www.encom-sys.pl
Open in
urlscan Pro
193.239.59.252
Malicious Activity!
Public Scan
Submission: On July 13 via automatic, source openphish
Summary
This is the only time www.encom-sys.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Westpac (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 193.239.59.252 193.239.59.252 | 35179 (PROVIDER-...) (PROVIDER-WROCLAW ul. Nabycinska 19) | |
28 | 202.7.39.68 202.7.39.68 | 4830 (ASN-WESTP...) (ASN-WESTPACNZ-AP) | |
32 | 3 |
ASN35179 (PROVIDER-WROCLAW ul. Nabycinska 19, PL)
PTR: neptun.k.pl
www.encom-sys.pl | |
encom-sys.pl |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
westpac.co.nz
sec.westpac.co.nz |
228 KB |
2 |
encom-sys.pl
www.encom-sys.pl encom-sys.pl |
6 KB |
32 | 2 |
Domain | Requested by | |
---|---|---|
28 | sec.westpac.co.nz |
www.encom-sys.pl
|
1 | encom-sys.pl |
www.encom-sys.pl
|
1 | www.encom-sys.pl | |
32 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sec.westpac.co.nz Entrust Certification Authority - L1M |
2017-03-21 - 2019-04-16 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://www.encom-sys.pl/wp-includes/tmp/9/login.php
Frame ID: 25358.1
Requests: 31 HTTP requests in this frame
Frame:
https://sec.westpac.co.nz/IOLB/Verisign.jsp
Frame ID: 25358.2
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request 28- http://www.encom-sys.pl/wp-includes/tmp/9/theme/westpacIOLBStyleMozillav1_2.css
- http://encom-sys.pl/wp-includes/tmp/9/theme/westpacIOLBStyleMozillav1_2.css
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
www.encom-sys.pl/wp-includes/tmp/9/ |
28 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
westpacIOLBStyleBasev2_0.css
sec.westpac.co.nz/IOLB/theme/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ChooseCSSv1_3.js
sec.westpac.co.nz/IOLB/javascript/ |
846 B 358 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
westpacIOLBStyleMozillav1_2.css
sec.westpac.co.nz/IOLB/theme/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.7.1.min.js
sec.westpac.co.nz/IOLB/javascript/ |
92 KB 92 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logout_v3.js
sec.westpac.co.nz/IOLB/javascript/auth/ |
153 B 142 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timeout_v2.js
sec.westpac.co.nz/IOLB/javascript/ |
788 B 477 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
westpac-logo.png
sec.westpac.co.nz/IOLB/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1pixel.gif
sec.westpac.co.nz/IOLB/images/ |
42 B 42 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav_homepage_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ |
358 B 358 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav_L1divider_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ |
60 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav_your_security_1.1.gif
sec.westpac.co.nz/IOLB/images/nav1/ |
226 B 226 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav_askaquestion_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ |
242 B 242 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav_bankingonyourmobile_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav_reportphishingscam_1.0.gif
sec.westpac.co.nz/IOLB/images/nav1/ |
342 B 342 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nav_bottom_1.1.gif
sec.westpac.co.nz/IOLB/images/nav1/ |
273 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
guarantee_3.0.gif
sec.westpac.co.nz/IOLB/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
guardian_1.0.gif
sec.westpac.co.nz/IOLB/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
keystroke-biometric_v1.js
sec.westpac.co.nz/IOLB/javascript/auth/ |
888 B 448 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_helper_v6.js
sec.westpac.co.nz/IOLB/javascript/auth/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ie.png
sec.westpac.co.nz/IOLB/images/icons/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
safari.png
sec.westpac.co.nz/IOLB/images/icons/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
firefox.png
sec.westpac.co.nz/IOLB/images/icons/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
olb_alt_divider.gif
sec.westpac.co.nz/IOLB/images/ |
215 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WP1-GoTo-Linkimage.png
sec.westpac.co.nz/IOLB/images/ |
71 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onlinebankingCommon.js
sec.westpac.co.nz/IOLB/lightbox/javascript/ |
7 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
baseV2.css
sec.westpac.co.nz/IOLB/lightbox/stylesheets/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
componentsV2.css
sec.westpac.co.nz/IOLB/lightbox/stylesheets/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base-txt-bankingV2.css
sec.westpac.co.nz/IOLB/lightbox/stylesheets/ |
3 KB 822 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
westpacIOLBStyleMozillav1_2.css
encom-sys.pl/wp-includes/tmp/9/theme/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
Verisign.jsp
sec.westpac.co.nz/IOLB/ Frame 2535 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
printV2.css
sec.westpac.co.nz/IOLB/lightbox/stylesheets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- sec.westpac.co.nz
- URL
- https://sec.westpac.co.nz/IOLB/Verisign.jsp
- Domain
- sec.westpac.co.nz
- URL
- https://sec.westpac.co.nz/IOLB/lightbox/stylesheets/printV2.css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Westpac (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
encom-sys.pl
sec.westpac.co.nz
www.encom-sys.pl
sec.westpac.co.nz
193.239.59.252
202.7.39.68
08a9b36b724603536cd879f1709a2c485e0b17b4010f2c5e23c8f2ec24c94b17
0f368ebe65fb4210c2f6046e0336a9f84103c342b55db73d1bc6a9d78beed88d
166b693f0139ae3df7316a863ccdf69b35430ab349885c07434636ac05124b5f
21378f4b4f20d624d57d98200fdb5e6859968bfd8f08bc07835071d170a8fb49
2e52a6fa11d6ae779fa2e5d7413ef9f0147ae0e0cd888db5e93cb943da0fc044
39521bcb6d58a72cee33875568bd523a5028e9d1aec2e1644e3a9bdb69595b3d
415d4b9462168f90873d8633861d10bedc7df9ebcc74eb4d5653475987ba1469
496bba7e8705c7d7577acf28ea5a3f58a84fc4fdbfb0b4c4594d0a79a50cde84
5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3
7a882f9632c99fea949d9e765fa4ea8a55c74332c140c63712e64b2c1fce8e2c
7b31db0ce3e21ee030597d6e4bff90f8788af9dd40282b7e210a7c589c10a3aa
811d8064196602c7023830a5de555e392a6bf0179e8dfadad2b5e9b0a1b4b83a
8c5f448f67c2d84d6501c0bb1d37a399cc6cd5c96f4484fd28910978daa4a211
8d1db1a6de41dfe4ea290684e88bbc14384cabab900b9f0d1b665509fcf6aba2
8f407d735ff2e4692fd194129fbfee0d73ec7899f326cb74e3c57300fc99e701
92b59c15dd9b7de705e0a18593105ee5ce4f5a3620740682138e7c4dd1249826
94cc5340fb33a53814be3df97b5ef9388eb31d4e8bd8b607ae9c44003933827a
95d84e6e4361513b552103fdc417683f957740fe3e8e66d21f29321cf73d881d
a82bf06ca806e1240ecd967c5d4975680949a9ea692f4d2aa9ce7267e14c7e0b
b221dc5a8e43f5a56353a0bb733849bb8b04d762b7b947e91baecce70e19ae16
b6a20cef2fd214ed4853a8ee26c23c6b493ea5c021d994411de0e92226f84831
b8157e6402ba224e849a12bc7ae61761eab3c997a999cb6cab6712aa1ca68845
bceb0ae35e704b9d095c0f541a97e6b13f4fdea4f36367088807eb62b0f8ecde
c12a21d3b3145d9870c8096096617902ec8d7c58d5167beb7be8b5355a734033
c6d09988348c3ec93c47d7555258e80a0adfc86aa2ce78c60407d2b26f03ed98
cd2730425a072eb2d4a8fc4639133d44324dca57198a68acdebdeffc4d5d6380
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f099105c4ec10af4755f330a2d20ee513b14b8db24bb2f2b3a047f282d79300f
fbce03f1f983fbc5c7336598ccb6efa8219a5f90ca6ce983c23c7efc7ad4644b