vocesac.com
Open in
urlscan Pro
84.46.245.6
Malicious Activity!
Public Scan
Effective URL: https://vocesac.com/nz/en/personal.php
Submission: On December 05 via manual from AU — Scanned from NZ
Summary
TLS certificate: Issued by R3 on November 25th 2023. Valid for: 3 months.
This is the only time vocesac.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 84.46.245.6 84.46.245.6 | 51167 (CONTABO) (CONTABO) | |
3 | 60.254.143.98 60.254.143.98 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a04:4e42:400... 2a04:4e42:400::649 | 54113 (FASTLY) (FASTLY) | |
10 | 3 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a60-254-143-98.deploy.static.akamaitechnologies.com
www.bnz.co.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
vocesac.com
vocesac.com |
23 KB |
3 |
bnz.co.nz
www.bnz.co.nz |
41 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 735 |
82 KB |
10 | 3 |
Domain | Requested by | |
---|---|---|
6 | vocesac.com |
vocesac.com
|
3 | www.bnz.co.nz |
vocesac.com
www.bnz.co.nz |
1 | code.jquery.com |
vocesac.com
|
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.bnz.co.nz |
wealthnet.bnz.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
vocesac.com R3 |
2023-11-25 - 2024-02-23 |
3 months | crt.sh |
bnz.co.nz Entrust Certification Authority - L1K |
2023-10-05 - 2024-10-05 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://vocesac.com/nz/en/personal.php
Frame ID: 77D13557681C1A6D30A9577FBFA0DD7D
Requests: 10 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: Current PagePersonal Banking
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: WealthNet
Search URL Search Domain Scan URL
Title: Forgot your password?
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
personal.php
vocesac.com/nz/en/ |
67 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serrano.css
www.bnz.co.nz/serrano/ |
2 KB 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.1.js
code.jquery.com/ |
279 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
vocesac.com/nz/en/js/ |
33 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
client.js
vocesac.com/nz/en/js/ |
3 KB 475 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SerranoWeb-Bold.woff2
www.bnz.co.nz/serrano/fonts/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SerranoWeb-Regular.woff2
www.bnz.co.nz/serrano/fonts/ |
19 KB 19 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
server.php
vocesac.com/nz/en/ |
0 28 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
server.php
vocesac.com/nz/en/ |
0 278 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
server.php
vocesac.com/nz/en/ |
0 35 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNZ Bank (Banking)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| $ function| jQuery function| axios1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
vocesac.com/ | Name: PHPSESSID Value: c9lsqnq0i40vq8togfku9q2efc |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
vocesac.com
www.bnz.co.nz
2a04:4e42:400::649
60.254.143.98
84.46.245.6
00597164b7643a1a0040f59fe7167231ba550754b16f0c7df456d7490698ba11
4b17b48bd715edc42998a28d553c72c7977059d255f489c2ba3e5082c88d6e63
550f26d03776c62d33e90b8028c6b4e2e7d1301c6ff769cff94592a93df71c68
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe
87f07f0c0b6ca2b709ca94cbb6d00ab0f5c126daa4ff227501d996470a6793a5
9e63cdc77de3df5b0b0685849e03d263716a22ccf56e4ed74807504dc227221c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8260d7d44cfb1f8029f9a65067d76476106c2dbf95aab7673a51198ca6b9659