faaf.gov.mv Open in urlscan Pro
202.1.207.57 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://faaf.gov.mv/upload/anz/bankmain.htm
Submission: On August 17 via automatic, source openphish (August 17th 2017, 9:41:25 am UTC)

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 19 HTTP transactions. The main IP is 202.1.207.57, located in Maldives and belongs to DHIRAAGU-MV-AP Dhivehi Raajjeyge Gulhun (Dhiraagu), MV. The main domain is faaf.gov.mv.

This is the only time faaf.gov.mv was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ANZ Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	202.1.207.57 202.1.207.57	7642 (DHIRAAGU-...) (DHIRAAGU-MV-AP Dhivehi Raajjeyge Gulhun (Dhiraagu))
15	202.2.56.40 202.2.56.40	9564 (ANZ-BANK-...) (ANZ-BANK-AP Australia and New Zealand Banking Group Limited)
1	2a01:578:3::3... 2a01:578:3::36f6:678e	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
19	3

3 202.1.207.57 (Maldives)

ASN7642 (DHIRAAGU-MV-AP Dhivehi Raajjeyge Gulhun (Dhiraagu), MV)
PTR: host16.dhivehinet.net.mv

faaf.gov.mv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 202.2.56.40 (Australia)

ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU)
PTR: anz.com.mm

www.anz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:578:3::36f6:678e (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.path-logic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	anz.com www.anz.com	118 KB
3	faaf.gov.mv faaf.gov.mv	16 KB
1	path-logic.com www.path-logic.com	43 B
19	3

	Domain	Requested by
15	www.anz.com	faaf.gov.mv
3	faaf.gov.mv	faaf.gov.mv
1	www.path-logic.com	faaf.gov.mv
19	3

This site contains links to these domains. Also see Links.

Domain
banking4.anz.com
www.anz.com

Subject Issuer	Validity	Valid
www.path-logic.com GeoTrust DV SSL SHA256 CA	`2017-01-09` - `2018-04-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://faaf.gov.mv/upload/anz/bankmain.htm
Frame ID: 9151.1
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

19
Requests

5 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

135 kB
Transfer

135 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://banking4.anz.com/IBAU/BANKAWAY?Action.IBUser.ForgotPassword=Y&AppSignonBankId=AUANZ&AffiliateId=00010&Country=AU&AppType=corporate&CorporateSignonLangId=001
Title: Reset password online

Search URL Search Domain Scan URL

URL: https://www.anz.com/auxiliary/help/help/website-security-privacy/
Title: Security and Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request bankmain.htm Show response faaf.gov.mv/upload/anz/	16 KB 16 KB	556ms 199ms	Document text/html	202.1.207.57 DHIRAAGU-MV-AP Dh...
General Check archive.org Show headers Download Go to Full URL http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.1.207.57 , Maldives, ASN7642 (DHIRAAGU-MV-AP Dhivehi Raajjeyge Gulhun (Dhiraagu), MV), Reverse DNS host16.dhivehinet.net.mv Software nginx / PleskLin Resource Hash `8041a6a162a61f4d3f0de41da31b885cebda69a2c3bff7c54062824f944844c7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:11 GMT Last-Modified Wed, 16 Aug 2017 23:25:23 GMT Server nginx X-Powered-By PleskLin ETag "5994d463-4160" Content-Type text/html Connection keep-alive Accept-Ranges bytes Content-Length 16736
GET H/1.1	200 OK	layout.css www.anz.com/common/css/new/	6 KB 6 KB	1298ms 326ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/common/css/new/layout.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `98a299c5cefb80b69d58f78e07f90d886d092dd9e8b0da3bacf4c418e47e9c28` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:13 GMT Last-Modified Wed, 10 Aug 2011 13:22:42 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "40a450956057cc1:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 5989
GET H/1.1	200 OK	visuals.css www.anz.com/common/css/new/	4 KB 4 KB	1299ms 328ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/common/css/new/visuals.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `ad3056d218034b8c81557d352b9aeec4d91a646f2cab0fc2fba22c6464b8313d` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:13 GMT Last-Modified Wed, 10 Aug 2011 13:22:43 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "8e29e6956057cc1:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 3834
GET H/1.1	200 OK	rhn.css www.anz.com/common/css/new/	7 KB 7 KB	1296ms 324ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/common/css/new/rhn.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `586ae06139b280e9907e7b38a8e34de1b99257b0b700a1fd8d78a9e52fa84a66` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:13 GMT Last-Modified Wed, 10 Aug 2011 13:22:42 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "e0f6bc956057cc1:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 7394
GET H/1.1	200 OK	tertiaryNav.css www.anz.com/common/navbar/aus/css/	2 KB 2 KB	1297ms 325ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/common/navbar/aus/css/tertiaryNav.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `f1bd6e8c19005aedcba8418aa9a75c44b4de7749af7fb5322576bf6579ed68bd` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:13 GMT Last-Modified Wed, 10 Aug 2011 13:23:03 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "ca3456a26057cc1:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 2191
GET H/1.1	200 OK	ib_responsive_header.css www.anz.com/common/header/css/	317 B 317 B	1298ms 325ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/common/header/css/ib_responsive_header.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `0dd99c576da8fd309dd2767acd0e2ada15f4c368c62b4c184e3182d9d83f25ca` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:13 GMT Last-Modified Fri, 23 Oct 2015 19:29:40 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "406dac29c9dd11:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 317
GET H/1.1	200 OK	ib_logon_responsive_latest.css www.anz.com/inetbank/css/	11 KB 11 KB	1299ms 326ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/inetbank/css/ib_logon_responsive_latest.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `6ebcfae10f9f06b736f6774207c6b3d495380dc97c59aed941edf4bc07763145` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:13 GMT Last-Modified Fri, 04 Dec 2015 06:38:05 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "d84aa555e2ed11:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 11288
GET H/1.1	200 OK	bootstrap.css www.anz.com/inetbank/css/	55 KB 55 KB	1627ms 330ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/inetbank/css/bootstrap.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `a03cfc909a94860249580d7a8dc567ccae48252e8f6316b6b846b9338e565729` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:13 GMT Last-Modified Fri, 23 Oct 2015 19:29:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "282c8c20c9dd11:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 56038
GET H/1.1	200 OK	ANZ-logo.png www.anz.com/common/header/images/	9 KB 9 KB	322ms 321ms	Image image/png	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Show image Full URL http://www.anz.com/common/header/images/ANZ-logo.png Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `5883670c91bc904352d1885f1d36b74b5eb8511118e17be4304f96300f591fa8` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:14 GMT Last-Modified Fri, 23 Oct 2015 19:29:40 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "462b9d29c9dd11:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type image/png Accept-Ranges bytes Content-Length 9118
GET H/1.1	200 OK	ib_responsive_footer.css www.anz.com/common/footer/css/	434 B 434 B	1628ms 330ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/common/footer/css/ib_responsive_footer.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `1c01aafd0d1e8f724d75cd3770d3c3c3ba6d843564c874724eb8f60435cce32a` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:13 GMT Last-Modified Fri, 23 Oct 2015 19:29:41 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "d2a8e329c9dd11:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 434
GET H/1.1	200 OK	common_all.js Show response www.anz.com/inetbank/banklink/	3 KB 3 KB	318ms 317ms	Script application/x-javascript	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/inetbank/banklink/common_all.js Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `3fc5efbbff0c23d2ebc03f0c6d88f00be46c8604f7df8a60b5dbdbf0a36ce97e` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:14 GMT Last-Modified Tue, 02 Aug 2005 07:11:00 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "01ae2553197c51:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type application/x-javascript Accept-Ranges bytes Content-Length 3331
GET H/1.1	200 OK	logon.js Show response www.anz.com/inetbank/banklink/	7 KB 7 KB	317ms 317ms	Script application/x-javascript	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/inetbank/banklink/logon.js Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `869ae45682fd31741899ac791d90ff9e0ff194d311d85f6bad698216b040288c` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:14 GMT Last-Modified Fri, 24 Feb 2012 11:27:19 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "3a84ae44e7f2cc1:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type application/x-javascript Accept-Ranges bytes Content-Length 7390
GET H/1.1	200 OK	srlogon.js Show response www.anz.com/inetbank/banklink/	6 KB 6 KB	317ms 317ms	Script application/x-javascript	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/inetbank/banklink/srlogon.js Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `f5652adf22bc6c18da97da8a28bfa637ffd2c8b5bed78665c3281140919a9667` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:14 GMT Last-Modified Thu, 17 Aug 2006 06:25:00 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "086c4ddc5c1c61:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type application/x-javascript Accept-Ranges bytes Content-Length 6264
GET H/1.1	200 OK	print.css www.anz.com/common/css/new/	575 B 575 B	325ms 325ms	Stylesheet text/css	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Full URL http://www.anz.com/common/css/new/print.css Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `c9cd8082491ed5e3025515383fe7b48e01a20e23ebd3f7c32b272e41b3321a02` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:14 GMT Last-Modified Tue, 30 Sep 2008 11:08:19 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "80531ad8ec22c91:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type text/css Accept-Ranges bytes Content-Length 575
GET H/1.1	404 Not Found	supertag.js faaf.gov.mv/auxiliary/supertag/	0 0	199ms 199ms	Script text/html	202.1.207.57 DHIRAAGU-MV-AP Dh...
General Check archive.org Show headers Download Go to Full URL http://faaf.gov.mv/auxiliary/supertag/supertag.js?subtype=javascript&_dc=4591772017 Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.1.207.57 , Maldives, ASN7642 (DHIRAAGU-MV-AP Dhivehi Raajjeyge Gulhun (Dhiraagu), MV), Reverse DNS host16.dhivehinet.net.mv Software nginx / PleskLin Resource Hash Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:14 GMT ETag "960758-3bd-4a9fb35d6d600" Last-Modified Mon, 08 Aug 2011 09:38:32 GMT Server nginx X-Powered-By PleskLin Content-Type text/html Connection keep-alive Accept-Ranges bytes Content-Length 957
GET H/1.1	404 Not Found	supertag.js faaf.gov.mv/auxiliary/supertag/	0 0	199ms 199ms	Script text/html	202.1.207.57 DHIRAAGU-MV-AP Dh...
General Check archive.org Show headers Download Go to Full URL http://faaf.gov.mv/auxiliary/supertag/supertag.js?subtype=javascript&_dc=4591772017 Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.1.207.57 , Maldives, ASN7642 (DHIRAAGU-MV-AP Dhivehi Raajjeyge Gulhun (Dhiraagu), MV), Reverse DNS host16.dhivehinet.net.mv Software nginx / PleskLin Resource Hash Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:14 GMT ETag "960758-3bd-4a9fb35d6d600" Last-Modified Mon, 08 Aug 2011 09:38:32 GMT Server nginx X-Powered-By PleskLin Content-Type text/html Connection keep-alive Accept-Ranges bytes Content-Length 957
GET H/1.1	200 Ok	cc www.path-logic.com/v4.0/840608/	43 B 43 B	577ms 33ms	Image image/gif	2a01:578:3::36f6:678e Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://www.path-logic.com/v4.0/840608/cc?params=4Mjz1CLR2tPGT2WqqOqPbCZXg0LEYpnIzdB0npjcIwQ%2FCqzXaT%2BQEB2WWpHdZBrCIvyg1biqmPf%2F4he0RdxCmy0N7rMfokcbJOuUphfyqfdgzLSAftcOAXqt%2FIxW4dKB7CBOyzY%3D Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:578:3::36f6:678e , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software haile / Resource Hash `4e568073a900787fc46710900fe2556d4a6c7c7469ca1da96def7e8585e032b2` Request headers Referer http://faaf.gov.mv/upload/anz/bankmain.htm User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:15 GMT Server haile Access-Control-Allow-Methods GET, OPTIONS P3P CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM" Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 PICS-Label (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
GET H/1.1	200 OK	icon-sprite.png www.anz.com/inetbank5/images/	3 KB 3 KB	322ms 321ms	Image image/png	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Show image Full URL http://www.anz.com/inetbank5/images/icon-sprite.png Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `a9998c36ef676be2c83829221240c8659fa0b0474e2af751beb3cd77bc91582b` Request headers Referer http://www.anz.com/inetbank/css/ib_logon_responsive_latest.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:15 GMT Last-Modified Fri, 23 Oct 2015 19:29:30 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "29f5523c9dd11:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type image/png Accept-Ranges bytes Content-Length 3446
GET H/1.1	200 OK	icon-sprite.png www.anz.com/inetbank/images/	3 KB 3 KB	320ms 319ms	Image image/png	202.2.56.40 ANZ-BANK-AP Austr...
General Check archive.org Show headers Download Go to Show image Full URL http://www.anz.com/inetbank/images/icon-sprite.png Requested by Host: faaf.gov.mv URL: http://faaf.gov.mv/upload/anz/bankmain.htm Protocol HTTP/1.1 Server 202.2.56.40 , Australia, ASN9564 (ANZ-BANK-AP Australia and New Zealand Banking Group Limited, AU), Reverse DNS anz.com.mm Software Microsoft-IIS/6.0 / ASP.NET Resource Hash `a9998c36ef676be2c83829221240c8659fa0b0474e2af751beb3cd77bc91582b` Request headers Referer http://www.anz.com/inetbank/css/ib_logon_responsive_latest.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36 Response headers Date Thu, 17 Aug 2017 09:41:15 GMT Last-Modified Fri, 23 Oct 2015 19:29:25 GMT Server Microsoft-IIS/6.0 X-Powered-By ASP.NET ETag "766bb820c9dd11:8235" MicrosoftOfficeWebServer 5.0_Pub Content-Type image/png Accept-Ranges bytes Content-Length 3446

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ANZ Bank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

faaf.gov.mv
www.anz.com
www.path-logic.com
202.1.207.57
202.2.56.40
2a01:578:3::36f6:678e
0dd99c576da8fd309dd2767acd0e2ada15f4c368c62b4c184e3182d9d83f25ca
1c01aafd0d1e8f724d75cd3770d3c3c3ba6d843564c874724eb8f60435cce32a
3fc5efbbff0c23d2ebc03f0c6d88f00be46c8604f7df8a60b5dbdbf0a36ce97e
4e568073a900787fc46710900fe2556d4a6c7c7469ca1da96def7e8585e032b2
586ae06139b280e9907e7b38a8e34de1b99257b0b700a1fd8d78a9e52fa84a66
5883670c91bc904352d1885f1d36b74b5eb8511118e17be4304f96300f591fa8
6ebcfae10f9f06b736f6774207c6b3d495380dc97c59aed941edf4bc07763145
8041a6a162a61f4d3f0de41da31b885cebda69a2c3bff7c54062824f944844c7
869ae45682fd31741899ac791d90ff9e0ff194d311d85f6bad698216b040288c
98a299c5cefb80b69d58f78e07f90d886d092dd9e8b0da3bacf4c418e47e9c28
a03cfc909a94860249580d7a8dc567ccae48252e8f6316b6b846b9338e565729
a9998c36ef676be2c83829221240c8659fa0b0474e2af751beb3cd77bc91582b
ad3056d218034b8c81557d352b9aeec4d91a646f2cab0fc2fba22c6464b8313d
c9cd8082491ed5e3025515383fe7b48e01a20e23ebd3f7c32b272e41b3321a02
f1bd6e8c19005aedcba8418aa9a75c44b4de7749af7fb5322576bf6579ed68bd
f5652adf22bc6c18da97da8a28bfa637ffd2c8b5bed78665c3281140919a9667

faaf.gov.mv Open in urlscan Pro 202.1.207.57 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

19 Requests

5 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

135 kBTransfer

135 kBSize

0 Cookies

2 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

faaf.gov.mv Open in urlscan Pro
202.1.207.57 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

5 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

135 kB
Transfer

135 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!