nzlgovt.co
Open in
urlscan Pro
172.67.137.26
Malicious Activity!
Public Scan
Effective URL: https://nzlgovt.co/co/
Submission: On July 19 via manual from NZ — Scanned from NZ
Summary
TLS certificate: Issued by WE1 on July 17th 2024. Valid for: 3 months.
This is the only time nzlgovt.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NZ Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 29 | 172.67.137.26 172.67.137.26 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
nzlgovt.co
1 redirects
nzlgovt.co |
290 KB |
1 |
bit.ly
1 redirects
bit.ly — Cisco Umbrella Rank: 6373 |
395 B |
28 | 2 |
Domain | Requested by | |
---|---|---|
29 | nzlgovt.co |
1 redirects
nzlgovt.co
|
1 | bit.ly | 1 redirects |
28 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
nzlgovt.co WE1 |
2024-07-17 - 2024-10-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nzlgovt.co/co/
Frame ID: 50D792425C7D2E99DA5D1E743F0FDC24
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/6R1qx?Dyr=vgSF8cJni3
HTTP 301
https://nzlgovt.co/co HTTP 301
https://nzlgovt.co/co/ Page URL
Detected technologies
Socket.io (JavaScript Frameworks) ExpandDetected patterns
- socket\.io.*\.js
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Mautic (Marketing Automation) Expand
Detected patterns
- [^a-z]mtc.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/6R1qx?Dyr=vgSF8cJni3
HTTP 301
https://nzlgovt.co/co HTTP 301
https://nzlgovt.co/co/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
nzlgovt.co/co/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index-bb307aab.js
nzlgovt.co/co/assets/ |
492 KB 147 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f6170fbb6dGt8.css
nzlgovt.co/co/assets/ |
952 B 871 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9eb648844tKcX.js
nzlgovt.co/co/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9aa856cb4tKcX.js
nzlgovt.co/co/assets/ |
52 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
nzlgovt.co/ |
1 KB 949 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2db5b2014tKcX.js
nzlgovt.co/co/assets/ |
34 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
900a70b54tKcX.js
nzlgovt.co/co/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
163c65364tKcX.js
nzlgovt.co/co/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c27b69114tKcX.js
nzlgovt.co/co/assets/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
17b3908e6dGt8.css
nzlgovt.co/co/assets/ |
1 KB 1023 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f7a55aa84tKcX.js
nzlgovt.co/co/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
beaae7074tKcX.js
nzlgovt.co/co/assets/ |
111 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d17d330e4tKcX.js
nzlgovt.co/co/assets/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
87b143c86dGt8.css
nzlgovt.co/co/assets/ |
174 B 571 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
MC45MTI0MTcyOTU0MDk1MjA3
nzlgovt.co/api/ |
860 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
nzlgovt.co/socket.io/ |
118 B 500 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
d15ad9034tKcX.js
nzlgovt.co/co/assets/ |
113 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f4397ced6dGt8.css
nzlgovt.co/co/assets/ |
400 B 690 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
nzlgovt.co/co/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
footer-logo.png
nzlgovt.co/co/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HN1.woff2
nzlgovt.co/co/font/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
nzlgovt.co/socket.io/ |
2 B 390 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
nzlgovt.co/socket.io/ |
32 B 432 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
nzlgovt.co/socket.io/ |
58 B 463 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
nzlgovt.co/socket.io/ |
2 B 387 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
nzlgovt.co/socket.io/ |
98 B 497 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
MC41MDM5NTgyNjYzMTgyMTI3
nzlgovt.co/api/ |
36 B 459 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NZ Government (Government)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| IMask boolean| __vite_is_modern_browser boolean| __VUE__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bit.ly/ | Name: _bit Value: o6j0cs-c5dea50fb8a749d017-00P |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bit.ly
nzlgovt.co
172.67.137.26
67.199.248.11
07d956abe883fcccd836e343d534d3320977be037d97ba5f96e8652cf84e071e
10b5374261875ad301fa3b920eceb197b38570a8a690658de212239b786bd6dc
16dd9f45f57eb2c496c64d0af577c7764743c4a39c8e3f2384f7f90f25e5aa6f
17b3908ecb836420412e526cda206fb19fc36832cac5bc51e005e7f088194f09
1b4bc6ada977d9a4abe876f844cdffb8ebf894c669eaba6e1910051991bff319
1c4b2d6b91bfb4d102533e8aa5d1e144fb77389c21b6cb4e4981faba66c4ae76
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2971b00631af502cfd8bfdad0248a2f4c780d897356422f2ce281b508d701407
4005e1e8d71406356d357dd10fe0cb7622cbb944923bcd182c6e2103f1397137
42b3b2c1d75c6931d7bc1e51c5f58599605651b34bd27f7d2fe6068983b0012b
438ab8d287782e82d504cb4352fdbe68d64f269ca35d833e59029efebbe40392
63244d01286447b424c118d44e2ca509910879d5ed23cc0fb460a691c30fa6ef
65d60ac25ecd21a95c4655c4359dfad97b688a848dc63683e3b4805a0096fa29
6c90084ec6eff838fed0ec8182a62f304087d900e8128ed57fde6aa4095df820
779ca76683862a7f5888454f9b0072082f7c77fa9a384b88f63fcd54f888ada4
87b143c863dd4e7335da17b5c76464883a1dbb39abed5b055045f4019dff1c3a
8ab293f1b740e5ba2d3280d1223b305d3186003e3750ffe5c75cfbc6e756f36d
962c6dca457db7e16c42aa94b7572cd5d4a49d216b3ecb7ca0dbf49c188e8659
9852943fe5e4fe010cd9740332edcf13c9ba8aa75d579086476ae0a66af33c8e
b369c61875b35da5fb0de93aa1e38623c3382f8668e2de10743a6acad2ff89bd
bca90c83fe388da3a1175bbed2f92a5fa52900a12ffabe087660a52759e34171
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
d71d81a408842b00e12639c590bf33bb7055623306d1f0be26159828ec03caf8
e3fc93b4bc55868283bdb57345e3688b7d37185d171e69593e5e9273d8f48b58
ef9f6b0c38eeb72ddd9897d12621547dde7fa1018a89a050fe968859d6c1af6a
f4397ced557e01524d17b5d0988131cbf8b4c9cb5af39749e74e3671b8eb1917
f6170fbbee0af98d737510b5689b31d78cf4e9a152590e594175b79212210911