URL: https://help-westpac-au.com//pages
Submission Tags: krdprod
Submission: On September 01 via api from JP — Scanned from JP

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 176.123.0.55, located in Chisinau, Moldova and belongs to ALEXHOST, MD. The main domain is help-westpac-au.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 31st 2022. Valid for: 3 months.
This is the only time help-westpac-au.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Westpac (Banking)

Domain & IP information

IP Address AS Autonomous System
11 176.123.0.55 200019 (ALEXHOST)
4 110.5.80.221 9426 (WESTPAC-A...)
15 2
Apex Domain
Subdomains
Transfer
11 help-westpac-au.com
help-westpac-au.com
107 KB
4 westpac.com.au
banking.westpac.com.au — Cisco Umbrella Rank: 748516
22 KB
15 2
Domain Requested by
11 help-westpac-au.com help-westpac-au.com
4 banking.westpac.com.au help-westpac-au.com
15 2

This site contains no links.

Subject Issuer Validity Valid
help-westpac-au.com
cPanel, Inc. Certification Authority
2022-08-31 -
2022-11-29
3 months crt.sh
banking.westpac.com.au
Entrust Certification Authority - L1M
2022-04-13 -
2023-04-13
a year crt.sh

This page contains 1 frames:

Primary Page: https://help-westpac-au.com//pages
Frame ID: 8E00CD288DF49711571764292804FA31
Requests: 15 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

129 kB
Transfer

489 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request pages
help-westpac-au.com//
19 KB
5 KB
Document
General
Full URL
https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx / PHP/7.3.33
Resource Hash
d020868d419697b5ddd5b08b99db502f3cbf2252de62866d45bde8976318db5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 01 Sep 2022 13:29:41 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-powered-by
PHP/7.3.33
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
000-000-0001combined.css.1a6232cd07874834478c928fa1f30b79eea8fe08.css
help-westpac-au.com//front_end/front_end_files/
154 B
419 B
Stylesheet
General
Full URL
https://help-westpac-au.com//front_end/front_end_files/000-000-0001combined.css.1a6232cd07874834478c928fa1f30b79eea8fe08.css
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
90625e6164330d2eb9e1bf01a00e54f83eb18e1b307517dc94207e366b967047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 16:44:45 GMT
server
nginx
content-type
text/css
expires
Sat, 01 Oct 2022 13:29:42 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
154
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
000-0001combined.css.ad465e8be579042cb5c8ec3d4ebc745fbe87f2b4.css
help-westpac-au.com//front_end/front_end_files/
229 KB
40 KB
Stylesheet
General
Full URL
https://help-westpac-au.com//front_end/front_end_files/000-0001combined.css.ad465e8be579042cb5c8ec3d4ebc745fbe87f2b4.css
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
128f19dd3d12d901104f6856347080a771b2aa1be482680fd7e013386226e4b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 16:57:07 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Sat, 01 Oct 2022 13:29:42 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css
help-westpac-au.com//front_end/front_end_files/
101 KB
16 KB
Stylesheet
General
Full URL
https://help-westpac-au.com//front_end/front_end_files/000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
f6ce377309b47237188906b2588ac46cc768d7cc0209eb8361253279b910bc53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 16:51:21 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css
expires
Sat, 01 Oct 2022 13:29:42 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jquery.js
help-westpac-au.com//js/cntdjs/
87 KB
31 KB
Script
General
Full URL
https://help-westpac-au.com//js/cntdjs/jquery.js
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 31 Mar 2022 21:34:59 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 01 Oct 2022 13:29:42 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
jquery.mask.js
help-westpac-au.com//js/cntdjs/
23 KB
6 KB
Script
General
Full URL
https://help-westpac-au.com//js/cntdjs/jquery.mask.js
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 31 Mar 2022 21:34:59 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 01 Oct 2022 13:29:42 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
cntd.js
help-westpac-au.com//js/cntdjs/
3 KB
1 KB
Script
General
Full URL
https://help-westpac-au.com//js/cntdjs/cntd.js
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 May 2022 21:34:03 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 01 Oct 2022 13:29:42 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
loading.js
help-westpac-au.com//js/shared/
2 KB
1011 B
Script
General
Full URL
https://help-westpac-au.com//js/shared/loading.js
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 May 2022 22:15:50 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 01 Oct 2022 13:29:42 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
online_status.js
help-westpac-au.com//js/shared/
998 B
737 B
Script
General
Full URL
https://help-westpac-au.com//js/shared/online_status.js
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 May 2022 22:15:02 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
expires
Sat, 01 Oct 2022 13:29:42 GMT
cache-control
max-age=2592000
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
logo_white_bg.png.ce5c4c19ec61b56796f0e218fc8329c558421fd8.png
help-westpac-au.com//front_end/front_end_files/
1 KB
1 KB
Image
General
Full URL
https://help-westpac-au.com//front_end/front_end_files/logo_white_bg.png.ce5c4c19ec61b56796f0e218fc8329c558421fd8.png
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
cf1c352b986e083292b5713ac5556b02832a8cf248485e627708110e62a83820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 16:44:45 GMT
server
nginx
content-type
image/png
expires
Mon, 31 Oct 2022 13:29:42 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
1183
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
close-slider.png
help-westpac-au.com//front_end/front_end_files/
4 KB
4 KB
Image
General
Full URL
https://help-westpac-au.com//front_end/front_end_files/close-slider.png
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//pages
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.123.0.55 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
hosting2.alexhost.md
Software
nginx /
Resource Hash
94c274e4ef0b59f43ebbc89f9de1614684ae6eddce57472cff88d1182ae7295a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com//pages
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 17 May 2022 16:44:45 GMT
server
nginx
content-type
image/png
expires
Mon, 31 Oct 2022 13:29:42 GMT
cache-control
max-age=5184000
x-server-powered-by
Engintron
accept-ranges
bytes
content-length
4230
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
HIT
StandardSignInRibbon.png.4f505a909d6a96b07fe521d44051d96801184d82.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/
172 B
1 KB
Image
General
Full URL
https://banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/StandardSignInRibbon.png.4f505a909d6a96b07fe521d44051d96801184d82.png?preserve-inactive-time=true
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//front_end/front_end_files/000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
110.5.80.221 Sydney, Australia, ASN9426 (WESTPAC-AS-AP Westpac Bank, AU),
Reverse DNS
Software
/
Resource Hash
06b806e1ac0dcd5c55eecef5fba60cc9a9ba999d2e85e36f5c88c2200da863e7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.westpac.com.au
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:45 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Aug 2022 11:13:58 GMT
etag
"60fef8c6bcb3d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection
1; mode=block
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.westpac.com.au
accept-ranges
bytes
content-type
image/png
Vary
Accept-Encoding
content-length
172
x-content-type-options
nosniff
x-ua-compatible
IE=8;FF=3;OtherUA=4
padlock-icon-v2.png.600e24c5da08eebbbee193c94b5d476d9269b51a.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/
466 B
1 KB
Image
General
Full URL
https://banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/padlock-icon-v2.png.600e24c5da08eebbbee193c94b5d476d9269b51a.png?preserve-inactive-time=true
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//front_end/front_end_files/000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
110.5.80.221 Sydney, Australia, ASN9426 (WESTPAC-AS-AP Westpac Bank, AU),
Reverse DNS
Software
/
Resource Hash
6973b22376b0cfcb74403c7f558140ca37d89685e53fe11472ab4b470a85aa6a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.westpac.com.au
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:45 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Aug 2022 11:13:58 GMT
etag
"502a0c7bcb3d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection
1; mode=block
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.westpac.com.au
accept-ranges
bytes
content-type
image/png
Vary
Accept-Encoding
content-length
466
x-content-type-options
nosniff
x-ua-compatible
IE=8;FF=3;OtherUA=4
white-chevron.png.75a6ec48e7b0b941f3fada64c3def1875b1f7591.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/
223 B
1 KB
Image
General
Full URL
https://banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/white-chevron.png.75a6ec48e7b0b941f3fada64c3def1875b1f7591.png?preserve-inactive-time=true
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//front_end/front_end_files/000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
110.5.80.221 Sydney, Australia, ASN9426 (WESTPAC-AS-AP Westpac Bank, AU),
Reverse DNS
Software
/
Resource Hash
fd8ff5ab6aae4e32a9798a7f13d3d913f82a749cb2039eeb94aa0c2f71456827
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.westpac.com.au
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:45 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Aug 2022 11:13:58 GMT
etag
"502a0c7bcb3d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection
1; mode=block
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.westpac.com.au
accept-ranges
bytes
content-type
image/png
Vary
Accept-Encoding
content-length
223
x-content-type-options
nosniff
x-ua-compatible
IE=8;FF=3;OtherUA=4
red_arrow_icon.png.50687ff84190c3c102b0e9b867229854cb61bec9.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/
18 KB
18 KB
Image
General
Full URL
https://banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Fiserv.PS.Authentication/Images/red_arrow_icon.png.50687ff84190c3c102b0e9b867229854cb61bec9.png?preserve-inactive-time=true
Requested by
Host: help-westpac-au.com
URL: https://help-westpac-au.com//front_end/front_end_files/000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
110.5.80.221 Sydney, Australia, ASN9426 (WESTPAC-AS-AP Westpac Bank, AU),
Reverse DNS
Software
/
Resource Hash
375c21b6f1883e77283613efec7b44651124cce1a873df52659b43a8e8cdbe4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.westpac.com.au
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://help-westpac-au.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 13:29:45 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 19 Aug 2022 11:13:58 GMT
etag
"502a0c7bcb3d81:0"
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-xss-protection
1; mode=block
cache-control
max-age=31536000
content-security-policy
frame-ancestors 'self' https://*.westpac.com.au
accept-ranges
bytes
content-type
image/png
content-length
17991
x-content-type-options
nosniff
x-ua-compatible
IE=8;FF=3;OtherUA=4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Westpac (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| urlroot string| uniqueid function| $ function| jQuery object| controller string| url

1 Cookies

Domain/Path Name / Value
help-westpac-au.com/ Name: PHPSESSID
Value: cc33117ac87e7f3c0578f27f2aa52eea

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block