westpac.nz-app.com
Open in
urlscan Pro
172.67.132.21
Malicious Activity!
Public Scan
Submission: On February 13 via automatic, source certstream-suspicious — Scanned from NZ
Summary
TLS certificate: Issued by GTS CA 1P5 on February 12th 2023. Valid for: 3 months.
This is the only time westpac.nz-app.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Westpac (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 172.67.132.21 172.67.132.21 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 110.5.80.221 110.5.80.221 | 9426 (WESTPAC-A...) (WESTPAC-AS-AP Westpac Bank) | |
1 | 202.7.39.65 202.7.39.65 | 4830 (AS-WESTPA...) (AS-WESTPACNZ-AP Westpactrust) | |
4 | 202.7.41.228 202.7.41.228 | 4830 (AS-WESTPA...) (AS-WESTPACNZ-AP Westpactrust) | |
33 | 5 |
ASN4830 (AS-WESTPACNZ-AP Westpactrust, NZ)
assets.westpac.co.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
nz-app.com
westpac.nz-app.com |
490 KB |
5 |
westpac.co.nz
bank.westpac.co.nz Failed assets.westpac.co.nz |
24 KB |
1 |
westpac.com.au
banking.westpac.com.au — Cisco Umbrella Rank: 851916 |
2 KB |
33 | 3 |
Domain | Requested by | |
---|---|---|
17 | westpac.nz-app.com |
westpac.nz-app.com
|
4 | bank.westpac.co.nz |
westpac.nz-app.com
|
1 | assets.westpac.co.nz |
westpac.nz-app.com
|
1 | banking.westpac.com.au |
westpac.nz-app.com
|
33 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nz-app.com GTS CA 1P5 |
2023-02-12 - 2023-05-13 |
3 months | crt.sh |
banking.westpac.com.au Entrust Certification Authority - L1M |
2022-04-13 - 2023-04-13 |
a year | crt.sh |
assets.westpac.co.nz Entrust Certification Authority - L1K |
2022-04-12 - 2023-05-11 |
a year | crt.sh |
bank.westpac.co.nz Entrust Certification Authority - L1M |
2022-03-16 - 2023-04-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://westpac.nz-app.com/
Frame ID: 38B74B2FB359C16ACCDAF8B15A556E84
Requests: 33 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
westpac.nz-app.com/ |
32 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
westpac.nz-app.com/index_files/ |
275 B 532 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.f7f52137a28f445d9986.css
westpac.nz-app.com/index_files/ |
20 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.53084dd392914e25de4f.css
westpac.nz-app.com/index_files/ |
1 B 321 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.0788bdac6057c9cfea7d.css
westpac.nz-app.com/index_files/ |
1 MB 151 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
westpac.nz-app.com/index_files/ |
47 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
westpac.nz-app.com/cntdjs/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
westpac.nz-app.com/cntdjs/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cntd.js
westpac.nz-app.com/cntdjs/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_white_bg.png.ce5c4c19ec61b56796f0e218fc8329c558421fd8.png
banking.westpac.com.au/wbc/banking/Themes/Default/Desktop/WBC/Core/Images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
phone-rotate.gif
westpac.nz-app.com/index_files/ |
18 KB 18 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
phone-rotate@2.gif
westpac.nz-app.com/index_files/ |
40 KB 41 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
base.css
westpac.nz-app.com/index_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
theme.css
westpac.nz-app.com/index_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sprite.f35ac.svg
bank.westpac.co.nz/wone/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sprite.f35ac.svg
bank.westpac.co.nz/wone/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sprite.f35ac.svg
bank.westpac.co.nz/wone/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sprite.f35ac.svg
bank.westpac.co.nz/wone/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sprite.f35ac.svg
bank.westpac.co.nz/wone/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.svg
assets.westpac.co.nz/w1/login/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-left.svg
bank.westpac.co.nz/images/login/ |
888 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tiempos-text-web-bold.woff2
westpac.nz-app.com/index_files/ |
50 KB 51 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
national-2-web-medium.woff2
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
national-2-web-regular.woff2
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
online-guardian.svg
bank.westpac.co.nz/images/security/ |
13 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
online-guardian-guarantee.svg
bank.westpac.co.nz/images/security/ |
18 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssl-entrust.png
bank.westpac.co.nz/images/security/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SourceSansPro-Regular.ttf
bank.westpac.co.nz/wone/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
national-2-web-medium.woff
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
national-2-web-regular.woff
bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
national-2-web-regular.woff2
westpac.nz-app.com/index_files/ |
29 KB 29 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
national-2-web-medium.woff2
westpac.nz-app.com/index_files/ |
32 KB 32 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SourceSansPro-Regular.ttf
westpac.nz-app.com/index_files/ |
262 KB 111 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/images/sprite.f35ac.svg
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-medium.woff2
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular.woff2
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/fonts/SourceSansPro-Regular.ttf
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-medium.woff
- Domain
- bank.westpac.co.nz
- URL
- https://bank.westpac.co.nz/wone/node_modules/@westpac/components-web/dist/esm/assets/fonts/national/national-2-web-regular.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Westpac (Banking)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery object| controller string| url1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
westpac.nz-app.com/ | Name: PHPSESSID Value: q095tnjhaorlm937aadjkkr343 |
17 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.westpac.co.nz
bank.westpac.co.nz
banking.westpac.com.au
westpac.nz-app.com
bank.westpac.co.nz
110.5.80.221
172.67.132.21
202.7.39.65
202.7.41.228
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
048c5e516b17e78ce30c54ede0145dedb0ffb67bd86135ba6ea12ea57ef330b4
0662948e18bfefa0ad7a432d7c68e1ca5cb86df231f785931e84c519360bae04
08ef93a94050a0163b4f527a389e2391cbbd513844e239e96cbc752ce7b108b4
099c8a9a4c3795739754be1f82022a41db3a6f035d811a4168ac9f654d94695f
1bf71bfcdca3d5a631316535350da96f02cf11957362019c87b15898a09721d4
201ca1896671b7dd0285ad298f0b3be5edf1e68b68dcc52d3796f2b82216f69f
23e22334f525b2759e87148b6f29191ac1ebb8d411456a70496e6734f5a5c7dc
34efa6b825e55ddb3678ccf4370187ee65e85724851e821cec0f31d07bcfd0e0
36cac8199deeabb9e568da209cedb4f3793a17d2f97cda18c5c2d3f7db04d0ae
3c6f59309bd05807a77ac1c8b46353e1f6054c90d7b0707f56708d4b8568fef9
435beedb0840193d27a5a539cb75a557405a1bbe71230d2e53f8a658bfb40d8a
4d0a006b40d857b4ac68aeb5ddef50b7dd29abddd4ee9b5e7108d4a9ce4e0102
7cb16eaa505542e5bdcda6c3e764e241fbb4e35e07bf21a820cc19fac1bb3864
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
ba6f9cec5b7703aa912c81886e901804decc82685cc2c6ed1a1d7d66469e0147
cc84eadbd134138804b1e470aaf40d8f801539386400b56b58cebd0d27e3bdb0
cf1c352b986e083292b5713ac5556b02832a8cf248485e627708110e62a83820
f3a6fcefee206e3ae4008aa8d92f2c8a7b2c10366116cf3e81cc24901b5b7853
fb3a6e43bc13dd8ba3d4cb557202ace068d523d832d6a0312efa3282ede43df8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e