hamdnews.ir Open in urlscan Pro
130.185.76.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hamdnews.ir/rbs.mein/sc.php
Submission: On December 04 via manual (December 4th 2017, 7:16:48 am UTC) from ZA

Summary HTTP 24 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 24 HTTP transactions. The main IP is 130.185.76.55, located in Iran, Islamic Republic Of and belongs to TEBYAN, IR. The main domain is hamdnews.ir.

This is the only time hamdnews.ir was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ABSA (Banking)

Domain & IP information

	IP Address	AS Autonomous System
4	130.185.76.55 130.185.76.55	48434 (TEBYAN) (TEBYAN)
2 22	169.202.9.74 169.202.9.74	14115 (AMALGAMAT...) (AMALGAMATED-BSA)
24	2

4 130.185.76.55 (Iran, Islamic Republic Of)

ASN48434 (TEBYAN, IR)

hamdnews.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 169.202.9.74 (Johannesburg, South Africa) 2 redirects

ASN14115 (AMALGAMATED-BSA, ZA)
PTR: ib.absa.co.za

ib.absa.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	absa.co.za 2 redirects ib.absa.co.za	153 KB
4	hamdnews.ir hamdnews.ir	159 KB
24	2

	Domain	Requested by
22	ib.absa.co.za	2 redirects hamdnews.ir
4	hamdnews.ir	hamdnews.ir
24	2

This site contains links to these domains. Also see Links.

Domain
www.absa.co.za

Subject Issuer	Validity	Valid
ib.absa.co.za Symantec Class 3 EV SSL CA - G3	`2017-07-03` - `2019-07-04`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://hamdnews.ir/rbs.mein/sc.php
Frame ID: 5322.1
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

24
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

310 kB
Transfer

1253 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.absa.co.za/Absacoza/Contact-Us
Title: Contact us

Search URL Search Domain Scan URL

URL: http://www.absa.co.za/Absacoza/Individual/Ways-to-Bank/Anytime%2C-Anywhere/Absa-Online
Title: Help

Search URL Search Domain Scan URL

URL: https://www.absa.co.za/about-us/absa-bank/corporate-information
Title: Banking regulations

Search URL Search Domain Scan URL

URL: https://www.absa.co.za/legal-and-compliance/browser-requirements
Title: Browser requirements

Search URL Search Domain Scan URL

URL: https://www.absa.co.za/security-centre/online-security
Title: Security centre

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://ib.absa.co.za/absa-online/gadgets/accountsBalance/accountsBalanceAll.js HTTP 302
https://ib.absa.co.za/absa-online/login.jsp

Request Chain 9

https://ib.absa.co.za/absa-online/gadgets/offers/avaf/avafAll.js HTTP 302
https://ib.absa.co.za/absa-online/login.jsp

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request sc.php Show response
hamdnews.ir/rbs.mein/ 750 KB
131 KB 186ms
98ms Document
text/html 130.185.76.55
TEBYAN

General

Check archive.org

Show headers Download Go to

Full URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Server: 130.185.76.55 , Iran, Islamic Republic Of, ASN48434 (TEBYAN, IR),
Reverse DNS
Software: Apache/2 / PHP/5.6.31
Resource Hash: 66ba323e2dbbeefed9275ef19c0d4d4737e4bda6008491f5e3e0f74e74688b78

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hamdnews.ir
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:35 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.31
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100

GET
H/1.1 200
OK absa.css
ib.absa.co.za/absa-online/static/style/ 124 KB
19 KB 1176ms
398ms Stylesheet
text/css 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: a56cbd15aa500313a40cf20fd472c4de783128acec6d52a60732897894c19e6e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Vary: Accept-Encoding,User-Agent
Content-Language: en-US
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=10, max=20
Expires: Thu, 04 Jan 2018 07:16:00 GMT

GET
H/1.1 200
OK index.css
ib.absa.co.za/absa-online/static/style/ 3 KB
850 B 983ms
202ms Stylesheet
text/css 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.absa.co.za/absa-online/static/style/index.css?v=0.1.0-2016-11-23-09-22-51
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 5b9db4c47bdc5b00eb3c51c9569fb603e5e2872f00b0e5a93f853d679711baa2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Vary: Accept-Encoding,User-Agent
Content-Language: en-US
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=10, max=20
Expires: Thu, 04 Jan 2018 07:16:00 GMT

GET
H/1.1 200
OK index.js Show response
ib.absa.co.za/absa-online/static/script/ 113 KB
20 KB 1107ms
407ms Script
application/x-javascript 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.absa.co.za/absa-online/static/script/index.js?v=0.1.0-2016-11-23-09-22-51
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: c8540544d992e1953e8096e882f6339b80791b7ef6605ace0f53b5bc007151f3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Vary: Accept-Encoding,User-Agent
Content-Language: en-US
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=10, max=20
Expires: Thu, 04 Jan 2018 07:16:00 GMT

GET
H/1.1 200
OK creditCardAll.js Show response
ib.absa.co.za/absa-online/gadgets/offers/creditCard/ 3 KB
1 KB 769ms
190ms Script
application/x-javascript 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.absa.co.za/absa-online/gadgets/offers/creditCard/creditCardAll.js
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 7cb330426b9714e0e2c19f672ff0d24eb1a41aaa324994c2c03bd59e86565686

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Nov 2017 12:32:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Language: en-US
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=10, max=20
Expires: Thu, 04 Jan 2018 07:16:00 GMT

GET
H/1.1 200
OK jquery.js Show response
hamdnews.ir/rbs.mein/includes/ 84 KB
28 KB 190ms
105ms Script
application/javascript 130.185.76.55
TEBYAN

General

Check archive.org

Show headers Download Go to

Full URL: http://hamdnews.ir/rbs.mein/includes/jquery.js
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Server: 130.185.76.55 , Iran, Islamic Republic Of, ASN48434 (TEBYAN, IR),
Reverse DNS
Software: Apache/2 /
Resource Hash: 873d485e77b9cec299b74e1e27db059fd36db0963cd3a783901c39c100491d1e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hamdnews.ir
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2017 09:08:18 GMT
Server: Apache/2
ETag: "14f58-55f43b5a60830-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 28765

GET
H/1.1 200
OK ajax-loader-2.gif
ib.absa.co.za/absa-online/static/style/resources/ 3 KB
3 KB 187ms
187ms Image
image/gif 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/ajax-loader-2.gif
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: b6b693de4c17c014dad29abe5294359606104283674d45ee8348e9dc731ff540

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=10, max=19
Content-Length: 3208
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK absa-logo.png
ib.absa.co.za/absa-online/static/style/resources/ 1 KB
1 KB 186ms
186ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/absa-logo.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 5270d1e68e98cfb0e1fceb021ff3f134293994a7800c36920186137e4b98e0f2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=19
Content-Length: 1404
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK ao-logo-business.png
ib.absa.co.za/absa-online/static/style/resources/ 9 KB
9 KB 748ms
190ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/ao-logo-business.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: dac46568479beb4fcf633d2b6b7a53b0bbd42d5cf2b30af82fa0d4d67a60bae1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=19
Content-Length: 9487
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1

200
OK

https://ib.absa.co.za/absa-online/gadgets/accountsBalance/accountsBalanceAll.js
https://ib.absa.co.za/absa-online/login.jsp

43 KB
9 KB

457ms
201ms

Script
text/html

169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.absa.co.za/absa-online/login.jsp

Requested by

Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),

Reverse DNS

ib.absa.co.za

Software

Resource Hash

cfe16ed668c698723efefec0fe08b711f25d4cc2347b1fb64c5666e76a822886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://hamdnews.ir/rbs.mein/sc.php
Cookie: anonymousUserId=a42c4d11-aefa-44c2-9bba-3d94d7bdc626; JSESSIONID=0000QSmYwCkMqts6qV-74w9xnNR:1667cplcs
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 07:16:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN
Logon-Jsp: /absa-online/login.jsp
Content-Language: en-US
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html;charset=ISO-8859-1
Keep-Alive: timeout=10, max=19
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Content-Language: en-US
Location: https://ib.absa.co.za/absa-online/login.jsp
Set-Cookie: WFPT=5a3609ba9915789b760; Expires=Tue, 16-Jun-65 09:56:36 GMT; Domain=.absa.co.za; Secure _nw=y; Expires=Tue, 16-Jun-65 09:56:36 GMT; Domain=.absa.co.za; Secure anonymousUserId=a42c4d11-aefa-44c2-9bba-3d94d7bdc626; Expires=Sun, 25-Nov-18 07:16:36 GMT; Path=/absa-online JSESSIONID=0000QSmYwCkMqts6qV-74w9xnNR:1667cplcs; HTTPOnly; Path=/absa-online; Domain=absa.co.za; Secure
Cache-Control: no-cache="set-cookie, set-cookie2"
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=10, max=19
Content-Length: 20
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

https://ib.absa.co.za/absa-online/gadgets/offers/avaf/avafAll.js
https://ib.absa.co.za/absa-online/login.jsp

43 KB
9 KB

380ms
195ms

Script
text/html

169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.absa.co.za/absa-online/login.jsp

Requested by

Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),

Reverse DNS

ib.absa.co.za

Software

Resource Hash

c954b11af7eaeb2e7f427b396aff8e0319ab7e539ef4b4d0354625f7609c8844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: */*
Referer: http://hamdnews.ir/rbs.mein/sc.php
Cookie: anonymousUserId=464b66d5-85dc-4314-84b6-5fb5cae6ef64; JSESSIONID=0000iOIbZtJ1cngfcTcJ7nr1mdf:16lkce2mr
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 07:16:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
X-Frame-Options: SAMEORIGIN
Logon-Jsp: /absa-online/login.jsp
Content-Language: en-US
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: Keep-Alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html;charset=ISO-8859-1
Keep-Alive: timeout=10, max=17
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Content-Language: en-US
Location: https://ib.absa.co.za/absa-online/login.jsp
Set-Cookie: WFPT=880847bd35b4520fd00; Expires=Tue, 16-Jun-65 09:56:36 GMT; Domain=.absa.co.za; Secure _nw=y; Expires=Tue, 16-Jun-65 09:56:36 GMT; Domain=.absa.co.za; Secure anonymousUserId=464b66d5-85dc-4314-84b6-5fb5cae6ef64; Expires=Sun, 25-Nov-18 07:16:36 GMT; Path=/absa-online JSESSIONID=0000iOIbZtJ1cngfcTcJ7nr1mdf:16lkce2mr; HTTPOnly; Path=/absa-online; Domain=absa.co.za; Secure
Cache-Control: no-cache="set-cookie, set-cookie2"
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=10, max=19
Content-Length: 20
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK barclays_logo.gif
ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absacoza%20Theme/pics/footer/ 1 KB
1 KB 748ms
189ms Image
image/gif 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absacoza%20Theme/pics/footer/barclays_logo.gif

Requested by

Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),

Reverse DNS

ib.absa.co.za

Software

Resource Hash

8ff7cdb6573e122fe3c0671e907fbedb185afc2b83157fb8142776b1907f5512

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 07:16:01 GMT
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=10, max=17
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found docHandlerBrowsers.jpg
hamdnews.ir/rbs.mein/static/style/resources/ 0
0 318ms
318ms Image
text/html 130.185.76.55
TEBYAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hamdnews.ir/rbs.mein/static/style/resources/docHandlerBrowsers.jpg
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Server: 130.185.76.55 , Iran, Islamic Republic Of, ASN48434 (TEBYAN, IR),
Reverse DNS
Software: Apache/2 / PHP/5.6.31
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hamdnews.ir
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:36 GMT
Server: Apache/2
X-Powered-By: PHP/5.6.31
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://hamdnews.ir/wp-json/>; rel="https://api.w.org/"
Content-Length: 0
Keep-Alive: timeout=2, max=98
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 404
Not Found intercept_en.jpg
hamdnews.ir/rbs.mein/static/style/resources/ 0
0 323ms
322ms Image
text/html 130.185.76.55
TEBYAN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hamdnews.ir/rbs.mein/static/style/resources/intercept_en.jpg
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Server: 130.185.76.55 , Iran, Islamic Republic Of, ASN48434 (TEBYAN, IR),
Reverse DNS
Software: Apache/2 / PHP/5.6.31
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: hamdnews.ir
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hamdnews.ir/rbs.mein/sc.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:36 GMT
Server: Apache/2
X-Powered-By: PHP/5.6.31
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://hamdnews.ir/wp-json/>; rel="https://api.w.org/"
Content-Length: 0
Keep-Alive: timeout=2, max=100
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK fica_warning_sign.jpg
ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/Images/ 16 KB
16 KB 193ms
193ms Image
image/jpeg 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.absa.co.za/absa-online/assets/Assets/Richmedia/Absaonline/Images/fica_warning_sign.jpg

Requested by

Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),

Reverse DNS

ib.absa.co.za

Software

Resource Hash

5bf44d8fdfaae148a1ebc827f977596bda78716e21d56b801fc917b3fd1b4b06

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://hamdnews.ir/rbs.mein/sc.php
Cookie: anonymousUserId=464b66d5-85dc-4314-84b6-5fb5cae6ef64; JSESSIONID=0000iOIbZtJ1cngfcTcJ7nr1mdf:16lkce2mr
Connection: keep-alive
Cache-Control: no-cache
Referer: http://hamdnews.ir/rbs.mein/sc.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Dec 2017 07:16:01 GMT
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: image/jpeg
Keep-Alive: timeout=10, max=16
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK main-navigation-rounded.gif
ib.absa.co.za/absa-online/static/style/resources/ 1 KB
1 KB 359ms
185ms Image
image/gif 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/main-navigation-rounded.gif
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 24404e867baeafcf594a7a46ddd3e8b271f0d797df9879a1ac0d6a743f875189

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=10, max=20
Content-Length: 1420
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK sprite-titlebar-gradients.png
ib.absa.co.za/absa-online/static/style/resources/ 1 KB
1 KB 292ms
189ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/sprite-titlebar-gradients.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: a7902e7c7dc16d24f3264a729c92296dd7ec59231a38d539d70d4a36f9c3912a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=18
Content-Length: 1411
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK sprite-dividers.gif
ib.absa.co.za/absa-online/static/style/resources/ 289 B
289 B 359ms
185ms Image
image/gif 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/sprite-dividers.gif
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: c27aee2360a4554999091c3f4acbe28c3e0badb1484d2aee914e1d8b4f7ace1f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=10, max=18
Content-Length: 289
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK sprite-corners-rounded.png
ib.absa.co.za/absa-online/static/style/resources/ 246 B
246 B 518ms
185ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/sprite-corners-rounded.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 6a1423dcdc9a531df9d5dfc5a1ea720eec868eda0a56e1580a0c71c69e79b8fe

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=20
Content-Length: 246
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK icons-sprite.png
ib.absa.co.za/absa-online/static/style/resources/ 30 KB
30 KB 454ms
187ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/icons-sprite.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 9994854a09119b66ae82cad220f3db33544c19fe41aa6f97519a848f8043fa26

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=17
Content-Length: 30764
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK tabs-separator.png
ib.absa.co.za/absa-online/static/style/resources/ 146 B
146 B 335ms
185ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/tabs-separator.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: f7b1e8fc81fbc88509730058bb71581af17950b9c4e7dd6d08af75fbe7a15016

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=18
Content-Length: 146
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK gadget-bg.png
ib.absa.co.za/absa-online/static/style/resources/ 23 KB
23 KB 335ms
187ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/gadget-bg.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 1a26395eab756d476a44492edba11fbb4dfe44d42ed1599f04fdef5ea18ac954

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=18
Content-Length: 23889
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK sprite-icons-bar-status.png
ib.absa.co.za/absa-online/static/style/resources/ 553 B
553 B 185ms
185ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/sprite-icons-bar-status.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 4c4a36be788a6c7da90427e5986cbfba7da49bc1296fb965e86da3e5282efb5f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Cookie: anonymousUserId=464b66d5-85dc-4314-84b6-5fb5cae6ef64; JSESSIONID=0000iOIbZtJ1cngfcTcJ7nr1mdf:16lkce2mr
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=16
Content-Length: 553
Expires: Thu, 04 Jan 2018 07:16:01 GMT

GET
H/1.1 200
OK message-icon-warning.png
ib.absa.co.za/absa-online/static/style/resources/ 2 KB
2 KB 517ms
191ms Image
image/png 169.202.9.74
AMALGAMATED-BSA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.absa.co.za/absa-online/static/style/resources/message-icon-warning.png
Requested by: Host: hamdnews.ir
URL: http://hamdnews.ir/rbs.mein/sc.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 169.202.9.74 Johannesburg, South Africa, ASN14115 (AMALGAMATED-BSA, ZA),
Reverse DNS: ib.absa.co.za
Software: /
Resource Hash: 2c140351f536c51793fd589b80e80904faabd23664a81cb4683aa0776055519d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ib.absa.co.za
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
Connection: keep-alive
Cache-Control: no-cache
Referer: https://ib.absa.co.za/absa-online/static/style/absa.css?v=0.1.0-2016-11-23-09-22-51
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date: Mon, 04 Dec 2017 07:16:01 GMT
Last-Modified: Fri, 17 Nov 2017 12:24:20 GMT
Content-Language: en-US
Cache-Control: max-age=2678400
Connection: Keep-Alive
Content-Type: image/png
Keep-Alive: timeout=10, max=17
Content-Length: 1552
Expires: Thu, 04 Jan 2018 07:16:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ABSA (Banking)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hamdnews.ir
ib.absa.co.za
130.185.76.55
169.202.9.74
1a26395eab756d476a44492edba11fbb4dfe44d42ed1599f04fdef5ea18ac954
24404e867baeafcf594a7a46ddd3e8b271f0d797df9879a1ac0d6a743f875189
2c140351f536c51793fd589b80e80904faabd23664a81cb4683aa0776055519d
4c4a36be788a6c7da90427e5986cbfba7da49bc1296fb965e86da3e5282efb5f
5270d1e68e98cfb0e1fceb021ff3f134293994a7800c36920186137e4b98e0f2
5b9db4c47bdc5b00eb3c51c9569fb603e5e2872f00b0e5a93f853d679711baa2
5bf44d8fdfaae148a1ebc827f977596bda78716e21d56b801fc917b3fd1b4b06
66ba323e2dbbeefed9275ef19c0d4d4737e4bda6008491f5e3e0f74e74688b78
6a1423dcdc9a531df9d5dfc5a1ea720eec868eda0a56e1580a0c71c69e79b8fe
7cb330426b9714e0e2c19f672ff0d24eb1a41aaa324994c2c03bd59e86565686
873d485e77b9cec299b74e1e27db059fd36db0963cd3a783901c39c100491d1e
8ff7cdb6573e122fe3c0671e907fbedb185afc2b83157fb8142776b1907f5512
9994854a09119b66ae82cad220f3db33544c19fe41aa6f97519a848f8043fa26
a56cbd15aa500313a40cf20fd472c4de783128acec6d52a60732897894c19e6e
a7902e7c7dc16d24f3264a729c92296dd7ec59231a38d539d70d4a36f9c3912a
b6b693de4c17c014dad29abe5294359606104283674d45ee8348e9dc731ff540
c27aee2360a4554999091c3f4acbe28c3e0badb1484d2aee914e1d8b4f7ace1f
c8540544d992e1953e8096e882f6339b80791b7ef6605ace0f53b5bc007151f3
c954b11af7eaeb2e7f427b396aff8e0319ab7e539ef4b4d0354625f7609c8844
cfe16ed668c698723efefec0fe08b711f25d4cc2347b1fb64c5666e76a822886
dac46568479beb4fcf633d2b6b7a53b0bbd42d5cf2b30af82fa0d4d67a60bae1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7b1e8fc81fbc88509730058bb71581af17950b9c4e7dd6d08af75fbe7a15016

hamdnews.ir Open in urlscan Pro 130.185.76.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

24 Requests

83 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

310 kBTransfer

1253 kBSize

0 Cookies

5 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

24 JavaScript Global Variables

0 Cookies

Indicators

hamdnews.ir Open in urlscan Pro
130.185.76.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

310 kB
Transfer

1253 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!