www.literaturepublishers.org
Open in
urlscan Pro
103.118.16.254
Malicious Activity!
Public Scan
Submitted URL: https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/ani.php
Effective URL: https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/questions.html
Submission: On March 23 via manual from AU — Scanned from AU
Effective URL: https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/questions.html
Submission: On March 23 via manual from AU — Scanned from AU
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 32 HTTP transactions.
The main IP is 103.118.16.254, located in
India and
belongs to NEERJA-AS-AP Neerja Softwares Pvt Ltd, IN.
The main domain is www.literaturepublishers.org.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.
This is the only time www.literaturepublishers.org was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.
This is the only time www.literaturepublishers.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: ANZ Bank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 13 | 103.118.16.254 103.118.16.254 | 137950 (NEERJA-AS...) (NEERJA-AS-AP Neerja Softwares Pvt Ltd) | |
| 19 | 45.60.126.46 45.60.126.46 | 19551 (INCAPSULA) (INCAPSULA) | |
| 32 | 3 |
13
103.118.16.254
(India)
ASN137950 (NEERJA-AS-AP Neerja Softwares Pvt Ltd, IN)
PTR: lnx4.cms502.com
ASN137950 (NEERJA-AS-AP Neerja Softwares Pvt Ltd, IN)
PTR: lnx4.cms502.com
| www.literaturepublishers.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 19 |
anz.com
apib1.anz.com |
34 KB |
| 13 |
literaturepublishers.org
1 redirects
www.literaturepublishers.org |
18 KB |
| 32 | 2 |
| Domain | Requested by | |
|---|---|---|
| 19 | apib1.anz.com |
www.literaturepublishers.org
apib1.anz.com |
| 13 | www.literaturepublishers.org |
1 redirects
www.literaturepublishers.org
|
| 32 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.anz.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.literaturepublishers.org R3 |
2023-03-23 - 2023-06-21 |
3 months | crt.sh |
| apib1.anz.com DigiCert SHA2 Extended Validation Server CA |
2022-05-10 - 2023-05-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/questions.html
Frame ID: 733DDF7A0FFA2CEFFE942FEFBC1419DB
Requests: 31 HTTP requests in this frame
Frame:
https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/_blank.htm
Frame ID: 940257C59C0E93E8DCD31A0113DA1B97
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
ANZ Internet BankingPage URL History Show full URLs
-
https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/ani.php
HTTP 302
https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/questions.html Page URL
Detected technologies
Microsoft ASP.NET
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <input[^>]+name="__VIEWSTATE
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://www.anz.com/ib-fj/en/log-on/logon
Title: Help
Title: Help
Search URL Search Domain Scan URL
URL: https://www.anz.com/ib-fj/en/ext/faqs/
Title: FAQ
Title: FAQ
Search URL Search Domain Scan URL
URL: https://www.anz.com/ib-fj/en/ext/contact/
Title: Contact Us
Title: Contact Us
Search URL Search Domain Scan URL
URL: https://www.anz.com/ib-fj/en/ext/privacy/
Title: Security and Privacy Statement
Title: Security and Privacy Statement
Search URL Search Domain Scan URL
URL: https://www.anz.com/ib-fj/en/ext/website-terms/
Title: Website Terms of Use
Title: Website Terms of Use
Search URL Search Domain Scan URL
URL: https://www.anz.com/ib-fj/en/ext/terms-conditions/
Title: Terms and Conditions
Title: Terms and Conditions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/ani.php
HTTP 302
https://www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/questions.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
questions.html
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/ Redirect Chain
|
39 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZBEAMNetIB.css
apib1.anz.com/apinetbank/ |
43 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AjaxHandlerV510.js
apib1.anz.com/apinetbank/Ajax/JavaScript/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AjaxBusinessRulesV510.js
apib1.anz.com/apinetbank/Ajax/JavaScript/ |
2 KB 747 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ProgressBarV510.js
apib1.anz.com/apinetbank/controls/ANZ/JavaScript/ |
2 KB 888 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favoritesV510.js
apib1.anz.com/apinetbank/controls/ANZ/JavaScript/ |
868 B 637 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FunctionsInetV510.js
apib1.anz.com/apinetbank/JavaScript/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ClientSideEventsV510.js
apib1.anz.com/apinetbank/JavaScript/ |
21 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
WebResource.axd
apib1.anz.com/apinetbank/apinetbank/ |
23 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
WebResource.axd
apib1.anz.com/apinetbank/apinetbank/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZVU_Logo.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_Tab_Spacer_2.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ |
67 B 416 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_BG_Menu_Side_End.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/Content/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_Menu_Spacer_2.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/Content/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_Menu_Spacer_1.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/Content/ |
274 B 625 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_Menu_Spacer_1.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/Content/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
ANZ_BG_Menu_Side_End.gif
apib1.anz.com/apinetbank/ontrols/ANZ/Images/Content/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
progressbar_0.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/ProgressBar/ |
209 B 557 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
progressbar_0.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/ProgressBar/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
progressbar_1.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/ProgressBar/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
progressbar_2.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/ProgressBar/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
progressbar_3.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/ProgressBar/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
progressbar_4.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/ProgressBar/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
progressbar_5.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/ProgressBar/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
progressbar_6.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/ProgressBar/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_Tab_Over.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ |
388 B 739 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_Tab_Out.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_Tab_Selected.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ |
397 B 724 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_blank.htm
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/ Frame 9402 |
1 KB 509 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_BG_Logo.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/Header/ |
276 B 624 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_BG_Toolbar.gif
www.literaturepublishers.org/assets/ckeditor/skins/moonocolor/images/controls/ANZ/Images/Header/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ANZ_Button.gif
apib1.anz.com/apinetbank/controls/ANZ/Images/button/ |
264 B 611 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- apib1.anz.com
- URL
- chttps://apib1.anz.com/apinetbank/ontrols/ANZ/Images/Content/ANZ_BG_Menu_Side_End.gif
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: ANZ Bank (Banking)153 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| objHttpRequest object| objHttpResponse object| targetControl function| InitialiseAjaxRequest function| ProcessAjaxRequest function| finaliseAjaxRequest function| SendAjaxRequest function| CreateRequestObject function| OnRequestComplete function| ProcessAjaxResponse function| ProcessFormData function| ProcessAlterFormFields function| ProcessPullDownItems function| ProcessAjaxCommands function| FormatRequestUrl function| BuildAjaxRequest function| CreateXmlDocument function| CreateXmlNode function| BTSOINetAcTransfer_InitialiseAjaxRequest function| BTSOINetAcTransfer_ProcessAjaxRequest function| BTSOINetAcTransfer_OnAjaxError function| BTSOINetTransferOwnAc_InitialiseAjaxRequest function| BTSOINetTransferOwnAc_ProcessAjaxRequest function| BTSOINetTransferOwnAc_OnAjaxError object| timerID boolean| timerRunning number| timeValue number| count boolean| finish function| increment function| stopclock function| end function| startclock function| _ProgressBar object| image00 object| image01 object| image02 object| image03 object| image04 object| image05 object| image06 string| borderBackColor string| altBorderBackColor string| overBackColor string| downBackColor string| outBackColor string| minSize string| maxSize string| plusImageId string| minusImageId string| listId string| panelId function| overColor function| outColor function| downColor function| ZeroPadLeft function| numericEdit_onkeydown function| numericEditAlt_onkeydown function| DatePicker_ForceValueOnNullDate function| MaskEdit_NoDateControl_Onblur function| GetSystemValidDates function| SetSystemValidDate function| isValidDate function| GetMonthDays function| DaysInFebruary function| GetDatePartValue function| GetDatePartPosition function| FireEvents function| FireEventsAltTextChanged function| FireEventsAltValueChange function| FireEventsAltBlur function| FireEventsAlt function| ProcessFiredEvents function| CheckConditionalParameters function| CheckCondition function| CheckDateValues function| GetCompareValues function| DatePickerTodayLinkClick function| IBANCheck function| ValidateBIC function| ValidateTAG function| SetTagValue function| ValidateField function| ValidateFields function| GetAllFields function| HandlePayeeAdd function| ClearAndSetPullDowns function| HandleSecQuestions function| SetEnabled function| SetVisible function| ChangeClientSideValidation function| MakeVisible function| GetElement function| ShowSQPassword function| VisibleChangeSA function| PreLoadImages object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer function| WebForm_OnSubmit function| DisableHeader function| EnableHeader object| images function| DisableContent function| DisableFooter function| EnableFooter number| PageTimerId function| ValidateControls0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apib1.anz.com
www.literaturepublishers.org
apib1.anz.com
103.118.16.254
45.60.126.46
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
15c9bd600ed70158a9cd3737b87a79e3aefb9fd87db448ee8611d870986ea2e9
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
1eeada6eabe24dde53b72caf102691b567060450aa55ab51e78a9e0438e44249
23fcf9358ede3c2c1493bd02e97026a916a02de5ea466eb1e51fe903f2c5e372
3cad4212a2fc105f7b3c346ce30eeb87a3dc02b7887264fcf4046b8a31c320ca
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
54852527eae7d93b881a86b6d7bfce1fba993f0f5f434bef76442d19c8ff8253
6ff1803bfa1cc63b4c17afe465fcd7e9720822bab024a583a7eb00d20f3b9870
781f44845576f0dfa93c7d764c30be923e1898cc4e4c9d1de6999a2f7ecd52e7
a035897fffc4a91edde74fc0cefe014f0a6e0bc840fc6a63743ed76b6f03ac75
a410802f5fda2c9d7bf6722ab85f591f819f4a9f5c21feef8a7c8b2d1e06515a
a56d0d73b7adfed88c9b6eac84ac09f3c59b6cdb9757a724c71806aaf80ca96e
a759f24905fe6b321d5d8e0a7562a75bde726cbba7716a590d98f48e90e2e627
b770759932dec13dbd50faf1c29389e5cf44489ebb17fff56c2fa8da2cd4b715
b77efb16727161c9824531e62e4a9a2e4357d416488a7b7d2f6ad8c592a5252c
c6b66a87abe7e4fa958bb16ce3fd1847192b294ce8c2c76fbd97ad415c8204ba
d488a5ac23fc19d1c98b2438ed024a3e34006c7fd2b70aa3536febb4a65c144e
d65109da0dae32d7c908381843341d0cb4622d718041c24784ebacbc2ecb71cc
f05790b42e6a5f26b2527a529cb1acda6d67dfd4fbeb4473fbae58c14702e2b0