![](/screenshots/62e5a713-c9ab-456d-a5d7-fa5244ca47c9.png)
postdelivery.deliveeryinfo.top
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Submission: On December 13 via manual from AU — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on December 12th 2023. Valid for: 3 months.
This is the only time postdelivery.deliveeryinfo.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BNZ Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700::68... 2606:4700::6810:5514 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:600... 2a04:4e42:600::649 | 54113 (FASTLY) (FASTLY) | |
3 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700::68... 2606:4700::6810:7caf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 104.126.37.129 104.126.37.129 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
36 | 7 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-129.deploy.static.akamaitechnologies.com
secure.bnz.co.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
deliveeryinfo.top
postdelivery.deliveeryinfo.top |
111 KB |
4 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313 |
73 KB |
3 |
bnz.co.nz
secure.bnz.co.nz |
94 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204 |
33 KB |
2 |
unpkg.com
1 redirects
unpkg.com — Cisco Umbrella Rank: 857 |
12 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 735 |
30 KB |
36 | 6 |
Domain | Requested by | |
---|---|---|
22 | postdelivery.deliveeryinfo.top |
postdelivery.deliveeryinfo.top
cdnjs.cloudflare.com |
4 | cdn.jsdelivr.net |
postdelivery.deliveeryinfo.top
|
3 | secure.bnz.co.nz |
postdelivery.deliveeryinfo.top
|
3 | cdnjs.cloudflare.com |
postdelivery.deliveeryinfo.top
|
2 | unpkg.com |
1 redirects
postdelivery.deliveeryinfo.top
|
1 | code.jquery.com |
postdelivery.deliveeryinfo.top
|
36 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bnz.co.nz |
secure.bnz.co.nz |
wealthnet.bnz.co.nz |
Subject Issuer | Validity | Valid | |
---|---|---|---|
deliveeryinfo.top GTS CA 1P5 |
2023-12-12 - 2024-03-11 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
bnz.co.nz Entrust Certification Authority - L1K |
2023-10-05 - 2024-10-05 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://postdelivery.deliveeryinfo.top/bank/b/203756649
Frame ID: B797D7400F0509B1D60B2DC137300001
Requests: 29 HTTP requests in this frame
Frame:
https://postdelivery.deliveeryinfo.top/supportChatFrame/203756649
Frame ID: 1B8AA65AC400C34FA4911EE4C807E45A
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/62e5a713-c9ab-456d-a5d7-fa5244ca47c9.png)
Page Title
BNZ LoginBNZ LogolockedDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Socket.io.png)
Detected patterns
- socket\.io.*\.js
Detected patterns
- /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
![](/vendor/wappa/icons/SweetAlert.png)
Detected patterns
- sweet(?:-)?alert(?:\.min)?\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: BNZ Logo
Search URL Search Domain Scan URL
Title: Current PagePersonal Banking
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Client Fund Service
Search URL Search Domain Scan URL
Title: WealthNet
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: Forgot your password?
Search URL Search Domain Scan URL
Title: Find your Access Number
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
- https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
203756649
postdelivery.deliveeryinfo.top/bank/b/ |
118 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ |
160 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
58 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.27.2/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert.min.js
unpkg.com/sweetalert@2.1.2/dist/ Redirect Chain
|
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA27NVfqrux_10257221222094147.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F
postdelivery.deliveeryinfo.top/js/bank/bnz/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
serrano.css
postdelivery.deliveeryinfo.top/css/bank/bnz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
other.js
postdelivery.deliveeryinfo.top/js/ |
2 KB 978 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
postdelivery.deliveeryinfo.top/js/ |
29 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
postdelivery.deliveeryinfo.top/js/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socket.io.js
cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.1/ |
105 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.0ebac605.chunk.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F
postdelivery.deliveeryinfo.top/js/bank/bnz/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.a5985273.chunk.js.%D0%B7%D0%B0%D0%B2%D0%B0%D0%BD%D1%82%D0%B0%D0%B6%D0%B5%D0%BD%D0%BD%D1%8F
postdelivery.deliveeryinfo.top/js/bank/bnz/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FR8nJHM
postdelivery.deliveeryinfo.top/js/bank/bnz/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
support_parent.css
postdelivery.deliveeryinfo.top/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
serrano.css
postdelivery.deliveeryinfo.top/css/bank/bnz/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.6ca2a99c.chunk.js
secure.bnz.co.nz/auth/static/js/ |
0 90 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.bb624667.chunk.js
secure.bnz.co.nz/auth/static/js/ |
0 1 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.c5c9bca4.chunk.js
secure.bnz.co.nz/auth/static/js/ |
0 3 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postdelivery.deliveeryinfo.top/socket.io/ |
118 B 537 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
203756649
postdelivery.deliveeryinfo.top/supportChatFrame/ Frame 1B8A |
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
supportIcon.svg
postdelivery.deliveeryinfo.top/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
postdelivery.deliveeryinfo.top/socket.io/ |
2 B 431 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postdelivery.deliveeryinfo.top/socket.io/ |
32 B 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
support_chat.css
postdelivery.deliveeryinfo.top/css/ Frame 1B8A |
101 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
axios.min.js
postdelivery.deliveeryinfo.top/js/ Frame 1B8A |
29 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
support.js
postdelivery.deliveeryinfo.top/js/ Frame 1B8A |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
postdelivery.deliveeryinfo.top/socket.io/ |
2 B 433 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
postdelivery.deliveeryinfo.top/socket.io/ |
51 B 488 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
getMessages
postdelivery.deliveeryinfo.top/api/support/ Frame 1B8A |
15 B 500 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
getMessages
postdelivery.deliveeryinfo.top/api/support/ Frame 1B8A |
15 B 500 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
getMessages
postdelivery.deliveeryinfo.top/api/support/ Frame 1B8A |
15 B 503 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- postdelivery.deliveeryinfo.top
- URL
- https://postdelivery.deliveeryinfo.top/css/bank/bnz/serrano.css
- Domain
- postdelivery.deliveeryinfo.top
- URL
- https://postdelivery.deliveeryinfo.top/css/bank/bnz/serrano.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BNZ Bank (Banking)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture boolean| isIE boolean| isUnsupportedBrowser object| __BNZ_LOGIN_CLIENT function| $ function| jQuery number| uidEvent object| bootstrap object| Popper function| axios function| setImmediate function| clearImmediate function| swal function| sweetAlert function| sendOnlineStatus function| setOnlineStatus function| io1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
postdelivery.deliveeryinfo.top/ | Name: connect.sid Value: s%3A5fFR4a_VfIbOQJHD37myhmTfvVV0hJZR.i0WdGN83FjCyX5h%2BDJAKHDDIuP8gk%2BXxug9IyUWE%2B8o |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
postdelivery.deliveeryinfo.top
secure.bnz.co.nz
unpkg.com
postdelivery.deliveeryinfo.top
104.126.37.129
2606:4700::6810:5514
2606:4700::6810:7caf
2606:4700::6811:190e
2a04:4e42:600::649
2a06:98c1:3120::3
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
3c96f1753f6772c380707416ed2cf75a964f62108d2c69a300d0c28947f4e5ab
49efdc5e67e77183ab26d14cbb156eb141c67c88b1a00a8544d40c765b07f84a
525dfe15d7b865d55feee2557b7d665e34a9b1573996ffb491052b38052b4b79
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
676087d3a7d490e4579e407a011e78a1e3b3b94a97ec80fe8b5aaabaebfa77a6
70c3d690bdc5ce3b9a1527c46044989a3176e610882fa99f4523e75bc395bcce
78f843d3abb760189d189f74b3f80bb0ca13e40ede8caad1c05c321ffeb78cf4
9afd537e6723bb869397626212305906f739306bc96bfff09e9e6f45c206f715
bc82a040c64adaae642a0e657d1f014f560c2e86028254e860c80a31493c15e2
d163867139e1fab758b6c60569702bb04cbc92a24c90dd98678fe647c71ce1b0
d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59
d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f
d5fba18e5f50a6f74db552765e4e256d2f4a6e9b46c2234b5e07f3c63fdcec28
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f1dd47a12745dd4c0072f45e8c6681be45ec8a88ab772f25f196a19c642dad
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e