www.encom-sys.pl Open in urlscan Pro
193.239.59.252 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.encom-sys.pl/wp-includes/tmp/9/login.php
Submission: On July 13 via automatic, source openphish (July 13th 2017, 6:28:44 am UTC)

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 32 HTTP transactions. The main IP is 193.239.59.252, located in Wroclaw, Poland and belongs to PROVIDER-WROCLAW ul. Nabycinska 19, PL. The main domain is www.encom-sys.pl.

This is the only time www.encom-sys.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Westpac (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	193.239.59.252 193.239.59.252	35179 (PROVIDER-...) (PROVIDER-WROCLAW ul. Nabycinska 19)
28	202.7.39.68 202.7.39.68	4830 (ASN-WESTP...) (ASN-WESTPACNZ-AP)
32	3

2 193.239.59.252 (Wroclaw, Poland)

ASN35179 (PROVIDER-WROCLAW ul. Nabycinska 19, PL)
PTR: neptun.k.pl

www.encom-sys.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encom-sys.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 202.7.39.68 (New Zealand)

ASN4830 (ASN-WESTPACNZ-AP)

sec.westpac.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	westpac.co.nz sec.westpac.co.nz	228 KB
2	encom-sys.pl www.encom-sys.pl encom-sys.pl	6 KB
32	2

	Domain	Requested by
28	sec.westpac.co.nz	www.encom-sys.pl
1	encom-sys.pl	www.encom-sys.pl
1	www.encom-sys.pl
32	3

This site contains no links.

Subject Issuer	Validity	Valid
sec.westpac.co.nz Entrust Certification Authority - L1M	`2017-03-21` - `2019-04-16`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
Frame ID: 25358.1
Requests: 31 HTTP requests in this frame

Frame: https://sec.westpac.co.nz/IOLB/Verisign.jsp
Frame ID: 25358.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

32
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

234 kB
Transfer

310 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request 28

http://www.encom-sys.pl/wp-includes/tmp/9/theme/westpacIOLBStyleMozillav1_2.css
http://encom-sys.pl/wp-includes/tmp/9/theme/westpacIOLBStyleMozillav1_2.css

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.php Show response
www.encom-sys.pl/wp-includes/tmp/9/ 28 KB
6 KB 4872ms
4846ms Document
text/html 193.239.59.252
PROVIDER-WROCLAW ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
Protocol: HTTP/1.1
Server: 193.239.59.252 Wroclaw, Poland, ASN35179 (PROVIDER-WROCLAW ul. Nabycinska 19, PL),
Reverse DNS: neptun.k.pl
Software: Apache/2 / PHP/5.6.30
Resource Hash: 92b59c15dd9b7de705e0a18593105ee5ce4f5a3620740682138e7c4dd1249826

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:44 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.30
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 6084

GET
H/1.1 200
OK westpacIOLBStyleBasev2_0.css
sec.westpac.co.nz/IOLB/theme/ 25 KB
5 KB 1596ms
393ms Stylesheet
text/css 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/theme/westpacIOLBStyleBasev2_0.css

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

166b693f0139ae3df7316a863ccdf69b35430ab349885c07434636ac05124b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:57 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=15, max=200
Expires: Sun, 13 Aug 2017 06:27:57 GMT

GET
H/1.1 200
OK ChooseCSSv1_3.js Show response
sec.westpac.co.nz/IOLB/javascript/ 846 B
358 B 1657ms
331ms Script
text/javascript 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/javascript/ChooseCSSv1_3.js

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

cd2730425a072eb2d4a8fc4639133d44324dca57198a68acdebdeffc4d5d6380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:57 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=15, max=200
Expires: Sun, 13 Aug 2017 06:27:57 GMT

GET
H/1.1 200
OK westpacIOLBStyleMozillav1_2.css
sec.westpac.co.nz/IOLB/theme/ 5 KB
1 KB 1791ms
514ms Stylesheet
text/css 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/theme/westpacIOLBStyleMozillav1_2.css

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

7a882f9632c99fea949d9e765fa4ea8a55c74332c140c63712e64b2c1fce8e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:57 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=15, max=200
Expires: Sun, 13 Aug 2017 06:27:57 GMT

GET
H/1.1 200
OK jquery-1.7.1.min.js Show response
sec.westpac.co.nz/IOLB/javascript/ 92 KB
92 KB 1922ms
326ms Script
text/javascript 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/javascript/jquery-1.7.1.min.js

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:57 GMT
Last-Modified: Thu, 13 Jul 2017 06:27:57 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=15, max=199
Expires: Sun, 13 Aug 2017 06:27:57 GMT

GET
H/1.1 200
OK logout_v3.js Show response
sec.westpac.co.nz/IOLB/javascript/auth/ 153 B
142 B 2001ms
345ms Script
text/javascript 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/javascript/auth/logout_v3.js

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

fbce03f1f983fbc5c7336598ccb6efa8219a5f90ca6ce983c23c7efc7ad4644b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:57 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=15, max=199
Expires: Sun, 13 Aug 2017 06:27:57 GMT

GET
H/1.1 200
OK timeout_v2.js Show response
sec.westpac.co.nz/IOLB/javascript/ 788 B
477 B 2054ms
332ms Script
text/javascript 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/javascript/timeout_v2.js

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

7b31db0ce3e21ee030597d6e4bff90f8788af9dd40282b7e210a7c589c10a3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:58 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=15, max=199
Expires: Sun, 13 Aug 2017 06:27:58 GMT

GET
H/1.1 200
OK westpac-logo.png
sec.westpac.co.nz/IOLB/images/ 8 KB
8 KB 299ms
299ms Image
image/png 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/westpac-logo.png

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

a82bf06ca806e1240ecd967c5d4975680949a9ea692f4d2aa9ce7267e14c7e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:00 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:34 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=15, max=195
Content-Length: 7818
Expires: Sun, 13 Aug 2017 06:26:26 GMT

GET
H/1.1 200
OK 1pixel.gif
sec.westpac.co.nz/IOLB/images/ 42 B
42 B 454ms
454ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/1pixel.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:00 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:32 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=194
Content-Length: 42
Expires: Sun, 13 Aug 2017 06:28:00 GMT

GET
H/1.1 200
OK nav_homepage_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ 358 B
358 B 299ms
299ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/nav1/nav_homepage_1.0.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

c12a21d3b3145d9870c8096096617902ec8d7c58d5167beb7be8b5355a734033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:00 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:34 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=193
Content-Length: 358
Expires: Sun, 13 Aug 2017 06:23:27 GMT

GET
H/1.1 200
OK nav_L1divider_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ 60 B
60 B 299ms
299ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/nav1/nav_L1divider_1.0.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

811d8064196602c7023830a5de555e392a6bf0179e8dfadad2b5e9b0a1b4b83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:01 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:34 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=192
Content-Length: 60
Expires: Sun, 13 Aug 2017 06:24:18 GMT

GET
H/1.1 200
OK nav_your_security_1.1.gif
sec.westpac.co.nz/IOLB/images/nav1/ 226 B
226 B 299ms
299ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/nav1/nav_your_security_1.1.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

f099105c4ec10af4755f330a2d20ee513b14b8db24bb2f2b3a047f282d79300f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:01 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:34 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=191
Content-Length: 226
Expires: Sun, 13 Aug 2017 06:23:21 GMT

GET
H/1.1 200
OK nav_askaquestion_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ 242 B
242 B 299ms
299ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/nav1/nav_askaquestion_1.0.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

39521bcb6d58a72cee33875568bd523a5028e9d1aec2e1644e3a9bdb69595b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:01 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:42 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=190
Content-Length: 242
Expires: Sun, 13 Aug 2017 06:26:12 GMT

GET
H/1.1 200
OK nav_bankingonyourmobile_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ 1 KB
1 KB 299ms
299ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/nav1/nav_bankingonyourmobile_1.0.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

415d4b9462168f90873d8633861d10bedc7df9ebcc74eb4d5653475987ba1469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:02 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:34 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=189
Content-Length: 1439
Expires: Sun, 13 Aug 2017 06:24:33 GMT

GET
H/1.1 200
OK nav_reportphishingscam_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ 342 B
342 B 299ms
299ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/nav1/nav_reportphishingscam_1.0.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

94cc5340fb33a53814be3df97b5ef9388eb31d4e8bd8b607ae9c44003933827a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:02 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:34 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=188
Content-Length: 342
Expires: Sun, 13 Aug 2017 06:23:26 GMT

GET
H/1.1 200
OK nav_bottom_1.1.gif
sec.westpac.co.nz/IOLB/images/nav1/ 273 B
273 B 301ms
301ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/nav1/nav_bottom_1.1.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

b221dc5a8e43f5a56353a0bb733849bb8b04d762b7b947e91baecce70e19ae16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:02 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:34 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=187
Content-Length: 273
Expires: Sun, 13 Aug 2017 06:28:02 GMT

GET
H/1.1 200
OK guarantee_3.0.gif
sec.westpac.co.nz/IOLB/images/ 4 KB
4 KB 601ms
299ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/guarantee_3.0.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

0f368ebe65fb4210c2f6046e0336a9f84103c342b55db73d1bc6a9d78beed88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:03 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:32 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=185
Content-Length: 4126
Expires: Sun, 13 Aug 2017 06:26:24 GMT

GET
H/1.1 200
OK guardian_1.0.gif
sec.westpac.co.nz/IOLB/images/ 4 KB
4 KB 299ms
299ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/guardian_1.0.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

8d1db1a6de41dfe4ea290684e88bbc14384cabab900b9f0d1b665509fcf6aba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:03 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:32 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=184
Content-Length: 4326
Expires: Sun, 13 Aug 2017 06:24:26 GMT

GET
H/1.1 200
OK keystroke-biometric_v1.js Show response
sec.westpac.co.nz/IOLB/javascript/auth/ 888 B
448 B 401ms
401ms Script
text/javascript 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/javascript/auth/keystroke-biometric_v1.js

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

95d84e6e4361513b552103fdc417683f957740fe3e8e66d21f29321cf73d881d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:58 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=15, max=198
Expires: Sun, 13 Aug 2017 06:27:58 GMT

GET
H/1.1 200
OK login_helper_v6.js Show response
sec.westpac.co.nz/IOLB/javascript/auth/ 4 KB
2 KB 399ms
399ms Script
text/javascript 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/javascript/auth/login_helper_v6.js

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

c6d09988348c3ec93c47d7555258e80a0adfc86aa2ce78c60407d2b26f03ed98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:59 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=15, max=197
Expires: Sun, 13 Aug 2017 06:27:59 GMT

GET
H/1.1 200
OK ie.png
sec.westpac.co.nz/IOLB/images/icons/ 8 KB
8 KB 299ms
299ms Image
image/png 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/icons/ie.png

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

496bba7e8705c7d7577acf28ea5a3f58a84fc4fdbfb0b4c4594d0a79a50cde84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:03 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:30 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=15, max=183
Content-Length: 8354
Expires: Sun, 13 Aug 2017 06:27:10 GMT

GET
H/1.1 200
OK safari.png
sec.westpac.co.nz/IOLB/images/icons/ 11 KB
11 KB 300ms
300ms Image
image/png 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/icons/safari.png

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

08a9b36b724603536cd879f1709a2c485e0b17b4010f2c5e23c8f2ec24c94b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:04 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:30 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=15, max=182
Content-Length: 11016
Expires: Sun, 13 Aug 2017 06:23:17 GMT

GET
H/1.1 200
OK firefox.png
sec.westpac.co.nz/IOLB/images/icons/ 10 KB
10 KB 301ms
301ms Image
image/png 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/icons/firefox.png

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

b6a20cef2fd214ed4853a8ee26c23c6b493ea5c021d994411de0e92226f84831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:04 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:30 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=15, max=181
Content-Length: 9979
Expires: Sun, 13 Aug 2017 06:28:04 GMT

GET
H/1.1 200
OK olb_alt_divider.gif
sec.westpac.co.nz/IOLB/images/ 215 B
215 B 301ms
301ms Image
image/gif 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/olb_alt_divider.gif

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

bceb0ae35e704b9d095c0f541a97e6b13f4fdea4f36367088807eb62b0f8ecde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:04 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:32 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=15, max=180
Content-Length: 215
Expires: Sun, 13 Aug 2017 06:28:04 GMT

GET
H/1.1 200
OK WP1-GoTo-Linkimage.png
sec.westpac.co.nz/IOLB/images/ 71 KB
71 KB 299ms
299ms Image
image/png 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sec.westpac.co.nz/IOLB/images/WP1-GoTo-Linkimage.png

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

8f407d735ff2e4692fd194129fbfee0d73ec7899f326cb74e3c57300fc99e701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:05 GMT
Last-Modified: Wed, 28 Jun 2017 05:01:32 GMT
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=15, max=179
Content-Length: 72545
Expires: Sun, 13 Aug 2017 06:24:07 GMT

GET
H/1.1 200
OK onlinebankingCommon.js Show response
sec.westpac.co.nz/IOLB/lightbox/javascript/ 7 KB
2 KB 551ms
551ms Script
text/javascript 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/lightbox/javascript/onlinebankingCommon.js

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

2e52a6fa11d6ae779fa2e5d7413ef9f0147ae0e0cd888db5e93cb943da0fc044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:59 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=15, max=196
Expires: Sun, 13 Aug 2017 06:27:59 GMT

GET
H/1.1 200
OK baseV2.css
sec.westpac.co.nz/IOLB/lightbox/stylesheets/ 11 KB
3 KB 1797ms
482ms Stylesheet
text/css 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/lightbox/stylesheets/baseV2.css

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

b8157e6402ba224e849a12bc7ae61761eab3c997a999cb6cab6712aa1ca68845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:57 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=15, max=200
Expires: Sun, 13 Aug 2017 06:27:57 GMT

GET
H/1.1 200
OK componentsV2.css
sec.westpac.co.nz/IOLB/lightbox/stylesheets/ 14 KB
2 KB 1720ms
406ms Stylesheet
text/css 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/lightbox/stylesheets/componentsV2.css

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

8c5f448f67c2d84d6501c0bb1d37a399cc6cd5c96f4484fd28910978daa4a211

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:57 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=15, max=200
Expires: Sun, 13 Aug 2017 06:27:57 GMT

GET
H/1.1 200
OK base-txt-bankingV2.css
sec.westpac.co.nz/IOLB/lightbox/stylesheets/ 3 KB
822 B 1727ms
404ms Stylesheet
text/css 202.7.39.68
ASN-WESTPACNZ-AP

General

Check archive.org

Show headers Download Go to

Full URL

https://sec.westpac.co.nz/IOLB/lightbox/stylesheets/base-txt-bankingV2.css

Requested by

Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

202.7.39.68 , New Zealand, ASN4830 (ASN-WESTPACNZ-AP),

Reverse DNS

Software

Resource Hash

21378f4b4f20d624d57d98200fdb5e6859968bfd8f08bc07835071d170a8fb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:27:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2017 06:27:57 GMT
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Cache-Control: public
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=15, max=200
Expires: Sun, 13 Aug 2017 06:27:57 GMT

GET
H/1.1

404
Not Found

westpacIOLBStyleMozillav1_2.css
encom-sys.pl/wp-includes/tmp/9/theme/
Redirect Chain

http://www.encom-sys.pl/wp-includes/tmp/9/theme/westpacIOLBStyleMozillav1_2.css
http://encom-sys.pl/wp-includes/tmp/9/theme/westpacIOLBStyleMozillav1_2.css

0
0

6241ms
6241ms

Stylesheet
text/html

193.239.59.252
PROVIDER-WROCLAW ...

General

Check archive.org

Show headers Download Go to

Full URL: http://encom-sys.pl/wp-includes/tmp/9/theme/westpacIOLBStyleMozillav1_2.css
Requested by: Host: www.encom-sys.pl
URL: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
Protocol: HTTP/1.1
Server: 193.239.59.252 Wroclaw, Poland, ASN35179 (PROVIDER-WROCLAW ul. Nabycinska 19, PL),
Reverse DNS: neptun.k.pl
Software: Apache/2 / PHP/5.6.30
Resource Hash

Request headers

Referer: http://www.encom-sys.pl/wp-includes/tmp/9/login.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 13 Jul 2017 06:28:24 GMT
Content-Encoding: gzip
Server: Apache/2
X-Powered-By: PHP/5.6.30
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Link: <http://encom-sys.pl/wp-json/>; rel="https://api.w.org/"
Content-Length: 5786
Keep-Alive: timeout=2, max=99
Expires: Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date: Thu, 13 Jul 2017 06:27:48 GMT
Server: Apache/2
X-Powered-By: PHP/5.6.30
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: http://encom-sys.pl/wp-includes/tmp/9/theme/westpacIOLBStyleMozillav1_2.css
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 1
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET Verisign.jsp
sec.westpac.co.nz/IOLB/ Frame 2535 0
0

GET printV2.css
sec.westpac.co.nz/IOLB/lightbox/stylesheets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sec.westpac.co.nz
URL: https://sec.westpac.co.nz/IOLB/Verisign.jsp

Domain: sec.westpac.co.nz
URL: https://sec.westpac.co.nz/IOLB/lightbox/stylesheets/printV2.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Westpac (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

encom-sys.pl
sec.westpac.co.nz
www.encom-sys.pl
sec.westpac.co.nz
193.239.59.252
202.7.39.68
08a9b36b724603536cd879f1709a2c485e0b17b4010f2c5e23c8f2ec24c94b17
0f368ebe65fb4210c2f6046e0336a9f84103c342b55db73d1bc6a9d78beed88d
166b693f0139ae3df7316a863ccdf69b35430ab349885c07434636ac05124b5f
21378f4b4f20d624d57d98200fdb5e6859968bfd8f08bc07835071d170a8fb49
2e52a6fa11d6ae779fa2e5d7413ef9f0147ae0e0cd888db5e93cb943da0fc044
39521bcb6d58a72cee33875568bd523a5028e9d1aec2e1644e3a9bdb69595b3d
415d4b9462168f90873d8633861d10bedc7df9ebcc74eb4d5653475987ba1469
496bba7e8705c7d7577acf28ea5a3f58a84fc4fdbfb0b4c4594d0a79a50cde84
5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3
7a882f9632c99fea949d9e765fa4ea8a55c74332c140c63712e64b2c1fce8e2c
7b31db0ce3e21ee030597d6e4bff90f8788af9dd40282b7e210a7c589c10a3aa
811d8064196602c7023830a5de555e392a6bf0179e8dfadad2b5e9b0a1b4b83a
8c5f448f67c2d84d6501c0bb1d37a399cc6cd5c96f4484fd28910978daa4a211
8d1db1a6de41dfe4ea290684e88bbc14384cabab900b9f0d1b665509fcf6aba2
8f407d735ff2e4692fd194129fbfee0d73ec7899f326cb74e3c57300fc99e701
92b59c15dd9b7de705e0a18593105ee5ce4f5a3620740682138e7c4dd1249826
94cc5340fb33a53814be3df97b5ef9388eb31d4e8bd8b607ae9c44003933827a
95d84e6e4361513b552103fdc417683f957740fe3e8e66d21f29321cf73d881d
a82bf06ca806e1240ecd967c5d4975680949a9ea692f4d2aa9ce7267e14c7e0b
b221dc5a8e43f5a56353a0bb733849bb8b04d762b7b947e91baecce70e19ae16
b6a20cef2fd214ed4853a8ee26c23c6b493ea5c021d994411de0e92226f84831
b8157e6402ba224e849a12bc7ae61761eab3c997a999cb6cab6712aa1ca68845
bceb0ae35e704b9d095c0f541a97e6b13f4fdea4f36367088807eb62b0f8ecde
c12a21d3b3145d9870c8096096617902ec8d7c58d5167beb7be8b5355a734033
c6d09988348c3ec93c47d7555258e80a0adfc86aa2ce78c60407d2b26f03ed98
cd2730425a072eb2d4a8fc4639133d44324dca57198a68acdebdeffc4d5d6380
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f099105c4ec10af4755f330a2d20ee513b14b8db24bb2f2b3a047f282d79300f
fbce03f1f983fbc5c7336598ccb6efa8219a5f90ca6ce983c23c7efc7ad4644b

www.encom-sys.pl Open in urlscan Pro 193.239.59.252 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

32 Requests

88 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

234 kBTransfer

310 kBSize

0 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.encom-sys.pl Open in urlscan Pro
193.239.59.252 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

234 kB
Transfer

310 kB
Size

0
Cookies

32 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!