r-tech.com.my
Open in
urlscan Pro
101.99.69.112
Malicious Activity!
Public Scan
URL:
https://r-tech.com.my/wp-includes/js/thickbox/bnz/
Submission: On April 07 via api from NZ
Submission: On April 07 via api from NZ
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 26 HTTP transactions.
The main IP is 101.99.69.112, located in
Shah Alam, Malaysia and
belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY.
The main domain is r-tech.com.my.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 26th 2021. Valid for: 3 months.
This is the only time r-tech.com.my was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 26th 2021. Valid for: 3 months.
This is the only time r-tech.com.my was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNZ Bank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 21 | 101.99.69.112 101.99.69.112 | 45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd) | |
| 26 | 2 |
21
101.99.69.112
(Shah Alam, Malaysia)
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: silktail.ip-asia.com
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: silktail.ip-asia.com
| r-tech.com.my |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
r-tech.com.my
r-tech.com.my |
220 KB |
| 0 |
bnz.co.nz
Failed
collection.bnz.co.nz Failed |
|
| 26 | 2 |
| Domain | Requested by | |
|---|---|---|
| 21 | r-tech.com.my |
r-tech.com.my
|
| 0 | collection.bnz.co.nz Failed |
r-tech.com.my
|
| 26 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.bnz.co.nz |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| r-tech.com.my cPanel, Inc. Certification Authority |
2021-03-26 - 2021-06-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://r-tech.com.my/wp-includes/js/thickbox/bnz/
Frame ID: 274533268AEBBE69B5279728AA4A5CB7
Requests: 26 HTTP requests in this frame
Screenshot
Detected technologies
LiteSpeed
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^LiteSpeed$/i
Prototype
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.bnz.co.nz/goto/ib/termsAndConditions
Title: Terms & Conditions
Title: Terms & Conditions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 17- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1
- https://collection.bnz.co.nz/9228/handler8/session.js?se=_16177636993840.7379992589917765_9228&sj=bnzcsa&aP=_16177636993840.7379992589917765_&bd=true&si=false&aM=_16177636993840.7379992589917765_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20registration&az=usy46gabsosd%3Dbnzcsa_16177636993840.7379992589917765_9228&au=https%3A%2F%2Fr-tech.com.my%2Fwp-includes%2Fjs%2Fthickbox%2Fbnz%2F HTTP 302
- https://collection.bnz.co.nz/9228/handler8/session.js?se=_16177636993840.7379992589917765_9228&sj=bnzcsa&aP=_16177636993840.7379992589917765_&bd=true&si=false&aM=_16177636993840.7379992589917765_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20registration&az=usy46gabsosd%3Dbnzcsa_16177636993840.7379992589917765_9228&au=https%3A%2F%2Fr-tech.com.my%2Fwp-includes%2Fjs%2Fthickbox%2Fbnz%2F HTTP 302
- https://collection.bnz.co.nz/9228/handler8/session.js?se=_16177636993840.7379992589917765_9228&sj=bnzcsa&aP=_16177636993840.7379992589917765_&bd=true&si=false&aM=_16177636993840.7379992589917765_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20registration&az=usy46gabsosd%3Dbnzcsa_16177636993840.7379992589917765_9228&au=https%3A%2F%2Fr-tech.com.my%2Fwp-includes%2Fjs%2Fthickbox%2Fbnz%2F HTTP 302
- https://collection.bnz.co.nz/9228/handler8/session.js?se=_16177636993840.7379992589917765_9228&sj=bnzcsa&aP=_16177636993840.7379992589917765_&bd=true&si=false&aM=_16177636993840.7379992589917765_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20registration&az=usy46gabsosd%3Dbnzcsa_16177636993840.7379992589917765_9228&au=https%3A%2F%2Fr-tech.com.my%2Fwp-includes%2Fjs%2Fthickbox%2Fbnz%2F HTTP 302
- https://collection.bnz.co.nz/9228/handler8/session.js?se=_16177636993840.7379992589917765_9228&sj=bnzcsa&aP=_16177636993840.7379992589917765_&bd=true&si=false&aM=_16177636993840.7379992589917765_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20registration&az=usy46gabsosd%3Dbnzcsa_16177636993840.7379992589917765_9228&au=https%3A%2F%2Fr-tech.com.my%2Fwp-includes%2Fjs%2Fthickbox%2Fbnz%2F
- https://collection.bnz.co.nz/JavascriptInsert.js HTTP 302
- https://collection.bnz.co.nz/JavascriptInsert.js
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1 HTTP 302
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1
26 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
r-tech.com.my/wp-includes/js/thickbox/bnz/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles-ib.css
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
82 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.css
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
21 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-1.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
100 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prototype-1.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
91 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
former-inline-scripts.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
426 B 189 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
session.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JavascriptInsert.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
85 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-bnz-logo.png
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tube_step1.png
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bnz-requestprocessing-icon-trans.gif
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bnz.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
3 KB 936 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui-1.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
196 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bnz_002.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bnzib.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bnzformat.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
6 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bnzutils.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
SpeedTrapInsert.js
r-tech.com.my/wp-includes/js/thickbox/bnz/profil_files/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jsEvent.js
collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serranoweb-bold-webfont.woff
r-tech.com.my/wp-includes/js/thickbox/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
session.js
collection.bnz.co.nz/9228/handler8/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
JavascriptInsert.js
collection.bnz.co.nz/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
helpimage_access_id_placement_on_card.png
r-tech.com.my/registration/ib/resources/images/ |
17 KB 17 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jsEvent.js
collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serranoweb-bold-webfont.ttf
r-tech.com.my/wp-includes/js/thickbox/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jsEvent.js
collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- collection.bnz.co.nz
- URL
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186%21a=Z14%2121aE7%21+388+2D=5977234=8a28=1a19+3+a496+a19133=6=1a634=a56+3+a+a-6+36=6x=aaV0+8-8y=U=+zesi=+a=0rep=86%21981+a993418%21+a=227%2121aE73338T14D=597+a7526+84=6aXP=I+a9Y=at4+NxtRenUTteT=+aredCr=stgiByeq3rmaCaitFordgrDs+sAloutFiegrBtit=RaiisidFarereyCtCdFostDmqorla3A=+alsiurtsgic=6m=+faale+75Nq22Fa4+29=qaq22F22FFqFqq2rstCrFFqgiReeCarmFByitedrdF2FFqoFqq2q22rBterFRq2isegFarmqeyCtCdidstDiuorla3AFo2+a20rtsgiFqqFlq2iq2I=2FFqtteFqnogon-cngirgmq2lo2Fn-vogFla-dinq2iegFRt-binq2oxireareisyCrBdmqFqqtCordF2Fj1qd32q22F_iFByereRe2Fstgiordq3dCrCaitFtFigrrmasAlouFap0+Dsqitq22e+ng=ex=thatc8a2+a1a19+34=4963419133=+a1a66+=a56+36=+a-8-36=6x=+aV0++a8y=U=+aa=0=1
- Domain
- collection.bnz.co.nz
- URL
- https://collection.bnz.co.nz/9228/handler8/session.js?se=_16177636993840.7379992589917765_9228&sj=bnzcsa&aP=_16177636993840.7379992589917765_&bd=true&si=false&aM=_16177636993840.7379992589917765_&aO=-1&wa=7.1%3A3193&vb=1&cf=Internet%20Banking%20registration&az=usy46gabsosd%3Dbnzcsa_16177636993840.7379992589917765_9228&au=https%3A%2F%2Fr-tech.com.my%2Fwp-includes%2Fjs%2Fthickbox%2Fbnz%2F
- Domain
- collection.bnz.co.nz
- URL
- https://collection.bnz.co.nz/JavascriptInsert.js
- Domain
- collection.bnz.co.nz
- URL
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1
- Domain
- collection.bnz.co.nz
- URL
- https://collection.bnz.co.nz/6011/1822982495/XBW09WEA78JG/jsEvent.js?z=0_0_91daca3467d541bc8561153d03184180&y=982279934186!a=L16!21aE2!+368+5D=761799u=lap6=tbue+rt+en=ddoaumocO0+1+0axy=+aa16367=-=_aQ170993763899.745_76o589217990=1aq=+aaA0+6+a0010+=071C=++a=02d=+aag012k=+16j=+a000aab=a000+S==+a001+a0012Z=-.cch6g=+cter0q=12.momcpy+q011472FF2q268q+a520A4q33A169634_1W=776997988493730.+65=19257791_+clsfcc9337j=aa=e+1
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNZ Bank (Banking)211 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ undefined| Sizzle function| Selector function| $j function| onLoadHandler number| bnzcsawid number| bnzcsasn number| bnzcsacfg number| bnzcsaln string| bnzcsagetInputs string| bnzcsajsRules string| bnzcsacontentRules string| bnzcsaregExRules string| bnzcsafbRules string| bnzcsagpRules string| bnzcsatwRules string| bnzcsasvId string| bnzcsaexceptionRules string| bnzcsadbId boolean| bnzcsalookups string| bnzcsacontentKey number| bnzcsaidl boolean| bnzcsadoCapture string| bnzcsacompat function| bnzcsaset function| bnzcsabnzcsakeyset function| bnzcsabnzcsaDBIDset function| bnzcsauvt boolean| bnzcsaqNI function| bnzcsaiBd function| bnzcsaBd boolean| bnzcsaoTP object| bnzcsaoWA number| bnzcsawI boolean| bnzcsasWO number| bnzcsalstActv boolean| bnzcsanavSent object| BNZ function| DP_jQuery_1617763699242 function| isValidCharacters function| isValidTextBoxCharacters function| isDiscretionaryData function| isBlank function| isAlphaNumeric function| isAlphabetic function| isNumeric function| isPositiveOrNegativeNumeric function| isWholeNumber function| isName function| isNameWithNumbers function| isSpecialChars function| isClientSpecialChars function| isStreetNumber function| isValidAccessNumber function| isValidIRDNumber function| isValidUserID function| isValidPassword function| isValidPin function| isValidCIFAccountNumber function| isValidAccountNumber function| isValidOtherAccountNumber function| isValidAcctNumber function| isEmail function| isPhoneNumber function| isTokenSerialNumber function| addDays function| dayDiff function| isValidDate function| isDate function| check_date function| check_valid_date function| validate_date function| leftOver function| leftOut function| invalidMask function| changeFocus function| numCount string| browserName function| setupValidation undefined| timeseconds undefined| timediff function| SetTimer function| show_time function| hideButtons function| autoTab function| autoTabWithMaxlength function| parseAccountNumber function| setFocus function| submitForm function| confirmAction function| confirmCancel function| openHelp function| clickOnEnter function| setupClickOnEnter function| setScrollToValue function| windowScrollTo function| getFieldValue function| setFieldValue undefined| errors undefined| errIndex function| addError function| clearError function| displayCSErrorTable function| insertAfter function| clearErrors function| clearInfos object| validation function| setupJS function| addValidation function| verifyFields function| clearPasswordFields function| isRadioSelected function| findParentForm undefined| waitDialog boolean| waiting function| setupDialog function| closeDialog function| hideWaiting boolean| submitAllowed boolean| bnzcsaGL function| bnzcsaSL boolean| bnzcsaPrerendering function| bnzcsahandleVisibilityChange string| bnzcsacompatVersion boolean| bnzcsaLF string| bnzcsaTCP string| bnzcsaSSL function| bnzcsagPr function| bnzcsagK object| bnzcsaRTEHandler function| bnzcsagC function| bnzcsaGD function| bnzcsaSC function| bnzcsaae function| bnzcsaclient_event function| bnzcsaGP function| bnzcsaGPWID function| bnzcsaLC string| bnzcsaTWID function| bnzcsaoptOut function| bnzcsaoptIn function| bnzcsaresetCSA function| bnzcsadoReInit function| bnzcsatmoPoll boolean| bnzcsajsInsertAlreadyLoaded function| bnzcsagetSD string| bnzcsawindowID number| bnzcsaTm object| bnzcsasImgArr function| bnzcsacOP object| bnzcsaiAy function| bnzcsapollForReset function| bnzcsadoResetCSA function| bnzcsastopEvents function| bnzcsadCB function| bnzcsagetConfig function| bnzcsaqueueUserEvent function| bnzcsaflashEvent function| bnzcsamediaEvent function| bnzcsaflushEvents function| bnzcsavariableStateChange function| bnzcsatwitterAnywhereTweet function| bnzcsagplusAuthResponse function| bnzcsaplusOne function| bnzcsalinkedInShare function| bnzcsaevent function| bnzcsaclick function| bnzcsatextchange function| bnzcsaformsubmit function| bnzcsacaptureEvent function| bnzcsagHW function| bnzcsadeleteSessionCookie boolean| bnzcsacfgAlreadyDirectedHandlerUse object| bnzcsasACW number| pp object| inputs object| forms object| defaultButtons0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
collection.bnz.co.nz
r-tech.com.my
collection.bnz.co.nz
101.99.69.112
0495e908a2dc4eff8920ab2f2ce15f4b592be3ffd1b9ffdff61203bc25dd19a3
259d8cf094679ecaa4e1b0c6168f25658c47736b15643f95cab7a7e2ddc76337
2efb4b3d6c4a82dfb97c8867e4d95fb48e14d141378e6f5ec735218a77c7553d
40d8cb7ddce923b066ea2bdb5d7c5e24ecd3ce6773bd5550fc27255a4fc97903
43a39f90b3790e06d7559e53c1ef3604d71674845a0609e4e8bf7c8d781a9620
43de6c55ba7bf582311924ef5dc0fb060c6574b91a9da4cff842ec95b549dbf7
67adb58783361659a65bf6f616354de4d7920cf16e20799213799cf541f7684f
715945c571a395a5aae690b1ef65ca8f064d9ef59fc630297dc13510eba89981
74cf48886450e4d5ef141ed52a9e48db455b489160aff23703299a18f918251c
75fa24323fe47e4cfef0d6ac89da8d7bdf76a8a2bd4382237b7cc62dc6d8afb6
803909275be387a4cf98a801e6b287f5bfb3ce6ac374c6100af01a952b8e2bbe
8f6fa5dd86bf9010bdeed931fe2556b9610e7b000f147109dce1d8001264f31b
ad4815d62220a1f67ebd78f4b30e3806234eeb19ebb14118d53203b189766d92
bf8122199504c6e3a8c5fa4257e26834c66c4da6de8217c5a5f1656e741d7cb5
c9311272dc08ff57a9dad1c58ed1d6bb88d84fb856746975f5ff3809ddbffb74
caaea966adbec9a8ad37db70fb0491e12ad46c2e04a0c3ed946ddbde20bcd13e
ddfb043b109454dda7c0ad670040246c995541a1990025b304263c584f2b1f80
e37dc7dce00cb4197b18050a86c1a84713bf211a85c3acba13b144072b685d55
f8878f7bb56a858259a10e8de31715243a732dbaf553e33497bd4424952a7ab7