classic7ageinput.nzakeizlandz.org
Open in
urlscan Pro
107.180.12.120
Malicious Activity!
Public Scan
Submission: On May 22 via automatic, source openphish
Summary
This is the only time classic7ageinput.nzakeizlandz.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 107.180.12.120 107.180.12.120 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
16 | 103.241.86.131 103.241.86.131 | 134433 (REDSHIELD...) (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED) | |
26 | 2 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-12-120.ip.secureserver.net
classic7ageinput.nzakeizlandz.org |
ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ)
www1.e-services.ird.govt.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
ird.govt.nz
www1.e-services.ird.govt.nz |
21 KB |
10 |
nzakeizlandz.org
classic7ageinput.nzakeizlandz.org |
53 KB |
26 | 2 |
Domain | Requested by | |
---|---|---|
16 | www1.e-services.ird.govt.nz |
classic7ageinput.nzakeizlandz.org
|
10 | classic7ageinput.nzakeizlandz.org |
classic7ageinput.nzakeizlandz.org
|
26 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
tools.nzpost.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
myir.ird.govt.nz DigiCert SHA2 Extended Validation Server CA |
2020-03-10 - 2021-05-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://classic7ageinput.nzakeizlandz.org/my3ir-secure-online-support.html?ird.govt.nz/managing-my-tax/get-a-refund
Frame ID: 981177EA76959C05EED65D5698DB4752
Requests: 26 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui.*\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Find your ZIP/POST code online.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
my3ir-secure-online-support.html
classic7ageinput.nzakeizlandz.org/ |
29 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v.js
classic7ageinput.nzakeizlandz.org/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.js
classic7ageinput.nzakeizlandz.org/details_files/ |
54 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-personalized-1.js
classic7ageinput.nzakeizlandz.org/details_files/ |
51 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
classic7ageinput.nzakeizlandz.org/details_files/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
add-event.js
classic7ageinput.nzakeizlandz.org/details_files/ |
240 B 523 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
urchin-jquery.js
classic7ageinput.nzakeizlandz.org/details_files/ |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ir-logo.gif
classic7ageinput.nzakeizlandz.org/details_files/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nz-govt-logo.gif
classic7ageinput.nzakeizlandz.org/details_files/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www1.e-services.ird.govt.nz/secure/css/ |
29 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-uao.css
www1.e-services.ird.govt.nz/secure/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.css
www1.e-services.ird.govt.nz/secure/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body.jpg
www1.e-services.ird.govt.nz/secure/css/imgs/ |
358 B 781 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bdr-breadcrumb.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
breadcrumb.jpg
www1.e-services.ird.govt.nz/secure/css/imgs/ |
311 B 698 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-print.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
516 B 938 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bdr-side.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
218 B 603 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page.jpg
www1.e-services.ird.govt.nz/secure/css/imgs/ |
288 B 675 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bdr-app-top.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content-bot-wide.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
193 B 578 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content-side-wide.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
138 B 559 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
content-top-wide.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
215 B 636 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
steps-on.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
209 B 623 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
steps-std.gif
www1.e-services.ird.govt.nz/secure/css/imgs/ |
162 B 540 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
__utm.gif
classic7ageinput.nzakeizlandz.org/secure/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.jpg
www1.e-services.ird.govt.nz/secure/css/imgs/ |
293 B 716 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)120 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| Validator function| set_addnl_vfunction function| clear_all_validations function| form_submit_handler function| add_validation function| ValidationDesc function| vdesc_validate function| ValidationSet function| add_validationdesc function| vset_validate function| validateEmailv2 function| mod10 function| V2validateData function| openWindow1 function| openWindow2 function| $ function| jQuery function| addEvent string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno undefined| _uff number| _udh object| _udt number| _ubl string| _udo number| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 function| urchinTracker function| _uGH function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uGCse function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinkerUrl function| __utmLinker function| __utmLinkPost function| __utmSetVar function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx function| _uGetMeta function| _uSendToDest function| _uTrackLink function| _uTrackDownload function| _uTrackMailTo function| _uGetBaseDomain function| _uIsExternal function| _uGetCookie function| _uSetCookie function| _uGetParam function| _uGetHashParam function| trim function| _uTrackBanner function| _uRecordGoal function| checkBanner function| setGoal function| setBannerGoal function| _uTrackLinks undefined| _uStrDestHref number| _uRDly number| _uAutoTrackLinks string| _urchinTrackingURLBase object| gaGlobal object| frmvalidator0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
classic7ageinput.nzakeizlandz.org
www1.e-services.ird.govt.nz
103.241.86.131
107.180.12.120
01ac28df85fad503cc18161a590292c9c66326a819470fe753a42fe2fdf9eb61
0af35139a090896261a2c73439ac0a2be8843669a1c7f5c184123768698039bc
0e57f5096f881c826bd21a3f18e34c3083d8a347dd693785864cee8665756be8
12ba6bf92a434d723a16ebf74768c55a2d93c0adb426df37febd6e01f52e965b
344ce7ae9a0179e949d1daf2b1811828294ec092ebdd622a7d8f2f379e801823
34be91230c600f1167aca5c9611395d0c59c15c1f2ca78599c29b942939e4122
37e77c6bfeba4e8ec2430742a32c0a3e4c5b2e90ce9c12d8ad8ff7055f4014fe
49afda4ef689877bb919ddee1618dd17d99552edc960cf36fcb9d72f966a1d11
56a69b0540adfc5faf31c604f04ac717ec62f14d0bd075225ef68a6a7613fd0c
69d9df57a22fc424a38b7ec3b689767a7fc52996d0251c3d2e3c567be461e6ad
6cb2aeb3cf6f8171a545b8c4da8353c82232a346d6dc3b0565bb930a209b4c6a
703aef2d302040066cc6d5a2927e087f6d74217ed6b22016af58d3a43da5094c
7c663d88926a2bb81ceffca7d7caed53903d960bd7e68787e66611b7f06c4b4d
7d18d2cd7fd85226c55bbc67f5d96bc6241b880fe2faced685412357b281e225
7e82e062f661cf4d4a9471ffb1410eafdda1be0cd2846490801fcaa1c96e8b64
8a408574c0459e6d8c31f6ab5cac3937b2a59870dd00136d4bff1a22e6ef9f0b
afcf847ea56ef79d875bf74a06c9bf279203d662c3efe8419829e67b79649c76
c18662d17741d76fca5df6ba3c9bd4110e1f1d1600dd6bf2eb8b69923bb7ffd4
d07cc24ae850fd46a344d25c5ae1d2b8ac8bb8620c62be08aeafad3d2d27ba29
d3eaf561908cc0bf344a532713f8f2d7f4e22e0a42320aa59dcb77068c22e843
d5a550111d50bd643cc5d8c4abf8532e1e4002ec56af07b36b9d9d9f49a27cc5
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d5b988110faf17ee2d63a39a136b2bd06cd47f49927ab84436e4c8fbc3fcd933
e3ccfeed53a868998a5f0e4856c3567f732b81a8a53d7b7c0ad669f7d06c216a
fb36c7233de84b752ee2ea6d1aa8f8376f172810feb19039b9156e770c9a65ef