help-westpac-au.com
Open in
urlscan Pro
176.123.0.55
Malicious Activity!
Public Scan
Submission Tags: krdprod
Submission: On September 01 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 31st 2022. Valid for: 3 months.
This is the only time help-westpac-au.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Westpac (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 176.123.0.55 176.123.0.55 | 200019 (ALEXHOST) (ALEXHOST) | |
4 | 110.5.80.221 110.5.80.221 | 9426 (WESTPAC-A...) (WESTPAC-AS-AP Westpac Bank) | |
15 | 2 |
ASN200019 (ALEXHOST, MD)
PTR: hosting2.alexhost.md
help-westpac-au.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
help-westpac-au.com
help-westpac-au.com |
107 KB |
4 |
westpac.com.au
banking.westpac.com.au — Cisco Umbrella Rank: 748516 |
22 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
11 | help-westpac-au.com |
help-westpac-au.com
|
4 | banking.westpac.com.au |
help-westpac-au.com
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
help-westpac-au.com cPanel, Inc. Certification Authority |
2022-08-31 - 2022-11-29 |
3 months | crt.sh |
banking.westpac.com.au Entrust Certification Authority - L1M |
2022-04-13 - 2023-04-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://help-westpac-au.com//pages
Frame ID: 8E00CD288DF49711571764292804FA31
Requests: 15 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pages
help-westpac-au.com// |
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
000-000-0001combined.css.1a6232cd07874834478c928fa1f30b79eea8fe08.css
help-westpac-au.com//front_end/front_end_files/ |
154 B 419 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
000-0001combined.css.ad465e8be579042cb5c8ec3d4ebc745fbe87f2b4.css
help-westpac-au.com//front_end/front_end_files/ |
229 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css
help-westpac-au.com//front_end/front_end_files/ |
101 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
help-westpac-au.com//js/cntdjs/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
help-westpac-au.com//js/cntdjs/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cntd.js
help-westpac-au.com//js/cntdjs/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.js
help-westpac-au.com//js/shared/ |
2 KB 1011 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
online_status.js
help-westpac-au.com//js/shared/ |
998 B 737 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_white_bg.png.ce5c4c19ec61b56796f0e218fc8329c558421fd8.png
help-westpac-au.com//front_end/front_end_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close-slider.png
help-westpac-au.com//front_end/front_end_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
StandardSignInRibbon.png.4f505a909d6a96b07fe521d44051d96801184d82.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/ |
172 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
padlock-icon-v2.png.600e24c5da08eebbbee193c94b5d476d9269b51a.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/ |
466 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
white-chevron.png.75a6ec48e7b0b941f3fada64c3def1875b1f7591.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/ |
223 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
red_arrow_icon.png.50687ff84190c3c102b0e9b867229854cb61bec9.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Westpac (Banking)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| urlroot string| uniqueid function| $ function| jQuery object| controller string| url1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
help-westpac-au.com/ | Name: PHPSESSID Value: cc33117ac87e7f3c0578f27f2aa52eea |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
banking.westpac.com.au
help-westpac-au.com
110.5.80.221
176.123.0.55
06b806e1ac0dcd5c55eecef5fba60cc9a9ba999d2e85e36f5c88c2200da863e7
128f19dd3d12d901104f6856347080a771b2aa1be482680fd7e013386226e4b7
375c21b6f1883e77283613efec7b44651124cce1a873df52659b43a8e8cdbe4e
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
6973b22376b0cfcb74403c7f558140ca37d89685e53fe11472ab4b470a85aa6a
90625e6164330d2eb9e1bf01a00e54f83eb18e1b307517dc94207e366b967047
94c274e4ef0b59f43ebbc89f9de1614684ae6eddce57472cff88d1182ae7295a
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
cf1c352b986e083292b5713ac5556b02832a8cf248485e627708110e62a83820
d020868d419697b5ddd5b08b99db502f3cbf2252de62866d45bde8976318db5e
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
f6ce377309b47237188906b2588ac46cc768d7cc0209eb8361253279b910bc53
fd8ff5ab6aae4e32a9798a7f13d3d913f82a749cb2039eeb94aa0c2f71456827
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e