urlscan.io logo urlscan.io
SecurityTrails logo

www.alefmediagroup.com Open in urlscan Pro
109.234.164.111  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Submission: On April 16 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 109.234.164.111, located in France and belongs to O2SWITCH, FR. The main domain is www.alefmediagroup.com.
This is the only time www.alefmediagroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNZ Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
11 109.234.164.111 50474 (O2SWITCH)
15 2
Apex Domain
Subdomains		 Transfer
11 alefmediagroup.com
www.alefmediagroup.com
91 KB
0 bnz.co.nz Failed
www.bnz.co.nz Failed
collection.bnz.co.nz Failed
15 2
Domain Requested by
11 www.alefmediagroup.com www.alefmediagroup.com
0 collection.bnz.co.nz Failed www.alefmediagroup.com
0 www.bnz.co.nz Failed www.alefmediagroup.com
15 3

This site contains links to these domains. Also see Links.

Domain
www.bnz.co.nz
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Frame ID: D6273841A96934DA3D6A00CF3005B8C7
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i

Page Statistics

15
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

91 kB
Transfer

367 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode HTTP 302
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode
Request Chain 12
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
  • https://collection.bnz.co.nz/JavascriptInsert.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login.html
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
e846410eda9c245835bdaaf2e313e9943d7901fdbbfc74e3c1fa81bcaa294344

Request headers

Host
www.alefmediagroup.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
o2switch PowerBoost
Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Content-Encoding
gzip
styles-i.css
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		84 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/styles-i.css
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
bcae35700d5edd093e95681279bdfcd760735559420ebfe0a0a6cf07e1047039

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
jquery-u.css
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/jquery-u.css
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
b4f6d29af26fd4756bc4e300063342388f7939a3b1f9f4fede821bf15e4c48de

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
icon-bnz.png
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/icon-bnz.png
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
76a9e3cdb54548fa5b9604601df7ec2b0d258aacb6706fa964f65bceb21391f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2377
Content-Type
image/png
bnz00000.js
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/bnz00000.js
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
715945c571a395a5aae690b1ef65ca8f064d9ef59fc630297dc13510eba89981

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jquery-u.js
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		196 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/jquery-u.js
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
f8878f7bb56a858259a10e8de31715243a732dbaf553e33497bd4424952a7ab7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
bnz00001.js
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/bnz00001.js
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
0495e908a2dc4eff8920ab2f2ce15f4b592be3ffd1b9ffdff61203bc25dd19a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
bnzib000.js
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/bnzib000.js
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
bf8122199504c6e3a8c5fa4257e26834c66c4da6de8217c5a5f1656e741d7cb5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
bnzforma.js
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/bnzforma.js
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
ad4815d62220a1f67ebd78f4b30e3806234eeb19ebb14118d53203b189766d92

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
bnzutils.js
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/bnzutils.js
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
43de6c55ba7bf582311924ef5dc0fb060c6574b91a9da4cff842ec95b549dbf7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
SpeedTra.js
www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/img/SpeedTra.js
Requested by
Host: www.alefmediagroup.com
URL: http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Protocol
HTTP/1.1
Server
109.234.164.111 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-164-111.reverse.odns.fr
Software
o2switch PowerBoost /
Resource Hash
ddfb043b109454dda7c0ad670040246c995541a1990025b304263c584f2b1f80

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.alefmediagroup.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.alefmediagroup.com/test/ib/7622f5a14a4471e40864b89ae70a9b4f/Login.html?client_id=tb5SFf3cRxEyspDN&response_type=code
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Apr 2019 05:03:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Apr 2019 03:50:43 GMT
Server
o2switch PowerBoost
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
serranoweb-bold-webfont.woff
www.bnz.co.nz/registration/ib/resources/fonts/ 		0
0
session.js
collection.bnz.co.nz/3477/handler8/
Redirect Chain
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
  • https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875...
0
0
JavascriptInsert.js
collection.bnz.co.nz/
Redirect Chain
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
  • https://collection.bnz.co.nz/JavascriptInsert.js
0
0
serranoweb-bold-webfont.ttf
www.bnz.co.nz/registration/ib/resources/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bnz.co.nz
URL
https://www.bnz.co.nz/registration/ib/resources/fonts/serranoweb-bold-webfont.woff
Domain
collection.bnz.co.nz
URL
https://collection.bnz.co.nz/3477/handler8/session.js?se=_15553910043570.15543316975071875_3477&sj=bnzcsa&aP=_15553910043570.15543316975071875_&bd=true&si=false&aM=_15553910043570.15543316975071875_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20Login&az=usy46gabsosd%3Dbnzcsa_15553910043570.15543316975071875_3477&au=http%3A%2F%2Fwww.alefmediagroup.com%2Ftest%2Fib%2F7622f5a14a4471e40864b89ae70a9b4f%2FLogin.html%3Fclient_id%3Dtb5SFf3cRxEyspDN%26response_type%3Dcode
Domain
collection.bnz.co.nz
URL
https://collection.bnz.co.nz/JavascriptInsert.js
Domain
www.bnz.co.nz
URL
https://www.bnz.co.nz/registration/ib/resources/fonts/serranoweb-bold-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNZ Bank (Banking)

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| isValidCharacters function| isValidTextBoxCharacters function| isDiscretionaryData function| isBlank function| isAlphaNumeric function| isAlphabetic function| isNumeric function| isPositiveOrNegativeNumeric function| isWholeNumber function| isName function| isNameWithNumbers function| isSpecialChars function| isClientSpecialChars function| isStreetNumber function| isValidAccessNumber function| isValidIRDNumber function| isValidUserID function| isValidPassword function| isValidPin function| isValidCIFAccountNumber function| isValidAccountNumber function| isValidOtherAccountNumber function| isValidAcctNumber function| isEmail function| isPhoneNumber function| isTokenSerialNumber function| addDays function| dayDiff function| isValidDate function| isDate function| check_date function| check_valid_date function| validate_date function| leftOver function| leftOut function| invalidMask function| changeFocus function| numCount string| browserName function| setupValidation undefined| timeseconds undefined| timediff function| SetTimer function| show_time function| hideButtons function| autoTab function| autoTabWithMaxlength function| parseAccountNumber function| setFocus function| submitForm function| confirmAction function| confirmCancel function| openHelp function| clickOnEnter function| setupClickOnEnter function| setScrollToValue function| windowScrollTo function| getFieldValue function| setFieldValue undefined| errors undefined| errIndex function| addError function| clearError function| displayCSErrorTable function| insertAfter function| clearErrors function| clearInfos object| validation function| setupJS function| addValidation function| verifyFields function| clearPasswordFields function| isRadioSelected function| findParentForm undefined| waitDialog boolean| waiting function| setupDialog function| closeDialog function| hideWaiting boolean| submitAllowed boolean| bnzcsaGL function| bnzcsaSL boolean| bnzcsaPrerendering function| bnzcsahandleVisibilityChange string| bnzcsacompatVersion boolean| bnzcsaLF string| bnzcsaTCP string| bnzcsaSSL function| bnzcsagPr function| bnzcsagK object| bnzcsaRTEHandler function| bnzcsagC function| bnzcsaGD function| bnzcsaSC function| bnzcsaae function| bnzcsaclient_event function| bnzcsaGP function| bnzcsaGPWID function| bnzcsaLC string| bnzcsaTWID function| bnzcsaoptOut function| bnzcsaoptIn function| bnzcsaresetCSA function| bnzcsadoReInit function| bnzcsatmoPoll boolean| bnzcsajsInsertAlreadyLoaded function| bnzcsagetSD string| bnzcsawindowID number| bnzcsaTm object| bnzcsasImgArr boolean| doubleSubmitLock

0 Cookies