deskbnzhelp.com Open in urlscan Pro
199.188.200.4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://deskbnzhelp.com/
Effective URL:
https://deskbnzhelp.com/pages
Submission: On May 20 via manual (May 20th 2022, 1:37:41 am UTC) from NZ — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 199.188.200.4, located in United States and belongs to NAMECHEAP-NET, US. The main domain is deskbnzhelp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2022. Valid for: a year.

This is the only time deskbnzhelp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BNZ Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 11	199.188.200.4 199.188.200.4	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	104.104.52.19 104.104.52.19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2

11 199.188.200.4 (United States) 2 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server236-2.web-hosting.com

deskbnzhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.104.52.19 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-19.deploy.static.akamaitechnologies.com

secure.bnz.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	deskbnzhelp.com 2 redirects deskbnzhelp.com	89 KB
3	bnz.co.nz secure.bnz.co.nz	94 KB
12	2

	Domain	Requested by
11	deskbnzhelp.com	2 redirects deskbnzhelp.com
3	secure.bnz.co.nz	deskbnzhelp.com
12	2

This site contains no links.

Subject Issuer	Validity	Valid
deskbnzhelp.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-20` - `2023-05-20`	a year	crt.sh
bnz.co.nz Entrust Certification Authority - L1K	`2021-11-07` - `2022-11-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://deskbnzhelp.com/pages
Frame ID: F19BB10B6040F7DE38F53F5CC8AF0627
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BNZ LoginBNZ Logoinformationlocked

Page URL History Show full URLs

http://deskbnzhelp.com/ HTTP 301
https://deskbnzhelp.com/ HTTP 302
https://deskbnzhelp.com/pages Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

183 kB
Transfer

226 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://deskbnzhelp.com/ HTTP 301
https://deskbnzhelp.com/ HTTP 302
https://deskbnzhelp.com/pages Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pages Show response
deskbnzhelp.com/
Redirect Chain

http://deskbnzhelp.com/
https://deskbnzhelp.com/
https://deskbnzhelp.com/pages

69 KB
10 KB

264ms
263ms

Document
text/html

199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/pages
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 15972279e93531e3d78098ca9ca9c4c74bb95288ace772b5736f8ccd3975c224

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 10238
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 01:37:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 May 2022 01:37:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://deskbnzhelp.com/pages
pragma: no-cache
server: LiteSpeed
x-powered-by: PHP/7.2.34
x-turbo-charged-by: LiteSpeed

GET
H2 200 serrano.css
deskbnzhelp.com/front_end/front_end_files/ 2 KB
654 B 251ms
250ms Stylesheet
text/css 199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/front_end/front_end_files/serrano.css
Requested by: Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: cd871d94fa300061d3a71bde96be28e0ccddc260315f81af7b0f9dd2cedebe7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:37:36 GMT
content-encoding: br
last-modified: Thu, 19 May 2022 00:33:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 434
expires: Fri, 27 May 2022 01:37:36 GMT

GET
H2 200 jquery.js Show response
deskbnzhelp.com/js/cntdjs/ 87 KB
30 KB 508ms
507ms Script
application/javascript 199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/js/cntdjs/jquery.js
Requested by: Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:37:36 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 21:34:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30267
expires: Fri, 27 May 2022 01:37:36 GMT

GET
H2 200 jquery.mask.js Show response
deskbnzhelp.com/js/cntdjs/ 23 KB
6 KB 758ms
757ms Script
application/javascript 199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/js/cntdjs/jquery.mask.js
Requested by: Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:37:36 GMT
content-encoding: br
last-modified: Thu, 31 Mar 2022 21:34:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 5583
expires: Fri, 27 May 2022 01:37:36 GMT

GET
H2 200 cntd.js Show response
deskbnzhelp.com/js/cntdjs/ 3 KB
1 KB 760ms
759ms Script
application/javascript 199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/js/cntdjs/cntd.js
Requested by: Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:37:36 GMT
content-encoding: br
last-modified: Wed, 11 May 2022 21:34:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 889
expires: Fri, 27 May 2022 01:37:36 GMT

GET
H2 200 loading.js Show response
deskbnzhelp.com/js/shared/ 2 KB
874 B 761ms
760ms Script
application/javascript 199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/js/shared/loading.js
Requested by: Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:37:36 GMT
content-encoding: br
last-modified: Wed, 11 May 2022 22:15:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 640
expires: Fri, 27 May 2022 01:37:36 GMT

GET
H2 200 online_status.js Show response
deskbnzhelp.com/js/shared/ 998 B
617 B 762ms
762ms Script
application/javascript 199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/js/shared/online_status.js
Requested by: Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:37:36 GMT
content-encoding: br
last-modified: Mon, 09 May 2022 22:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 383
expires: Fri, 27 May 2022 01:37:36 GMT

GET
H2 200 3.6ca2a99c.chunk.js
secure.bnz.co.nz/auth/static/js/ 0
90 KB 431ms
361ms Other
application/javascript 104.104.52.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.bnz.co.nz/auth/static/js/3.6ca2a99c.chunk.js

Requested by

Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.104.52.19 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-104-52-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz; child-src 'self' https://www.bnz.co.nz https://m.bnz.co.nz; object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://www.bnz.co.nz https://www.bnz.co.nz;img-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://www.bnz.co.nz;font-src 'self' https://www.bnz.co.nz https://www.bnz.co.nz;connect-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://api.bnz.co.nz https://*.launchdarkly.com ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self';manifest-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz; child-src 'self' https://www.bnz.co.nz https://m.bnz.co.nz; object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://www.bnz.co.nz https://www.bnz.co.nz;img-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://www.bnz.co.nz;font-src 'self' https://www.bnz.co.nz https://www.bnz.co.nz;connect-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://api.bnz.co.nz https://*.launchdarkly.com ;
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: , 0.0f346868.1653010657.24c70da
server-timing: dtRpid;desc="-1050921335"
bnz-logon-request: 1
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Nov 2021 13:33:46 GMT
x-frame-options: SAMEORIGIN
date: Fri, 20 May 2022 01:37:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/javascript
cache-control: max-age=56697
etag: "61a6283a-4faf7"
accept-ranges: bytes
expires: Fri, 20 May 2022 17:22:34 GMT

GET
H2 200 4.bb624667.chunk.js
secure.bnz.co.nz/auth/static/js/ 0
1 KB 422ms
352ms Other
application/javascript 104.104.52.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.bnz.co.nz/auth/static/js/4.bb624667.chunk.js

Requested by

Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.104.52.19 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-104-52-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz; child-src 'self' https://www.bnz.co.nz https://m.bnz.co.nz; object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://www.bnz.co.nz https://www.bnz.co.nz;img-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://www.bnz.co.nz;font-src 'self' https://www.bnz.co.nz https://www.bnz.co.nz;connect-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://api.bnz.co.nz https://*.launchdarkly.com ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self';manifest-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz; child-src 'self' https://www.bnz.co.nz https://m.bnz.co.nz; object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://www.bnz.co.nz https://www.bnz.co.nz;img-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://www.bnz.co.nz;font-src 'self' https://www.bnz.co.nz https://www.bnz.co.nz;connect-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://api.bnz.co.nz https://*.launchdarkly.com ;
x-content-type-options: nosniff
akamai-grn: , , , , , 0.0f346868.1653010657.24c70db
server-timing: dtRpid;desc="-2065513564"
content-length: 281
x-xss-protection: 1; mode=block
bnz-logon-request: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Nov 2021 13:33:46 GMT
x-frame-options: SAMEORIGIN
date: Fri, 20 May 2022 01:37:37 GMT
strict-transport-security: max-age=15768000
content-type: application/javascript
cache-control: max-age=15478
etag: "61a6283a-119"
accept-ranges: bytes
expires: Fri, 20 May 2022 05:55:35 GMT

GET
H2 200 5.c5c9bca4.chunk.js
secure.bnz.co.nz/auth/static/js/ 0
3 KB 418ms
354ms Other
application/javascript 104.104.52.19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.bnz.co.nz/auth/static/js/5.c5c9bca4.chunk.js

Requested by

Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/pages

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.104.52.19 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-104-52-19.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';manifest-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz; child-src 'self' https://www.bnz.co.nz https://m.bnz.co.nz; object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://www.bnz.co.nz https://www.bnz.co.nz;img-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://www.bnz.co.nz;font-src 'self' https://www.bnz.co.nz https://www.bnz.co.nz;connect-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://api.bnz.co.nz https://*.launchdarkly.com ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deskbnzhelp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src 'self';manifest-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz; child-src 'self' https://www.bnz.co.nz https://m.bnz.co.nz; object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline';style-src 'self' 'unsafe-inline' https://www.bnz.co.nz https://www.bnz.co.nz;img-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://www.bnz.co.nz;font-src 'self' https://www.bnz.co.nz https://www.bnz.co.nz;connect-src 'self' https://www.bnz.co.nz https://verify.bnz.co.nz https://m.bnz.co.nz https://api.bnz.co.nz https://*.launchdarkly.com ;
content-encoding: gzip
x-content-type-options: nosniff
akamai-grn: , , , 0.0f346868.1653010657.24c70dd
server-timing: dtRpid;desc="1759677238"
content-length: 1913
x-xss-protection: 1; mode=block
bnz-logon-request: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 Nov 2021 13:33:46 GMT
x-frame-options: SAMEORIGIN
date: Fri, 20 May 2022 01:37:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15768000
content-type: application/javascript
cache-control: max-age=47118
etag: "61a6283a-11e0"
accept-ranges: bytes
expires: Fri, 20 May 2022 14:42:55 GMT

GET
H2 200 SerranoWeb-Bold.woff2
deskbnzhelp.com/front_end/front_end_files/ 21 KB
21 KB 231ms
231ms Font
font/woff2 199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/front_end/front_end_files/SerranoWeb-Bold.woff2?v=1c25c2c065
Requested by: Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/front_end/front_end_files/serrano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 00597164b7643a1a0040f59fe7167231ba550754b16f0c7df456d7490698ba11

Request headers

Referer: https://deskbnzhelp.com/front_end/front_end_files/serrano.css
Origin: https://deskbnzhelp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:37:37 GMT
last-modified: Thu, 19 May 2022 00:32:33 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 21044
expires: Fri, 27 May 2022 01:37:37 GMT

GET
H2 200 SerranoWeb-Regular.woff2
deskbnzhelp.com/front_end/front_end_files/ 19 KB
19 KB 453ms
453ms Font
font/woff2 199.188.200.4
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://deskbnzhelp.com/front_end/front_end_files/SerranoWeb-Regular.woff2?v=5b6826770c
Requested by: Host: deskbnzhelp.com
URL: https://deskbnzhelp.com/front_end/front_end_files/serrano.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.4 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server236-2.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9e63cdc77de3df5b0b0685849e03d263716a22ccf56e4ed74807504dc227221c

Request headers

Referer: https://deskbnzhelp.com/front_end/front_end_files/serrano.css
Origin: https://deskbnzhelp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Fri, 20 May 2022 01:37:37 GMT
last-modified: Thu, 19 May 2022 00:32:34 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 19244
expires: Fri, 27 May 2022 01:37:37 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BNZ Bank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			deskbnzhelp.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 03e610e6e46e50a7432f9a23e86557e7
			secure.bnz.co.nz/	1969-12-31 23:59:59	Name: akaalb_securebnz Value: ~op=5001_1:5001_1_secure\|~rv=33~m=5001_1_secure:0\|~os=e64e92e1a60532fb866e4d51fb0b4f28~id=6419be103d8c8955ad81d6944e1a4dd0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

deskbnzhelp.com
secure.bnz.co.nz
104.104.52.19
199.188.200.4
00597164b7643a1a0040f59fe7167231ba550754b16f0c7df456d7490698ba11
15972279e93531e3d78098ca9ca9c4c74bb95288ace772b5736f8ccd3975c224
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
9e63cdc77de3df5b0b0685849e03d263716a22ccf56e4ed74807504dc227221c
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
cd871d94fa300061d3a71bde96be28e0ccddc260315f81af7b0f9dd2cedebe7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

deskbnzhelp.com Open in urlscan Pro 199.188.200.4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

183 kBTransfer

226 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

2 Cookies

Indicators

deskbnzhelp.com Open in urlscan Pro
199.188.200.4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

183 kB
Transfer

226 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!