzzz/ABS/x/
33 KB
33 KB
Stylesheet
General
Full URL
https://getway-secur.ml/abzzzz/ABS/x/1.css
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.236.119.44 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-236-119-44.ap-southeast-2.compute.amazonaws.com
Software
Apache /
Resource Hash
cc6333150ca5184dbcd4b5a6300fc3b0db53105a9b6731a808ad98cc329fe771

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
getway-secur.ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://getway-secur.ml/abzzzz/ABS/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Feb 2019 15:23:33 GMT
Last-Modified
Fri, 20 Jul 2018 01:33:32 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
33925
2.css
getway-secur.ml/abzzzz/ABS/x/
832 KB
832 KB
Stylesheet
General
Full URL
https://getway-secur.ml/abzzzz/ABS/x/2.css
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.236.119.44 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-13-236-119-44.ap-southeast-2.compute.amazonaws.com
Software
Apache /
Resource Hash
78b836742e74b1b10eb26e8e7994c952cc9e19b2c9c8f3c4b56b6bd8db156b66

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
getway-secur.ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://getway-secur.ml/abzzzz/ABS/index.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Feb 2019 15:23:33 GMT
Last-Modified
Fri, 20 Jul 2018 01:35:10 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
851545
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 05 Feb 2019 06:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203912
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
33951
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2020 06:45:00 GMT
primary-logo_rebranded.png
metamorphosisbook.com/a/images/
0
544 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/primary-logo_rebranded.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

ao-logo2.png
metamorphosisbook.com/a/images/
0
530 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/ao-logo2.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

spinner_icons_v1.png
metamorphosisbook.com/a/images/
0
538 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/spinner_icons_v1.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

dialog_titlebar_icons_v1.png
metamorphosisbook.com/a/images/
0
546 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/dialog_titlebar_icons_v1.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

home_menu_icons_v4.png
metamorphosisbook.com/a/images/
0
540 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/home_menu_icons_v4.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

sprite-titlebar-gradients.png
metamorphosisbook.com/a/images/
0
547 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/sprite-titlebar-gradients.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

accounts_overview_flap_white.png
metamorphosisbook.com/a/images/
0
550 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/accounts_overview_flap_white.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

divider_horiz_blue_diagonal.png
metamorphosisbook.com/a/images/
0
549 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/divider_horiz_blue_diagonal.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_home_normal.png
metamorphosisbook.com/a/images/
0
537 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/icn_home_normal.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

divider_globalnav_vertical.png
metamorphosisbook.com/a/images/
0
548 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/divider_globalnav_vertical.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_globalnav_settings.png
metamorphosisbook.com/a/images/
0
544 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/icn_globalnav_settings.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_globalnav_charges.png
metamorphosisbook.com/a/images/
0
543 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/icn_globalnav_charges.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_globalnav_print.png
metamorphosisbook.com/a/images/
0
541 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/icn_globalnav_print.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_globalnav_help_normal.png
metamorphosisbook.com/a/images/
0
547 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/icn_globalnav_help_normal.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_globalnav_help_circle.png
metamorphosisbook.com/a/images/
0
547 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/icn_globalnav_help_circle.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_dropdown_arrow_normal.png
metamorphosisbook.com/a/images/
0
547 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/icn_dropdown_arrow_normal.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

stamp_final_sprite_1.png
metamorphosisbook.com/a/images/
0
542 B
Image
General
Full URL
https://metamorphosisbook.com/a/images/stamp_final_sprite_1.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.50.176 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-107-180-50-176.ip.secureserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

absa-logo-round.svg
www.absa.co.za/content/dam/south-africa/absa/Iconography/
2 KB
2 KB
Image
General
Full URL
https://www.absa.co.za/content/dam/south-africa/absa/Iconography/absa-logo-round.svg
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.161.56 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-19-161-56.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7f01ec136a7fa331aaaebc75492f4053dca65ae30d1956c9ade764b80573dffd
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' api.salemove.com api.salemove.eu ui.customsearch.ai analytics.twitter.com assets.adobedtm.com connect.facebook.net static.ads-twitter.com www.googleadservices.com maps.googleapis.com cdn.tt.omtrdc.net absa.tt.omtrdc.net www.google.com www.gstatic.com analytics.analytics-egain.com abdemo.egain.cloud absablog-dev.disqus.com absablog-sit.disqus.com absablog-uat.disqus.com absablog-prod.disqus.com ajax.googleapis.com platform.twitter.com platform.linkedin.com assets.pinterest.com c.disquscdn.com disqus.com secure.rating-widget.com log.pinterest.com rating-widget.com s.ytimg.com www.youtube.com youtube.com esb.ext.api.uat.absa.co.za client.crisp.chat googleads.g.doubleclick.net www.google.co.za www.google.pl dsp-aud.eskimi.com dsp.eskimi.com dsp-pix.eskimi.com dsp-media.eskimi.com cdn.syndication.twimg.com cse.google.com api-iam.intercom.io api.salemove.eu app.salemove.eu asset-proxy.salemove.eu assets.salemove.eu chunderw-gll.twilio.com chunderw-vpc-gll.twilio.com client-logger.salemove.eu eventgw.twilio.com fonts.googleapis.com fonts.gstatic.com io.salemove.eu js.intercomcdn.com kluster.ws.salemove.eu libs.salemove.com maps.googleapis.com maps.gstatic.com media.twiliocdn.com nexus-websocket-a.intercom.io nexus-websocket-b.intercom.io s3-eu-west-1.amazonaws.com s3.amazonaws.com uplot.salemove.eu widget.intercom.io googletagmanager.com www.googletagmanager.com js-agent.newrelic.com bam.nr-data.net c.la1-c2cs-frf.salesforceliveagent.com d.la1-c2cs-frf.salesforceliveagent.com c.la1-c2-par.salesforceliveagent.com d.la1-c2-par.salesforceliveagent.com fls.doubleclick.net tt.mbww.com pixel.mathtag.com
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Feb 2019 15:23:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=2592000; includeSubDomains
content-length
809
x-xss-protection
1; mode=block
x-request-id
XFxNdn8AAQEAAGw6C1AAAAFV
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Jul 2018 03:48:16 GMT
server
Apache
x-frame-options
SAMEORIGIN
etag
"a0189-72f-570b11de07c8f"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' api.salemove.com api.salemove.eu ui.customsearch.ai analytics.twitter.com assets.adobedtm.com connect.facebook.net static.ads-twitter.com www.googleadservices.com maps.googleapis.com cdn.tt.omtrdc.net absa.tt.omtrdc.net www.google.com www.gstatic.com analytics.analytics-egain.com abdemo.egain.cloud absablog-dev.disqus.com absablog-sit.disqus.com absablog-uat.disqus.com absablog-prod.disqus.com ajax.googleapis.com platform.twitter.com platform.linkedin.com assets.pinterest.com c.disquscdn.com disqus.com secure.rating-widget.com log.pinterest.com rating-widget.com s.ytimg.com www.youtube.com youtube.com esb.ext.api.uat.absa.co.za client.crisp.chat googleads.g.doubleclick.net www.google.co.za www.google.pl dsp-aud.eskimi.com dsp.eskimi.com dsp-pix.eskimi.com dsp-media.eskimi.com cdn.syndication.twimg.com cse.google.com api-iam.intercom.io api.salemove.eu app.salemove.eu asset-proxy.salemove.eu assets.salemove.eu chunderw-gll.twilio.com chunderw-vpc-gll.twilio.com client-logger.salemove.eu eventgw.twilio.com fonts.googleapis.com fonts.gstatic.com io.salemove.eu js.intercomcdn.com kluster.ws.salemove.eu libs.salemove.com maps.googleapis.com maps.gstatic.com media.twiliocdn.com nexus-websocket-a.intercom.io nexus-websocket-b.intercom.io s3-eu-west-1.amazonaws.com s3.amazonaws.com uplot.salemove.eu widget.intercom.io googletagmanager.com www.googletagmanager.com js-agent.newrelic.com bam.nr-data.net c.la1-c2cs-frf.salesforceliveagent.com d.la1-c2cs-frf.salesforceliveagent.com c.la1-c2-par.salesforceliveagent.com d.la1-c2-par.salesforceliveagent.com fls.doubleclick.net tt.mbww.com pixel.mathtag.com
accept-ranges
bytes
slim-main-navigation-rounded.png
ib.absa.co.za/axob/xwc/img/brand/absa/
0
1 KB
Image
General
Full URL
https://ib.absa.co.za/axob/xwc/img/brand/absa/slim-main-navigation-rounded.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

sprite-titlebar-gradients.png
ib.absa.co.za/absa-online/static/style/resources/
1 KB
2 KB
Image
General
Full URL
https://ib.absa.co.za/absa-online/static/style/resources/sprite-titlebar-gradients.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/
Resource Hash
a7902e7c7dc16d24f3264a729c92296dd7ec59231a38d539d70d4a36f9c3912a

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Feb 2019 15:21:08 GMT
Last-Modified
Fri, 25 Jan 2019 11:41:50 GMT
Content-Language
en-US
Cache-Control
max-age=2678400
Connection
Keep-Alive
Content-Type
image/png
Keep-Alive
timeout=10, max=20
Content-Length
1411
Expires
Sun, 10 Mar 2019 15:21:08 GMT
sprite-dividers.gif
ib.absa.co.za/axob/xwc/img/brand/absa/
0
1 KB
Image
General
Full URL
https://ib.absa.co.za/axob/xwc/img/brand/absa/sprite-dividers.gif
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_home_normal.png
ib.absa.co.za/axob/xwc/img/brand/absa/
0
1 KB
Image
General
Full URL
https://ib.absa.co.za/axob/xwc/img/brand/absa/icn_home_normal.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

divider_globalnav_vertical.png
ib.absa.co.za/axob/xwc/img/
0
1 KB
Image
General
Full URL
https://ib.absa.co.za/axob/xwc/img/divider_globalnav_vertical.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_globalnav_charges.png
ib.absa.co.za/axob/xwc/img/
0
1 KB
Image
General
Full URL
https://ib.absa.co.za/axob/xwc/img/icn_globalnav_charges.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_globalnav_help_normal.png
ib.absa.co.za/axob/xwc/img/
0
1 KB
Image
General
Full URL
https://ib.absa.co.za/axob/xwc/img/icn_globalnav_help_normal.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

icn_globalnav_help_circle.png
ib.absa.co.za/axob/xwc/img/
526 B
1 KB
Image
General
Full URL
https://ib.absa.co.za/axob/xwc/img/icn_globalnav_help_circle.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/ Servlet/3.0
Resource Hash
643376f42fd7d016fb1de011efda5eef044ec0b06640e5f551feca50839d7902

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Feb 2019 15:21:08 GMT
Last-Modified
Fri, 07 Dec 2018 08:34:06 GMT
X-Powered-By
Servlet/3.0
Content-Language
en-US
x-wily-info
Clear guid=C88CEED71691E57713BF92DF81891652
Cache-Control
max-age=31536000
Connection
Keep-Alive
Content-Type
image/png
Keep-Alive
timeout=10, max=20
Content-Length
526
x-wily-servlet
Encrypt1 4BlWhfqalkV3f0/h7XcxSg7gJNNCZKhZtX5B+jqvTmy3O6Z2+9xYqeWdZOmhkLewjt7R9090/zL+VCcIjp1PnSrUfphEqgIuBDAldw7stj1LRFokhhmr4SsD63tqzVy4bIyD1j7K8enRtIjpuD3LV08Aglirs10os8rakBEMtnkCLBGqwMSJfgW1GOuiN8Gq/J91V9a62Nh3ieM2jd604G9ve+2fwrvQAvKfT/hSDrotjstjPPJ9QNc5ZPvCr8UC
icn_prod_warning.png
ib.absa.co.za/axob/xwc/img/brand/absa/
0
1 KB
Image
General
Full URL
https://ib.absa.co.za/axob/xwc/img/brand/absa/icn_prod_warning.png
Requested by
Host: getway-secur.ml
URL: https://getway-secur.ml/abzzzz/ABS/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS
ib.absa.co.za
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getway-secur.ml/abzzzz/ABS/x/2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expert_sans_regular-webfont.woff
metamorphosisbook.com/a/fonts/
0
0

expert_sans_light-webfont.woff
metamorphosisbook.com/a/fonts/
0
0

expert_sans_regular-webfont.ttf
metamorphosisbook.com/a/fonts/
0
0

expert_sans_light-webfont.ttf
metamorphosisbook.com/a/fonts/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
metamorphosisbook.com
URL
https://metamorphosisbook.com/a/fonts/expert_sans_regular-webfont.woff
Domain
metamorphosisbook.com
URL
https://metamorphosisbook.com/a/fonts/expert_sans_light-webfont.woff
Domain
metamorphosisbook.com
URL
https://metamorphosisbook.com/a/fonts/expert_sans_regular-webfont.ttf
Domain
metamorphosisbook.com
URL
https://metamorphosisbook.com/a/fonts/expert_sans_light-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ABSA (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| dateFormat string| currentLanguage string| siteURL function| startTimer function| startTimer1 function| startTimerInfinite function| showmodalWindowInfinite function| onForm2Submit function| onForm1Submit object| nowDateTime

0 Cookies