aslb-co-nz.com Open in urlscan Pro
2606:4700:3035::ac43:b108 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://aslb-co-nz.com/
Submission Tags: @ecarlesi threat phishing asbbank Search All
Submission: On December 02 via api (December 2nd 2024, 9:48:32 pm UTC) from IT — Scanned from NZ

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3035::ac43:b108, located in United States and belongs to CLOUDFLARENET, US. The main domain is aslb-co-nz.com.
TLS certificate: Issued by WE1 on December 2nd 2024. Valid for: 3 months.

This is the only time aslb-co-nz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: ASB Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3035::ac43:b108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.48.247.239 23.48.247.239	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
10	172.67.177.8 172.67.177.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	3

6 2606:4700:3035::ac43:b108 (United States)

ASN13335 (CLOUDFLARENET, US)

aslb-co-nz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.247.239 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-247-239.deploy.static.akamaitechnologies.com

banner.asb.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.177.8 (United States)

ASN13335 (CLOUDFLARENET, US)

aslb-co-nz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	aslb-co-nz.com aslb-co-nz.com	30 KB
1	asb.co.nz banner.asb.co.nz	1 KB
17	2

	Domain	Requested by
16	aslb-co-nz.com	aslb-co-nz.com
1	banner.asb.co.nz	aslb-co-nz.com
17	2

This site contains no links.

Subject Issuer	Validity	Valid
aslb-co-nz.com WE1	`2024-12-02` - `2025-03-02`	3 months	crt.sh
banner.asb.co.nz DigiCert EV RSA CA G2	`2024-10-11` - `2025-05-11`	7 months	crt.sh

This page contains 1 frames:

Primary Page: https://aslb-co-nz.com/
Frame ID: F6087C5997E1CB5CCA0BAA6BC1726EFD
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ASB Bank - Log in

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

31 kB
Transfer

55 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response aslb-co-nz.com/	11 KB 4 KB	1154ms 1073ms	Document text/html	2606:4700:3035::ac43:b108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b1b687f153205bda7da893e63548ff10714477bf66a778872cd9d73337218105` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8ebe8559a86ed9ba-AKL content-encoding zstd content-type text/html; charset=UTF-8 date Mon, 02 Dec 2024 21:48:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qo6syEa4Rq8wQegnejHAIsjfwQgLfvaUFH6IZGRZdNdR0PiRkyslv5%2BlzFEV5lYmbO4JppOLAo1WuVgHdzV8IJJ%2FyqjQiYMKLCN4FjXgRU%2FZvEK%2FI4XLT3nA5LDdYOIxUia078htCZpZtEJYg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=30371&min_rtt=30286&rtt_var=4835&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4029&recv_bytes=2316&delivery_rate=133017&cwnd=254&unsent_bytes=0&cid=614f79fa9b2f2c74&ts=1078&x=0" vary Accept-Encoding
GET H2	200	fonts.min.css aslb-co-nz.com/css/	3 KB 876 B	1047ms 1046ms	Stylesheet text/css	2606:4700:3035::ac43:b108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `34c1757c7eac4eeb1f4c65be191d76ea7a851ea44f155e79d4db456971f09926` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aslb-co-nz.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"674a7a88-ab6" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vsgsf%2BXvmr5lGEdF%2BuNVzK5UIXY2iY7tjTj2pbH7lS56zTc78h26lhLMCSXIr1Sw2bZOTt8wWB6I74k5r6S%2FnaXxMOFKmEmuVQaEk1RKtIJ0l15HEXjLIKt%2FiWzga%2Feo8RjAUQVMjkzJDxUGQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe85606f2ed9ba-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=30394&min_rtt=30286&rtt_var=3672&sent=16&recv=18&lost=0&retrans=0&sent_bytes=8679&recv_bytes=2782&delivery_rate=264711&cwnd=254&unsent_bytes=0&cid=614f79fa9b2f2c74&ts=2132&x=0" date Mon, 02 Dec 2024 21:48:26 GMT content-type text/css last-modified Sat, 30 Nov 2024 02:38:00 GMT vary Accept-Encoding server cloudflare
GET H2	200	style.min.css aslb-co-nz.com/css/	26 KB 7 KB	1143ms 1142ms	Stylesheet text/css	2606:4700:3035::ac43:b108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/style.min.css?v=2.1.0.5 Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b3cf8c87337c3e89ab4d5098cb37f4394774441331a1e1e6a01425a955667c2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aslb-co-nz.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"674a7a8e-67fe" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRO067QPCGQG%2FcjCo%2B8bw4qUeIaknbHCDbTo9nerqx2Z%2FdDDajcpe394t267TEnlcecqxdtnyzBA5uPcx3oOwWrRyhr%2FQcxOS%2BQdfOWFaDEBtwNMTT6SkI1JQkepXNedOTuloXmrNH%2Fw1SkXpQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe85606f34d9ba-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=30446&min_rtt=30286&rtt_var=2145&sent=22&recv=20&lost=0&retrans=0&sent_bytes=10621&recv_bytes=2782&delivery_rate=264711&cwnd=254&unsent_bytes=0&cid=614f79fa9b2f2c74&ts=2229&x=0" date Mon, 02 Dec 2024 21:48:26 GMT content-type text/css last-modified Sat, 30 Nov 2024 02:38:06 GMT vary Accept-Encoding server cloudflare
GET H2	200	asb.png aslb-co-nz.com/images/	12 KB 13 KB	1143ms 1143ms	Image image/png	2606:4700:3035::ac43:b108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aslb-co-nz.com/images/asb.png Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c57e5c784568a0a25bc683090fa5b89fd39ec46a20173233d47bb3064f17033` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aslb-co-nz.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "674a7eb8-3022" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FOnBKlpDqvte%2FuMshm0oqTbtdrsbW9XEZXe8%2FkeBxixwyGUUsGrhHXfyfVDmuC%2FXUrpWLJvF%2FR%2Bav3ziWEl3U4aEAy3aqHQAdPAzmMawMUh3mSCuAUeWEVDVQrc0MWHXQW2zOG4EUUn4Hv4jaA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe85606f39d9ba-AKL accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=30446&min_rtt=30286&rtt_var=2145&sent=31&recv=20&lost=0&retrans=0&sent_bytes=17985&recv_bytes=2782&delivery_rate=264711&cwnd=254&unsent_bytes=0&cid=614f79fa9b2f2c74&ts=2231&x=0" content-length 12322 date Mon, 02 Dec 2024 21:48:26 GMT content-type image/png last-modified Sat, 30 Nov 2024 02:55:52 GMT vary Accept-Encoding server cloudflare
GET H2	200	icon-profile.png aslb-co-nz.com/images/	3 KB 3 KB	1165ms 1165ms	Image image/png	2606:4700:3035::ac43:b108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aslb-co-nz.com/images/icon-profile.png Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e7047dcb138d4352986a15bfcd4f875566f8eb8ff9d8005cb424ae2c556fc9ff` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aslb-co-nz.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "674a8270-b9a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKjPE%2Frvljo1aO%2FutU5Kkcd65IXggsYGkI374wWqRMFHljKQnA3aMegQcp%2Fj8uly9vS1CUpiWluLod8%2FpVDVu%2BU2wpP5kezuDC87UVK8c8ZbPeYd5008vVzfpbY60EQ2NpxOaasktvmU8sqMUA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe85607f73d9ba-AKL accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=30461&min_rtt=30240&rtt_var=1026&sent=46&recv=23&lost=0&retrans=0&sent_bytes=31089&recv_bytes=2782&delivery_rate=1004065&cwnd=254&unsent_bytes=0&cid=614f79fa9b2f2c74&ts=2267&x=0" content-length 2970 date Mon, 02 Dec 2024 21:48:26 GMT content-type image/png last-modified Sat, 30 Nov 2024 03:11:44 GMT vary Accept-Encoding server cloudflare
GET H2	200	icon-lock-outline.svg aslb-co-nz.com/images/	752 B 934 B	1051ms 1051ms	Image image/svg+xml	2606:4700:3035::ac43:b108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aslb-co-nz.com/images/icon-lock-outline.svg Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:b108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b0272715c4550dd9ee55ddef62f251a7fbcd16f2bdc1dd2652e155dd3f19e572` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aslb-co-nz.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"674a7aa8-2f0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zH5s3DJccqXfQqekceQHJuobZUSjZFwN7N263P%2Bum%2FJ%2B3gxb75kakPiwVLfzjtgEIfRjZ30YULMObr7%2F5oxwotoONJjU7EpREGWNQqayV38IuOxZtj7ZzgWC3eaKeXCANM4rkC8%2BrIjdD3FYsw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe85608f77d9ba-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=30394&min_rtt=30286&rtt_var=3672&sent=19&recv=18&lost=0&retrans=0&sent_bytes=9621&recv_bytes=2782&delivery_rate=264711&cwnd=254&unsent_bytes=0&cid=614f79fa9b2f2c74&ts=2153&x=0" date Mon, 02 Dec 2024 21:48:26 GMT content-type image/svg+xml last-modified Sat, 30 Nov 2024 02:38:32 GMT vary Accept-Encoding server cloudflare
GET H2	200	M banner.asb.co.nz/marketting/	0 1 KB	449ms 137ms	Image text/plain	23.48.247.239 AKAMAI-ASN1 Akama...
General Check archive.org Show headers Download Go to Show image Full URL https://banner.asb.co.nz/marketting/M?details=n%3DSNFGARGP%3Bo%3Duggcf%3A//bayvar.nfo.pb.am/nhgu/%3Fsz%3Durnqre%3Aybtva%3Bp%3D2560%3Bq%3D1440%3Br%3D24%3Bs%3D2%3Bt%3D5%3Bu%3DJva32%3Bv%3Dra-PN%3Bw%3D0%3Bx%3D%3By%3D23%3Bz%3Duggcf%3A//jjj.tfgngvp.pbz/erpncgpun/eryrnfrf/cCX749fppQzIJ_9QFrGZIiu2/erpncgpun__ra.wf%2C/nhgu/wf/zbqreavme-2.7.1.wf%3Fi%3D2.1.0.5%2C/nhgu/wf/wfba2.zva.wf%3Fi%3D2.1.0.5%2C/nhgu/wf/fun1.zva.wf%3Fi%3D2.1.0.5%2C/nhgu/wf/wdhrel-1.11.0.zva.wf%3Fi%3D2.1.0.5%2C/nhgu/wf/CbchcZnantre.zva.wf%3Fi%3D2.1.0.5%2C/nhgu/wf/phfgSbagFvmr.zva.wf%3Fi%3D2.1.0.5%2C/nhgu/wf/wdhrel-1.11.0.zva.wf%3Fi%3D2.1.0.5%2C/nhgu/wf/haqrefpber-zva.wf%3Fi%3D2.1.0.5%2Cuggcf%3A//jjj.tbbtyr.pbz/erpncgpun/ncv.wf%3Fbaybnq%3DbaybnqPnyyonpx%26eraqre%3Drkcyvpvg%2C/nhgu/wf/zbovyr-npprcg.zva.wf%3Fi%3D2.1.0.5%2C/zxga_nffrg/nffrg1/nffrg1-ybnqre.wf%2C/nhgu/wf/ybtvaObql.zva.wf%3Fi%3D2.1.0.5%2C/nhgu/wf/c.zva.wf%3Fi%3D2.1.0.5%2Cuggcf%3A//onaare.nfo.pb.am/Fpevcgf/shap.zva.wf%2C/NB8zagbnZMxPB6PRV3HhPhPRZlt/1hBo4YgY0ecFRAz1/IGNtNHRO/sNq-A/K59YHRO%3Ba%3D2rq43422q2q7p84po6q55o7s1175r7oq1q707q14%2Cs0p10o99pos952n0p9621r392352s0orns0459rq%2C04597rsq645ooso8sp05390o0nr0nrqr3588qpps%2C13749qq7prnso11381042790032n0snp2p63414r%2Cr5134sp63p05o290sqs5rr4n6sr6p09654ps92sq%2Cp4r519646rqp343q125561n0077rqsrn94733531%2Csq91602s44r7s160ps044909pr0rop24q61n8818%3Bb%3D10%3Bc%3Dhaqrsvarq%2Chaqrsvarq%2Chaqrsvarq%2Chaqrsvarq%2Chfreanzr%2Chaqrsvarq%2CqHfreanzr%2Ccnffjbeq%2Cerzrzore_zr%2Cerzrzore_zr_purpxobk%3Bd%3D1732873453%3Be%3D300240%3Bf%3D-1%3Bg%3DZbmvyyn/5.0%20%28Jvaqbjf%20AG%2010.0%20%20Jva64%20%20k64%29%20NccyrJroXvg/537.36%20%28XUGZY%2C%20yvxr%20Trpxb%29%20Puebzr/110.0.0.0%20Fnsnev/537.36%3B&data=null Requested by* Host: aslb-co-nz.com URL: https://aslb-co-nz.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.247.239 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL), Reverse DNS a23-48-247-239.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aslb-co-nz.com/ Response headers expires Mon, 02 Dec 2024 21:48:25 GMT cache-control max-age=0, no-cache, no-store content-length 0 pragma no-cache date Mon, 02 Dec 2024 21:48:25 GMT akamai-grn 0.c4b42e17.1733176105.e4ac917c x-aspnetmvc-version 5.2
GET H3	404	overpass-regular.woff2 aslb-co-nz.com/css/fonts/	0 0	1036ms 1036ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-regular.woff2 Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dcgyii6A0cRAwoHmL4QPv2nfWDBLEASVAuBfYt5VXetP7hC4Y3lgGHEnZR1e4LmTN9Wr2Pym7EsDHVdGdlmD2QJ9RCVRuLWzCetxzJSw%2B4K%2B1NKVoMno4lw%2Fz61djjzUuw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe8567acf9d9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=30574&min_rtt=30284&rtt_var=4902&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4263&recv_bytes=5117&delivery_rate=503&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=2167&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:27 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	overpass-extralight.woff2 aslb-co-nz.com/css/fonts/	0 0	1028ms 1028ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-extralight.woff2 Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUlt8uTj5L6bEgnAjz7e%2FutnMJ4PndPCZwk8%2FZ081%2BtMJAMvjdoEPcAZCVD3PHE1o85E6VKBpDWzxL%2BaW9mjtVadvQGATlvusd6e5EyHHmsMO8lfG7AfkTY8Wbjzh%2Ffy%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe8567bd18d9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=30574&min_rtt=30284&rtt_var=4902&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5205&recv_bytes=5117&delivery_rate=503&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=2168&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:27 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	overpass-semibold.woff2 aslb-co-nz.com/css/fonts/	0 0	1050ms 1050ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-semibold.woff2 Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lNYnGeB2eGllfej%2BooTYzUHhiyeLKvh8d1MPTqRshHZe6zS2nhMdfgvo9iCt%2BFiIuSB0RRTZIGPSDlz6ot2EO%2FxgGJRKw5LuLBbE3T8iGeGOjuMhZBR42D0kMkLgG7z1A%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe8567bd1ad9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=30574&min_rtt=30284&rtt_var=4902&sent=17&recv=12&lost=0&retrans=0&sent_bytes=6115&recv_bytes=5117&delivery_rate=503&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=2191&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:27 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	overpass-regular.woff aslb-co-nz.com/css/fonts/	0 0	1049ms 1048ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-regular.woff Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V78%2F%2BXSK50YluCDtSCxGz5FFnQ%2FFEqrmfjp6Xxl457%2BvPzYXpEC3e1oCs%2BKyJeQTe1W7ik74ytPg4VJd71msdB%2FBaiqVQFkXY%2FxV95AYhhd38z4cT4a0aT2Zk8FnY%2BwZ5g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe856e29c6d9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33242&min_rtt=30284&rtt_var=6825&sent=25&recv=18&lost=0&retrans=0&sent_bytes=8880&recv_bytes=6564&delivery_rate=2239&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=3221&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:28 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	overpass-extralight.woff aslb-co-nz.com/css/fonts/	0 0	1016ms 1016ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-extralight.woff Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UD9ToXpJm0xzh0as1cr88XPMHKup2nsW8dJy3y3GW4GsYrfCULxplPmU716fBr%2Fa%2FVDkgrHIUp2KIfl%2FJoXx5p8pQNaCt0dkAgNIVDu6kTnx1BlXETBpFJLfOpVjR8VnIQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe856e29cbd9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33242&min_rtt=30284&rtt_var=6825&sent=23&recv=18&lost=0&retrans=0&sent_bytes=7973&recv_bytes=6564&delivery_rate=2239&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=3190&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:28 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	overpass-semibold.woff aslb-co-nz.com/css/fonts/	0 0	369ms 369ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-semibold.woff Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZouKINg%2BhpOxjw3j0mePNgGyr0LvZx62IS9bVdF4QtG5lnzu1RJwgyTvmRy7sVMhSgLlvRpF%2F8BLfeu8VR4A0B7GPums8pOfOIZeIlIaPNrFChNPJksKQf5U8OgWSI12Mg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe856e49f2d9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=33619&min_rtt=30284&rtt_var=8094&sent=21&recv=17&lost=0&retrans=0&sent_bytes=7067&recv_bytes=6222&delivery_rate=2643&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=2561&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:27 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	overpass-semibold.ttf aslb-co-nz.com/css/fonts/	0 0	1183ms 1183ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-semibold.ttf Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuX7Ju%2FdB1v2QoqV7pI%2BYfbPxMyHOudynrUkRv%2FAg5tPSFOSpQ5zRr3dgX8%2BbPMglseeYuN08xxN%2BN6C95xH93Kfo6hUGXjFRM8krK6Qxfeb%2BXGVf5kkbXdsX45NQ7nDjA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe8570af88d9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32689&min_rtt=30284&rtt_var=4800&sent=28&recv=21&lost=0&retrans=0&sent_bytes=9817&recv_bytes=7287&delivery_rate=2894&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=3750&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:28 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	overpass-extralight.ttf aslb-co-nz.com/css/fonts/	0 0	1165ms 1164ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-extralight.ttf Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mPWqkCCYHFpiQd0dRAL30Toy9pmsLLAwn%2BoYdVmXMmJp826NeaoiPXW4rCVogNcF7cSA18dWXod2VmkldPLpoQA7DTXiwfVJTgh0FtmuCuLtqJJNzph32VdtySi77i5VnQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe85748996d9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32441&min_rtt=30284&rtt_var=4097&sent=30&recv=22&lost=0&retrans=0&sent_bytes=10730&recv_bytes=7330&delivery_rate=1737&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=4356&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:29 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	overpass-regular.ttf aslb-co-nz.com/css/fonts/	0 0	1176ms 1176ms	Font text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/css/fonts/overpass-regular.ttf Requested by Host: aslb-co-nz.com URL: https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aslb-co-nz.com Referer https://aslb-co-nz.com/css/fonts.min.css?v=2.1.0.5 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AhF15MT9n1V3ikp0C5uQKRvrTuUrqdaf9tFtFxhmvdpOR0Tmk2NhAx9DwCkj08griePI7t7ALqVfFKUctvcYBAgdgxi6inkYXkTJLzHeOx%2BuJd%2FCyUKwAapowmDbiew2Ag%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe8574b9edd9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32441&min_rtt=30284&rtt_var=4097&sent=31&recv=22&lost=0&retrans=0&sent_bytes=11608&recv_bytes=7330&delivery_rate=1737&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=4398&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:29 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare
GET H3	404	favicon.ico aslb-co-nz.com/	277 B 864 B	1070ms 1070ms	Other text/html	172.67.177.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aslb-co-nz.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.177.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7afeb5761e0c076473ff7058897f28b32b15fffd92f775a4be5fdb3ce8173a38` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aslb-co-nz.com/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6s7sUwhiloQK5caN9QemEJO72gNKQDjjV6gwTT1846hJL6e0gTWgIlZtxEU2kRSUH5l81qeuxVBuzU8uFLnKHkvh%2FTBVP7TyH6USlRCIE5sU687cc%2FP%2Fm0MDFABNA%2FQe%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8ebe857c1a2dd9af-AKL alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32068&min_rtt=30284&rtt_var=2957&sent=33&recv=24&lost=0&retrans=0&sent_bytes=12512&recv_bytes=7724&delivery_rate=31407&cwnd=12000&unsent_bytes=0&cid=1043348fc3641a8c&ts=5475&x=1", cfHdrFlush;dur=0 date Mon, 02 Dec 2024 21:48:30 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ASB Bank (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-extralight.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-semibold.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-semibold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-extralight.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-semibold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-extralight.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/css/fonts/overpass-regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://aslb-co-nz.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aslb-co-nz.com
banner.asb.co.nz
172.67.177.8
23.48.247.239
2606:4700:3035::ac43:b108
34c1757c7eac4eeb1f4c65be191d76ea7a851ea44f155e79d4db456971f09926
4b3cf8c87337c3e89ab4d5098cb37f4394774441331a1e1e6a01425a955667c2
4c57e5c784568a0a25bc683090fa5b89fd39ec46a20173233d47bb3064f17033
7afeb5761e0c076473ff7058897f28b32b15fffd92f775a4be5fdb3ce8173a38
b0272715c4550dd9ee55ddef62f251a7fbcd16f2bdc1dd2652e155dd3f19e572
b1b687f153205bda7da893e63548ff10714477bf66a778872cd9d73337218105
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7047dcb138d4352986a15bfcd4f875566f8eb8ff9d8005cb424ae2c556fc9ff

aslb-co-nz.com Open in urlscan Pro 2606:4700:3035::ac43:b108 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

100 %HTTPS

33 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

31 kBTransfer

55 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

10 Console Messages

Indicators

aslb-co-nz.com Open in urlscan Pro
2606:4700:3035::ac43:b108 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

31 kB
Transfer

55 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!