tzngaprwuv.menton3.com
Open in
urlscan Pro
66.175.58.9
Malicious Activity!
Public Scan
Submission: On July 12 via automatic, source openphish
Summary
This is the only time tzngaprwuv.menton3.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
23 | 66.175.58.9 66.175.58.9 | 30447 (INFB2-AS) (INFB2-AS - InternetNamesForBusiness.com) | |
2 | 66.175.41.113 66.175.41.113 | 30447 (INFB2-AS) (INFB2-AS - InternetNamesForBusiness.com) | |
4 | 103.28.251.213 103.28.251.213 | 19551 (INCAPSULA) (INCAPSULA - Incapsula Inc) | |
29 | 3 |
ASN30447 (INFB2-AS - InternetNamesForBusiness.com, US)
PTR: hostedc38.carrierzone.com
tzngaprwuv.menton3.com |
ASN30447 (INFB2-AS - InternetNamesForBusiness.com, US)
PTR: testmerch2.carrierzone.com
count.carrierzone.com |
ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 103.28.251.213.ip.incapdns.net
collection.bnz.co.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
menton3.com
tzngaprwuv.menton3.com |
652 KB |
4 |
bnz.co.nz
collection.bnz.co.nz |
54 KB |
2 |
carrierzone.com
count.carrierzone.com |
35 KB |
29 | 3 |
Domain | Requested by | |
---|---|---|
23 | tzngaprwuv.menton3.com |
tzngaprwuv.menton3.com
|
4 | collection.bnz.co.nz |
tzngaprwuv.menton3.com
|
2 | count.carrierzone.com |
tzngaprwuv.menton3.com
|
29 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bnz.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.carrierzone.com RapidSSL SHA256 CA - G3 |
2015-08-10 - 2018-10-16 |
3 years | crt.sh |
www.bnz.co.nz Entrust Certification Authority - L1M |
2017-04-17 - 2018-05-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://tzngaprwuv.menton3.com/bnzipb/actudt.htm?user=4624g80a13c0db1f8e263663d3faee8d195a86e1d217942f7415cf1b4a661698
Frame ID: 30330.1
Requests: 29 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Terms & Conditions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
actudt.htm
tzngaprwuv.menton3.com/bnzipb/ |
12 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-ib.css
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
82 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.css
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
100 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prototype-1.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
91 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
former-inline-scripts.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
426 B 426 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
session.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
JavascriptInsert.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-bnz-logo.png
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helpimage_access_id_placement_on_card.png
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnz-requestprocessing-icon-trans.gif
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnz.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
196 KB 196 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnz_002.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnzib.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnzformat.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bnzutils.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SpeedTrapInsert.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsEvent.js
tzngaprwuv.menton3.com/bnzipb/actudt_files/ |
227 B 227 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count.js
count.carrierzone.com/app/count_server/ |
35 KB 35 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serranoweb-bold-webfont.woff
tzngaprwuv.menton3.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dark-blue-sprite.png
tzngaprwuv.menton3.com/images/ |
21 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serranoweb-bold-webfont.ttf
tzngaprwuv.menton3.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
session.js
collection.bnz.co.nz/0951/handler8/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
JavascriptInsert.js
collection.bnz.co.nz/ |
85 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helpimage_access_id_placement_on_card.png
tzngaprwuv.menton3.com/registration/ib/resources/images/ |
21 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jsEvent.js
collection.bnz.co.nz/9092/2174143243/XBW09WEA78JG/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ctin.php
count.carrierzone.com/track/ |
42 B 42 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jsEvent.js
collection.bnz.co.nz/9092/2174143243/XBW09WEA78JG/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNZ Bank (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.menton3.com/ | Name: usy46gabsosd Value: bnzcsa_14998383819550.2961175027462588_0951 |
|
tzngaprwuv.menton3.com/ | Name: TS0194eee0 Value: 01d6b5650cb1236e610ef682fd38ecfdc48759a517e5b63a3eefa1dc156629660a77f29782 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
collection.bnz.co.nz
count.carrierzone.com
tzngaprwuv.menton3.com
103.28.251.213
66.175.41.113
66.175.58.9
0495e908a2dc4eff8920ab2f2ce15f4b592be3ffd1b9ffdff61203bc25dd19a3
150f6aae7b20560d53c7e5f66c449232bcb8eb5421a38b08c6badbb0b24530df
2558340a35a9288471d8529b908255e0fea7e0be4914063075f3ae7663ed726c
259d8cf094679ecaa4e1b0c6168f25658c47736b15643f95cab7a7e2ddc76337
2efb4b3d6c4a82dfb97c8867e4d95fb48e14d141378e6f5ec735218a77c7553d
40d8cb7ddce923b066ea2bdb5d7c5e24ecd3ce6773bd5550fc27255a4fc97903
43a39f90b3790e06d7559e53c1ef3604d71674845a0609e4e8bf7c8d781a9620
43de6c55ba7bf582311924ef5dc0fb060c6574b91a9da4cff842ec95b549dbf7
5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
67adb58783361659a65bf6f616354de4d7920cf16e20799213799cf541f7684f
715945c571a395a5aae690b1ef65ca8f064d9ef59fc630297dc13510eba89981
7b6ad96cf0746de2b3fa473851ab7c38588c58d0560d87bc98d6c98a62d1586c
803909275be387a4cf98a801e6b287f5bfb3ce6ac374c6100af01a952b8e2bbe
b76395446c3db95cdf5251860488a53f08751f39c453d5fdf7e30b8c9b320e04
bf8122199504c6e3a8c5fa4257e26834c66c4da6de8217c5a5f1656e741d7cb5
c9311272dc08ff57a9dad1c58ed1d6bb88d84fb856746975f5ff3809ddbffb74
caaea966adbec9a8ad37db70fb0491e12ad46c2e04a0c3ed946ddbde20bcd13e
cb7e0e29a9a1b547182f41c4dda99ec9cbe4decce3f6c75e3ba7634acb373dbc
d6a6e3533a3a8f1ca99259152a54a7ace6f0f0f6a8ba53e0a5443f05ce55d47a
ddfb043b109454dda7c0ad670040246c995541a1990025b304263c584f2b1f80
f418e6b5416f03cbc22b24f481582e2d55ee0f7ca6989c562b59f12c9229214e
f8878f7bb56a858259a10e8de31715243a732dbaf553e33497bd4424952a7ab7