linkware.com.br
Open in
urlscan Pro
50.116.112.169
Malicious Activity!
Public Scan
Effective URL: https://linkware.com.br/kww/kiwiapps/c1f01f9c2106a9fadfa1ed13d7cc483a/
Submission: On March 29 via manual from NZ
Summary
TLS certificate: Issued by R3 on March 22nd 2021. Valid for: 3 months.
This is the only time linkware.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Kiwibank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 7 | 50.116.112.169 50.116.112.169 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
24 | 185.71.229.250 185.71.229.250 | 134433 (REDSHIELD...) (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED) | |
31 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: srv172-ip05.prodns.com.br
linkware.com.br |
ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ)
www.ib.kiwibank.co.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
kiwibank.co.nz
www.ib.kiwibank.co.nz |
188 KB |
7 |
linkware.com.br
2 redirects
linkware.com.br |
5 KB |
31 | 2 |
Domain | Requested by | |
---|---|---|
24 | www.ib.kiwibank.co.nz |
linkware.com.br
www.ib.kiwibank.co.nz |
7 | linkware.com.br |
2 redirects
linkware.com.br
|
31 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.kiwibank.co.nz |
www.ib.kiwibank.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
whm.linkware.com.br R3 |
2021-03-22 - 2021-06-20 |
3 months | crt.sh |
www.ib.kiwibank.co.nz DigiCert SHA2 Extended Validation Server CA |
2021-02-02 - 2022-03-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://linkware.com.br/kww/kiwiapps/c1f01f9c2106a9fadfa1ed13d7cc483a/
Frame ID: CC9C76D3EE84C631948665475F257BA3
Requests: 31 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://linkware.com.br/kww/kiwiapps/index.php
HTTP 302
https://linkware.com.br/kww/kiwiapps/c1f01f9c2106a9fadfa1ed13d7cc483a HTTP 301
https://linkware.com.br/kww/kiwiapps/c1f01f9c2106a9fadfa1ed13d7cc483a/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Windows Server (Operating Systems) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Microsoft ASP.NET (Web Frameworks) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
IIS (Web Servers) Expand
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: More about internet banking
Search URL Search Domain Scan URL
Title: access number
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: KeepSafe
Search URL Search Domain Scan URL
Title: Staying safe online
Search URL Search Domain Scan URL
Title: Forward suspicious emails
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Mobile banking login
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://linkware.com.br/kww/kiwiapps/index.php
HTTP 302
https://linkware.com.br/kww/kiwiapps/c1f01f9c2106a9fadfa1ed13d7cc483a HTTP 301
https://linkware.com.br/kww/kiwiapps/c1f01f9c2106a9fadfa1ed13d7cc483a/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
linkware.com.br/kww/kiwiapps/c1f01f9c2106a9fadfa1ed13d7cc483a/ Redirect Chain
|
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.ib.kiwibank.co.nz/css/ |
167 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splash.css
linkware.com.br/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.7.2.custom.css
www.ib.kiwibank.co.nz/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-mods.css
www.ib.kiwibank.co.nz/css/ |
824 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.7.1.min.js
www.ib.kiwibank.co.nz/includes/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.7.2.custom.min.js
www.ib.kiwibank.co.nz/includes/ |
54 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
namespace.js
www.ib.kiwibank.co.nz/includes/ |
578 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
domain-objects.js
www.ib.kiwibank.co.nz/includes/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
www.ib.kiwibank.co.nz/includes/ |
63 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
others.js
www.ib.kiwibank.co.nz/includes/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
urchin.js
www.ib.kiwibank.co.nz/includes/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pinObjects.js
linkware.com.br/includes/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.blockui.js
www.ib.kiwibank.co.nz/includes/ |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.ib.kiwibank.co.nz/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ScriptResource.axd
www.ib.kiwibank.co.nz/ |
100 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ScriptResource.axd
www.ib.kiwibank.co.nz/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ScriptResource.axd
www.ib.kiwibank.co.nz/ |
102 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebResource.axd
www.ib.kiwibank.co.nz/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keepsafe_logo_login.png
www.ib.kiwibank.co.nz/images/ |
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fraudwatch-logo-266.png
www.ib.kiwibank.co.nz/images/ |
5 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pinObjects.js
linkware.com.br/includes/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
linkware.com.br/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
body.gif
www.ib.kiwibank.co.nz/images/ |
1 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-block-header-light.png
www.ib.kiwibank.co.nz/images/ |
313 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-padlock-sprite.png
www.ib.kiwibank.co.nz/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button-bg-round.png
www.ib.kiwibank.co.nz/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-blue-sm-right.gif
www.ib.kiwibank.co.nz/images/ |
49 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Meta-Serif-Web-Pro-Bold.woff
www.ib.kiwibank.co.nz/fonts/kiwibank/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.png
www.ib.kiwibank.co.nz/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Meta-Serif-Web-Pro-Bold.ttf
www.ib.kiwibank.co.nz/fonts/kiwibank/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.ib.kiwibank.co.nz
- URL
- https://www.ib.kiwibank.co.nz/fonts/kiwibank/Meta-Serif-Web-Pro-Bold.woff
- Domain
- www.ib.kiwibank.co.nz
- URL
- https://www.ib.kiwibank.co.nz/fonts/kiwibank/Meta-Serif-Web-Pro-Bold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Kiwibank (Banking)88 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| kiwibank function| toggleDetail function| toggleElement function| hideElement function| showElement function| showHideElementById function| number_format object| AutoTabKeyCodesToIgnore function| CheckAutoTab string| allowableChars function| getAmountFromFormattedAmount function| stripCharsFromAmount function| clickOnce object| kbf string| _ugifpath object| theForm function| __doPostBack function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| CommonToolkitScripts object| $common object| AjaxControlToolkit object| KbWebToolkit function| WebForm_FindFirstFocusableChild function| WebForm_AutoFocus function| WebForm_CanFocus function| WebForm_IsFocusableTag function| WebForm_IsInVisibleContainer0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
linkware.com.br
www.ib.kiwibank.co.nz
www.ib.kiwibank.co.nz
185.71.229.250
50.116.112.169
06c6fe94f657325760596859af1a2013090c21c504395f10b0840a56c1764b9d
120e2bfd4487aced2d8136d7dc7da0aaaa7deb2983c9d4fd6f44d274a642a2bb
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
1bfc997ecfd8b5093ec2db1f08d6575858aeaa23d0162dd3acf9d8e0c50eeecc
273e238046454bd95e498cdf23cc7f1e9d94fa13ae0dd1c78d6d225bfa60a091
28a71436ac0dc932da5f3bee332164e898ac890aba1e4ed9b6b7225e711fdd9d
2bd70e0fa45160958101c6ebf7038b6fdd471c30ead9fb128b3fb5a592754df1
2f2c4532c00ac2c0d3dabc9da91926dd0513768bc4ffd516fa57d3ce86602b95
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
559c127da70559b08c9d74e5214736045765757c47521c98d58307296e3e4aab
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
68ea56a26ef52baeb77fccad611aed81d6d5f5886bd26e3860b8a4fe0fa1c462
84354f62635f16c44919659409fc6c2ff0844fbdab62fd438f2746ecfa222dd8
898aacff9ca5bbabb20cc8d95194ac050ee91b25fbc5897dd397aaea4a4755f8
ad591ec38239bb58a29cda1630f7e924fdbcb66bde19701172077a56faa30b2a
ad8d668865c8787e38bf20ebab2d59615710950a075994da73901ac04ac11279
c86f525e2bd64646ee66904133b5b96fb068693940bf8967e31eb7b9b6fa9e5a
d0f01af23b14c48567aa7f96670c07dc58759309996cd9f6a3b0b127fa1dc441
e3b027a5fa3feb0cf20c75388b9e3fe3ffbb8893cb71871fc71198c3c1140c9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5daaf172c17258918b5e67dd776c7a85fcd64adaabeabe14ec37f6118dc4ed3
e96042bef32b1c256b0d60f16ab9a451b893facc334c9188fc299a73512b6354
ee3bf2d2a5d05593b1ecafe7016f418c354811023d5827a2930e1fc61b8fc818