westpac-authsecure.com Open in urlscan Pro
34.93.174.166  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request pages Show response westpac-authsecure.com/	20 KB 20 KB	2622ms 837ms	Document text/html	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash 2ba133898e9f8308a200cd09d3542ea24fd89a4931777744cd35ad367308479c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Fri, 22 Jul 2022 15:16:06 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	000-000-0001combined.css.1a6232cd07874834478c928fa1f30b79eea8fe08.css westpac-authsecure.com/front_end/front_end_files/	154 B 395 B	764ms 763ms	Stylesheet text/css	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://westpac-authsecure.com/front_end/front_end_files/000-000-0001combined.css.1a6232cd07874834478c928fa1f30b79eea8fe08.css Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash 90625e6164330d2eb9e1bf01a00e54f83eb18e1b307517dc94207e366b967047 Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 15:16:06 GMT Last-Modified Tue, 17 May 2022 16:44:45 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 154
GET H/1.1	200 OK	000-0001combined.css.ad465e8be579042cb5c8ec3d4ebc745fbe87f2b4.css westpac-authsecure.com/front_end/front_end_files/	47 KB 0	1282ms 769ms	Stylesheet text/css	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://westpac-authsecure.com/front_end/front_end_files/000-0001combined.css.ad465e8be579042cb5c8ec3d4ebc745fbe87f2b4.css Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 15:16:07 GMT Last-Modified Tue, 17 May 2022 16:57:07 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 234142
GET H/1.1	200 OK	000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css westpac-authsecure.com/front_end/front_end_files/	8 KB 0	1529ms 765ms	Stylesheet text/css	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://westpac-authsecure.com/front_end/front_end_files/000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 15:16:07 GMT Last-Modified Tue, 17 May 2022 16:51:21 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 103795
GET		jquery.js westpac-authsecure.com/js/cntdjs/	0 0
GET		jquery.mask.js westpac-authsecure.com/js/cntdjs/	0 0
GET H/1.1	200 OK	cntd.js Show response westpac-authsecure.com/js/cntdjs/	3 KB 3 KB	3872ms 770ms	Script application/javascript	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://westpac-authsecure.com/js/cntdjs/cntd.js Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash 5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 15:16:10 GMT Last-Modified Wed, 11 May 2022 21:34:03 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2751
GET H/1.1	200 OK	loading.js Show response westpac-authsecure.com/js/shared/	2 KB 2 KB	3872ms 765ms	Script application/javascript	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://westpac-authsecure.com/js/shared/loading.js Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash 4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134 Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 15:16:10 GMT Last-Modified Wed, 11 May 2022 22:15:50 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1973
GET H/1.1	200 OK	online_status.js Show response westpac-authsecure.com/js/shared/	998 B 1 KB	3874ms 766ms	Script application/javascript	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://westpac-authsecure.com/js/shared/online_status.js Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7 Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 15:16:10 GMT Last-Modified Mon, 09 May 2022 22:15:02 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 998
GET H/1.1	200 OK	logo_white_bg.png.ce5c4c19ec61b56796f0e218fc8329c558421fd8.png westpac-authsecure.com/front_end/front_end_files/	1 KB 1 KB	765ms 765ms	Image image/png	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://westpac-authsecure.com/front_end/front_end_files/logo_white_bg.png.ce5c4c19ec61b56796f0e218fc8329c558421fd8.png Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash cf1c352b986e083292b5713ac5556b02832a8cf248485e627708110e62a83820 Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 15:16:10 GMT Last-Modified Tue, 17 May 2022 16:44:45 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1183
GET H/1.1	200 OK	close-slider.png westpac-authsecure.com/front_end/front_end_files/	4 KB 4 KB	761ms 761ms	Image image/png	34.93.174.166 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://westpac-authsecure.com/front_end/front_end_files/close-slider.png Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.93.174.166 Mumbai, India, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 166.174.93.34.bc.googleusercontent.com Software Apache / Resource Hash 94c274e4ef0b59f43ebbc89f9de1614684ae6eddce57472cff88d1182ae7295a Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/pages User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Fri, 22 Jul 2022 15:16:10 GMT Last-Modified Tue, 17 May 2022 16:44:45 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4230
GET H/1.1	200 OK	soon_browsernotsupported1024x168.jpg banking.westpac.com.au/wbc/banking/Resources/Desktop/WBC/Assets/Images/	28 KB 29 KB	2439ms 658ms	Image image/jpeg	110.5.81.221 WESTPAC-AS-AP Wes...
General Check archive.org Show headers Download Go to Show image Full URL https://banking.westpac.com.au/wbc/banking/Resources/Desktop/WBC/Assets/Images/soon_browsernotsupported1024x168.jpg Requested by Host: westpac-authsecure.com URL: https://westpac-authsecure.com/pages Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 110.5.81.221 Sydney, Australia, ASN9426 (WESTPAC-AS-AP Westpac Bank, AU), Reverse DNS Software / Resource Hash 3086eb2644035c7be97e888c12dab321320f5fb6629d6167def8390204ca8cdf Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://*.westpac.com.au Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://westpac-authsecure.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Fri, 22 Jul 2022 15:16:11 GMT referrer-policy no-referrer-when-downgrade last-modified Fri, 25 May 2018 07:35:46 GMT etag "0f56ffefaf3d31:0" strict-transport-security max-age=31536000; includeSubDomains p3p CP="NON CUR OTPi OUR NOR UNI" x-xss-protection 1; mode=block cache-control max-age=31536000 content-security-policy frame-ancestors 'self' https://*.westpac.com.au accept-ranges bytes content-type image/jpeg content-length 28414 x-content-type-options nosniff x-ua-compatible IE=8;FF=3;OtherUA=4

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

westpac-authsecure.com

URL

https://westpac-authsecure.com/js/cntdjs/jquery.js

Domain

westpac-authsecure.com

URL

https://westpac-authsecure.com/js/cntdjs/jquery.mask.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Westpac (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| urlroot string| uniqueid object| controller string| url

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			westpac-authsecure.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: df9789406fa4c4d62e418d176c2e51d5

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://westpac-authsecure.com/js/cntdjs/jquery.js Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://westpac-authsecure.com/js/cntdjs/jquery.mask.js Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://westpac-authsecure.com/front_end/front_end_files/000-0001combined.css.b0cf37060ddf80c0f0adf1583668a8d44dfb5143.css Message: Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH
network	error	URL: https://westpac-authsecure.com/front_end/front_end_files/000-0001combined.css.ad465e8be579042cb5c8ec3d4ebc745fbe87f2b4.css Message: Failed to load resource: net::ERR_CONTENT_LENGTH_MISMATCH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.westpac.com.au
westpac-authsecure.com
westpac-authsecure.com
110.5.81.221
34.93.174.166
2ba133898e9f8308a200cd09d3542ea24fd89a4931777744cd35ad367308479c
3086eb2644035c7be97e888c12dab321320f5fb6629d6167def8390204ca8cdf
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
90625e6164330d2eb9e1bf01a00e54f83eb18e1b307517dc94207e366b967047
94c274e4ef0b59f43ebbc89f9de1614684ae6eddce57472cff88d1182ae7295a
cf1c352b986e083292b5713ac5556b02832a8cf248485e627708110e62a83820
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7