login.nzpost.co.nz Open in urlscan Pro
185.125.86.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mds-admin.nzpost.co.nz/
Effective URL:
https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas
Submission: On December 16 via automatic, source certstream-suspicious (December 16th 2021, 7:57:56 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 185.125.86.33, located in Auckland, New Zealand and belongs to REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ. The main domain is login.nzpost.co.nz.
TLS certificate: Issued by Thawte RSA CA 2018 on January 27th 2021. Valid for: a year.

This is the only time login.nzpost.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	185.125.86.33 185.125.86.33	134433 (REDSHIELD...) (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	54.66.193.162 54.66.193.162	() ()
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	() ()
19	6

9 185.125.86.33 (Auckland, New Zealand) 1 redirects

ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ)

mds-admin.nzpost.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.nzpost.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.66.193.162 (None, )

ASN- ()

directory.nzpost.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (None, )

ASN- ()

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	nzpost.co.nz 1 redirects mds-admin.nzpost.co.nz login.nzpost.co.nz Failed directory.nzpost.co.nz	405 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
1	typekit.net use.typekit.net	7 KB
19	3

	Domain	Requested by
8	mds-admin.nzpost.co.nz	1 redirects mds-admin.nzpost.co.nz
4	directory.nzpost.co.nz	login.nzpost.co.nz directory.nzpost.co.nz
1	use.typekit.net	login.nzpost.co.nz
1	ajax.googleapis.com	login.nzpost.co.nz
1	login.nzpost.co.nz	mds-admin.nzpost.co.nz
1	fonts.googleapis.com	mds-admin.nzpost.co.nz
19	6

This site contains no links.

Subject Issuer	Validity	Valid
mds-admin.nzpost.co.nz Thawte RSA CA 2018	`2021-06-02` - `2022-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
login.nzpost.co.nz Thawte RSA CA 2018	`2021-01-27` - `2022-02-27`	a year	crt.sh
directory.nzpost.co.nz Thawte RSA CA 2018	`2021-01-27` - `2022-02-27`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas
Frame ID: 4CAC7B7EDF2576414C5D1A7E9090E94D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mds-admin.nzpost.co.nz/ Page URL
https://mds-admin.nzpost.co.nz/auth/cas HTTP 302
https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas Page URL

Detected technologies

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

79 %
HTTPS

60 %
IPv6

3
Domains

6
Subdomains

6
IPs

2
Countries

445 kB
Transfer

1540 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mds-admin.nzpost.co.nz/ Page URL
https://mds-admin.nzpost.co.nz/auth/cas HTTP 302
https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://mds-admin.nzpost.co.nz/auth/cas HTTP 302
https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
mds-admin.nzpost.co.nz/ 2 KB
2 KB 2625ms
419ms Document
text/html 185.125.86.33
REDSHIELD-AS-AP R...

General

Check archive.org

Show headers Download Go to

Full URL: https://mds-admin.nzpost.co.nz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.125.86.33 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software: /
Resource Hash: 3e2990beefa2323089e8835425e981a22ea3f8652d39bdc40e9d366509857016

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: public, max-age=0
Cache-control: no-cache="set-cookie"
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Dec 2021 19:57:49 GMT
ETag: W/"69c-17dbe320b13"
Last-Modified: Wed, 15 Dec 2021 13:04:50 GMT
Content-Length: 868
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 43ms
19ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,700

Requested by

Host: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8490874156eb6225f8708a36b29078bf94f35c31e90fbb5143c18c4335eb211f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mds-admin.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 19:57:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Dec 2021 19:57:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Dec 2021 19:57:49 GMT

GET
H/1.1 200
OK main.css
mds-admin.nzpost.co.nz/css/ 120 KB
21 KB 360ms
359ms Stylesheet
text/css 185.125.86.33
REDSHIELD-AS-AP R...

General

Check archive.org

Show headers Download Go to

Full URL: https://mds-admin.nzpost.co.nz/css/main.css?v=c7d1024fa312b05cd5b53a3594ce2eb5
Requested by: Host: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.125.86.33 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software: /
Resource Hash: e5408fa481274c033e66b0ba7ec8f797c3d5e67013e7bfbc16a00e0bfef96408

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mds-admin.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 13:04:31 GMT
ETag: W/"1de6c-17dbe31bfe3"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Length: 21675

GET
H/1.1 200
OK main.js Show response
mds-admin.nzpost.co.nz/js/ 1 MB
353 KB 1278ms
702ms Script
application/javascript 185.125.86.33
REDSHIELD-AS-AP R...

General

Check archive.org

Show headers Download Go to

Full URL: https://mds-admin.nzpost.co.nz/js/main.js?v=f705b33e9a5315987f56184372e00867
Requested by: Host: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.125.86.33 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software: /
Resource Hash: 52c0c560c180365100fcd2f28cf2f40e02043cc67bdf419bf887bbdf89eca025

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mds-admin.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 13:04:50 GMT
ETag: W/"12927c-17dbe320ad7"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: public, max-age=0
Connection: keep-alive

GET
H/1.1 200
OK logo-nzpost.png
mds-admin.nzpost.co.nz/images/ 2 KB
3 KB 326ms
326ms Image
image/png 185.125.86.33
REDSHIELD-AS-AP R...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mds-admin.nzpost.co.nz/images/logo-nzpost.png
Requested by: Host: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.125.86.33 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),
Reverse DNS
Software: /
Resource Hash: 7897b8c8c47585adb82985bd317e65c3b55dc9b32c3b7869e44cd75a1f79f8b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mds-admin.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:50 GMT
Last-Modified: Wed, 15 Dec 2021 13:04:31 GMT
ETag: W/"9a4-17dbe31c09f"
Content-Type: image/png
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2468

GET
H/1.1 401
Unauthorized user Show response
mds-admin.nzpost.co.nz/api/ 2 KB
1 KB 335ms
335ms XHR
text/html 185.125.86.33
REDSHIELD-AS-AP R...

General

Check archive.org

Show headers Download Go to

Full URL

https://mds-admin.nzpost.co.nz/api/user

Requested by

Host: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/js/main.js?v=f705b33e9a5315987f56184372e00867

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.125.86.33 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),

Reverse DNS

Software

Resource Hash

b4840597a38c3ce5d5de3b078bb1438d55a76d21a6aa59df51941c711c6eb64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://mds-admin.nzpost.co.nz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 551
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1 401
Unauthorized offers Show response
mds-admin.nzpost.co.nz/api/organisations/ 2 KB
1 KB 330ms
330ms XHR
text/html 185.125.86.33
REDSHIELD-AS-AP R...

General

Check archive.org

Show headers Download Go to

Full URL

https://mds-admin.nzpost.co.nz/api/organisations/offers

Requested by

Host: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/js/main.js?v=f705b33e9a5315987f56184372e00867

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.125.86.33 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),

Reverse DNS

Software

Resource Hash

b4840597a38c3ce5d5de3b078bb1438d55a76d21a6aa59df51941c711c6eb64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://mds-admin.nzpost.co.nz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 551
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET cas
mds-admin.nzpost.co.nz/auth/ 0
0

GET

https://mds-admin.nzpost.co.nz/auth/cas
https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

0
0

GET
H/1.1 401
Unauthorized organisations
mds-admin.nzpost.co.nz/api/ 2 KB
782 B 333ms
333ms XHR
text/html 185.125.86.33
REDSHIELD-AS-AP R...

General

Check archive.org

Show headers Download Go to

Full URL

https://mds-admin.nzpost.co.nz/api/organisations

Requested by

Host: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/js/main.js?v=f705b33e9a5315987f56184372e00867

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.125.86.33 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://mds-admin.nzpost.co.nz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 551
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

Primary Request login Show response
login.nzpost.co.nz/
Redirect Chain

https://mds-admin.nzpost.co.nz/auth/cas
https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

6 KB
3 KB

1988ms
394ms

Document
text/html

185.125.86.33
REDSHIELD-AS-AP R...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

Requested by

Host: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/js/main.js?v=f705b33e9a5315987f56184372e00867

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.125.86.33 Auckland, New Zealand, ASN134433 (REDSHIELD-AS-AP REDSHIELD SECURITY LIMITED, NZ),

Reverse DNS

Software

Resource Hash

0e8005ad71877da513efbf3a8447b3d4116086b3df92f2f9986697e7a63c7bac

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://mds-admin.nzpost.co.nz/

Response headers

Date: Thu, 16 Dec 2021 19:57:54 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 2286
Connection: keep-alive
Keep-Alive: timeout=10
Cache-Control: no-store
Pragma: no-cache
Expires: Thu, 17 Dec 2020 08:57:54 +1300
Status: 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
X-Frame-Options: sameorigin

Redirect headers

Date: Thu, 16 Dec 2021 19:57:52 GMT
Location: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK modernizr.js Show response
directory.nzpost.co.nz/assets/ 11 KB
5 KB 984ms
299ms Script
application/javascript 54.66.193.162

General

Check archive.org

Show headers Download Go to

Full URL

https://directory.nzpost.co.nz/assets/modernizr.js

Requested by

Host: login.nzpost.co.nz
URL: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.66.193.162 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

053d50d74c4080cebd707e4af5c1e23bf6617ab5856a9462991c9a6cd8d8830e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 17 Oct 2018 19:16:57 GMT
Server: nginx
ETag: "ac796480363d0909bcdaaf30b5d2ee20-gzip"
X-Frame-Options: sameorigin
Content-Type: application/javascript
Status: 200 OK
Cache-Control: public, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 4497
X-Request-Id: c3122489-b25a-4b0e-8d3b-2e62995510c8

GET
H/1.1 200
OK cas.css
directory.nzpost.co.nz/assets/ 40 KB
7 KB 964ms
292ms Stylesheet
text/css 54.66.193.162

General

Check archive.org

Show headers Download Go to

Full URL

https://directory.nzpost.co.nz/assets/cas.css

Requested by

Host: login.nzpost.co.nz
URL: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.66.193.162 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

bbadae2441620e5d2f1f2d3ad90ee4f21bbd733a67054a59241545f188c77340

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 13 Jul 2021 03:00:11 GMT
Server: nginx
ETag: "a349a8e72bfed6c7e587956984669268-gzip"
X-Frame-Options: sameorigin
Content-Type: text/css
Status: 200 OK
Cache-Control: public, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 6867
X-Request-Id: fd5dae89-e67c-4313-893c-c36db319d78a

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
33 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: login.nzpost.co.nz
URL: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Dec 2022 15:24:40 GMT

GET
H/1.1 200
OK logo-combined.png
directory.nzpost.co.nz/assets/nzpost_style_guide/ 7 KB
7 KB 298ms
297ms Image
image/png 54.66.193.162

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://directory.nzpost.co.nz/assets/nzpost_style_guide/logo-combined.png

Requested by

Host: login.nzpost.co.nz
URL: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.66.193.162 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

ed509dfcf100c3fa4c2782cb2cefeb5b08ba2ea531a22d9952e57e9634130251

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:56 GMT
Last-Modified: Tue, 13 Jul 2021 03:00:11 GMT
Server: nginx
ETag: "4974b789a7632fa4111747487d3fb687"
X-Frame-Options: sameorigin
Content-Type: image/png
Status: 200 OK
Cache-Control: public, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 7250
X-Request-Id: a283d502-86c0-412b-950b-e7c540e0dc52

GET realme-logo.jpg
directory.nzpost.co.nz/assets/nzpost_style_guide/ 0
0

GET
H/1.1 200
OK cas.js
directory.nzpost.co.nz/assets/ 43 KB
0 297ms
297ms Script
application/javascript 54.66.193.162

General

Check archive.org

Show headers Download Go to

Full URL

https://directory.nzpost.co.nz/assets/cas.js

Requested by

Host: login.nzpost.co.nz
URL: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.66.193.162 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 16 Dec 2021 19:57:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Tue, 13 Jul 2021 03:00:11 GMT
Server: nginx
ETag: "3682d6399caa5ad51f4c452982412ee3-gzip"
X-Frame-Options: sameorigin
Content-Type: application/javascript
Status: 200 OK
Cache-Control: public, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 36691
X-Request-Id: e599d3d5-b78a-427a-af39-6e6b056051a4

GET
H2 200 jzl1wyf.js Show response
use.typekit.net/ 17 KB
7 KB 147ms
128ms Script
text/javascript 2a02:26f0:6c00::210:ba0a

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jzl1wyf.js

Requested by

Host: login.nzpost.co.nz
URL: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

3c539aa5c687f254652adab1687cc64735e330c20aaef1aebdc32a0b7efbefc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://login.nzpost.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 16 Dec 2021 19:57:56 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6786

GET nzpost.woff
directory.nzpost.co.nz/assets/nzpost_style_guide/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mds-admin.nzpost.co.nz
URL: https://mds-admin.nzpost.co.nz/auth/cas

Domain: login.nzpost.co.nz
URL: https://login.nzpost.co.nz/login?service=https%3A%2F%2Fmds-admin.nzpost.co.nz%2Fauth%2Fcas

Domain: directory.nzpost.co.nz
URL: https://directory.nzpost.co.nz/assets/nzpost_style_guide/realme-logo.jpg

Domain: directory.nzpost.co.nz
URL: https://directory.nzpost.co.nz/assets/nzpost_style_guide/nzpost.woff

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mds-admin.nzpost.co.nz/	1969-12-31 23:59:59	Name: AWSELB Value: C385092D08EEE25D7CF4912E937B0A5347A059E7DA23565E316618CEC0544E96D71D30839C6C09E6FA1CAFA3A2FCEC352E3F54878743E606B42BD4D5D2E8DD2507EF328DC3
mds-admin.nzpost.co.nz/	1969-12-31 23:59:59	Name: AWSELBCORS Value: C385092D08EEE25D7CF4912E937B0A5347A059E7DA23565E316618CEC0544E96D71D30839C6C09E6FA1CAFA3A2FCEC352E3F54878743E606B42BD4D5D2E8DD2507EF328DC3
mds-admin.nzpost.co.nz/	1969-12-31 23:59:59	Name: TS01c9af0a Value: 0117e34adeca8ba5f4c3eb0b719138b4aacc1d55b6e98772466df692eedffce9ec632c9d605b450bf1e06feb16fd80068d86d96f6a
mds-admin.nzpost.co.nz/	1969-12-31 23:59:59	Name: SESSID Value: s%3AUtWEdOTxpNn1BIGvy0Hg-T1k9wo7wtXm.WxFLZDvN045IEl7seonoRLazI0Kaq4Nx%2BgZ20KhOfKs
login.nzpost.co.nz/	1969-12-31 23:59:59	Name: TS01c9af0a Value: 0117e34ade2af47fabc364d4c91ce704034ceaf74d902838d66796b41aa5faa73ccf277b8679d522d38dba606313edee67841ad534
.nzpost.co.nz/	1969-12-31 23:59:59	Name: TS01b09d73 Value: 0117e34ade2af47fabc364d4c91ce704034ceaf74d902838d66796b41aa5faa73ccf277b8679d522d38dba606313edee67841ad534

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mds-admin.nzpost.co.nz/api/user Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://mds-admin.nzpost.co.nz/api/organisations/offers Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://mds-admin.nzpost.co.nz/api/organisations Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
directory.nzpost.co.nz
fonts.googleapis.com
login.nzpost.co.nz
mds-admin.nzpost.co.nz
use.typekit.net
directory.nzpost.co.nz
login.nzpost.co.nz
mds-admin.nzpost.co.nz
185.125.86.33
2a00:1450:4001:808::200a
2a00:1450:4001:827::200a
2a02:26f0:6c00::210:ba0a
54.66.193.162
053d50d74c4080cebd707e4af5c1e23bf6617ab5856a9462991c9a6cd8d8830e
0e8005ad71877da513efbf3a8447b3d4116086b3df92f2f9986697e7a63c7bac
3c539aa5c687f254652adab1687cc64735e330c20aaef1aebdc32a0b7efbefc6
3e2990beefa2323089e8835425e981a22ea3f8652d39bdc40e9d366509857016
52c0c560c180365100fcd2f28cf2f40e02043cc67bdf419bf887bbdf89eca025
7897b8c8c47585adb82985bd317e65c3b55dc9b32c3b7869e44cd75a1f79f8b2
8490874156eb6225f8708a36b29078bf94f35c31e90fbb5143c18c4335eb211f
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
b4840597a38c3ce5d5de3b078bb1438d55a76d21a6aa59df51941c711c6eb64e
bbadae2441620e5d2f1f2d3ad90ee4f21bbd733a67054a59241545f188c77340
e5408fa481274c033e66b0ba7ec8f797c3d5e67013e7bfbc16a00e0bfef96408
ed509dfcf100c3fa4c2782cb2cefeb5b08ba2ea531a22d9952e57e9634130251

login.nzpost.co.nz Open in urlscan Pro 185.125.86.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

79 %HTTPS

60 %IPv6

3 Domains

6 Subdomains

6 IPs

2 Countries

445 kBTransfer

1540 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

6 Cookies

3 Console Messages

Indicators

login.nzpost.co.nz Open in urlscan Pro
185.125.86.33 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

79 %
HTTPS

60 %
IPv6

3
Domains

6
Subdomains

6
IPs

2
Countries

445 kB
Transfer

1540 kB
Size

6
Cookies

19 HTTP transactions
0 data transactions