attempt-online-nab.squareelevator.com Open in urlscan Pro
162.215.218.216 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://attempt-online-nab.squareelevator.com/
Submission Tags: 7410270
Submission: On January 12 via api (January 12th 2022, 11:46:42 pm UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 38 HTTP transactions. The main IP is 162.215.218.216, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is attempt-online-nab.squareelevator.com.

This is the only time attempt-online-nab.squareelevator.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NAB Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3	162.215.218.216 162.215.218.216	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 20	104.117.210.162 104.117.210.162	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	104.117.194.196 104.117.194.196	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
38	8

3 162.215.218.216 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.shreyawebsoft.com

attempt-online-nab.squareelevator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.117.210.162 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-210-162.deploy.static.akamaitechnologies.com

ib.nab.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.194.196 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-194-196.deploy.static.akamaitechnologies.com

www.nab.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	nab.com.au 1 redirects ib.nab.com.au www.nab.com.au — Cisco Umbrella Rank: 569454	210 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	17 KB
3	squareelevator.com attempt-online-nab.squareelevator.com	31 KB
1	gstatic.com fonts.gstatic.com	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 541	30 KB
38	6

	Domain	Requested by
20	ib.nab.com.au	1 redirects attempt-online-nab.squareelevator.com ib.nab.com.au
3	cdnjs.cloudflare.com	attempt-online-nab.squareelevator.com
3	attempt-online-nab.squareelevator.com	attempt-online-nab.squareelevator.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.nab.com.au	attempt-online-nab.squareelevator.com
1	fonts.googleapis.com	attempt-online-nab.squareelevator.com
1	code.jquery.com	attempt-online-nab.squareelevator.com
38	7

This site contains no links.

Subject Issuer	Validity	Valid
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
ib.nab.com.au Entrust Certification Authority - L1M	`2021-10-18` - `2022-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.nab.com.au Entrust Certification Authority - L1M	`2021-10-29` - `2022-10-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://attempt-online-nab.squareelevator.com/
Frame ID: A79F8A394A880918EFE73B0CF6E07C82
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NAB Internet Banking

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

66 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

302 kB
Transfer

466 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://ib.nab.com.au/DB9VIBs1dTqVFazgPNNQC.css HTTP 301
https://ib.nab.com.au/DB9VIBs1dTqVFazgPNNQC.css

38 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
attempt-online-nab.squareelevator.com/ 17 KB
17 KB 458ms
168ms Document
text/html 162.215.218.216
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://attempt-online-nab.squareelevator.com/
Protocol: HTTP/1.1
Server: 162.215.218.216 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.shreyawebsoft.com
Software: nginx/1.21.4 /
Resource Hash: 6518d59a080befb4a684a9e71a2e2999cf52a9967e512a178e4c535c8daee56b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.21.4
Date: Wed, 12 Jan 2022 23:46:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 17421
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
Pragma: no-cache
X-Mod-Pagespeed: 1.13.35.2-0
Vary: Accept-Encoding

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 61ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: http://attempt-online-nab.squareelevator.com/
Origin: http://attempt-online-nab.squareelevator.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1642031195.dop148.am5.t,1642031195.cds273.am5.hn,1642031195.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/ 24 KB
8 KB 39ms
21ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/jquery.validate.min.js

Requested by

Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://attempt-online-nab.squareelevator.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7281639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6996
timing-allow-origin: *
last-modified: Fri, 11 Jun 2021 11:01:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c342a7-1b54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWzDWxgo9lNamaVtBlxnlC1EO%2BPmwDt29drSRaX0nObfkkDkX%2BJVpV3woGXAv2eLMeFC79z0Fw9342ejnCHYCpuuO8SFGeyv7A%2Ff63CQvkIg0ZqDJPnQE6xPqV4DwziHkGHlkZuhoNhHGAcMg48Sbp90"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cca43daf8ca6943-FRA
expires: Mon, 02 Jan 2023 23:46:35 GMT

GET
H2 200 additional-methods.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/ 22 KB
6 KB 43ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.3/additional-methods.min.js

Requested by

Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d3e2d9178ac88eb284d0a527bf094b36cc9a286aeca8e697ce0bc11eb7d613

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://attempt-online-nab.squareelevator.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15006945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5690
timing-allow-origin: *
last-modified: Fri, 11 Jun 2021 11:01:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c342a7-163a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELDBp8mUhXsI8bq%2F%2Fo2W9tjK8bI6zQs%2F4k%2B6QofiPDKg5jZKbE4UN4iLW%2B8aMI4wn8EhwkHGBnD6X40CBW5N6WbidqWc7H7APN7T4wpnD3pR4qGAPBBm7vJqSdRuBJzUaGBRxdGWQcsZeD5pWLXfWVd9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cca43daf8cc6943-FRA
expires: Mon, 02 Jan 2023 23:46:35 GMT

GET
H2 200 jquery.mask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/ 8 KB
3 KB 40ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.16/jquery.mask.min.js

Requested by

Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://attempt-online-nab.squareelevator.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 506775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3074
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-2087"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Jp5lhB%2Bjo0RfHYiC8Tu3vW7w9cz41LJS%2Bm%2FEvNY21cy8jUTeEiwfzVWwGeoWgixbT%2BvQola3fh%2FToCfweINKShMwAyq8T1CAap1J3Y0lB05V6HV%2BCwsGiETKnH9KPeHxbs4iapBRisZTMCxMIwF9wxB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cca43daf8ce6943-FRA
expires: Mon, 02 Jan 2023 23:46:35 GMT

GET
H2

200

DB9VIBs1dTqVFazgPNNQC.css
ib.nab.com.au/
Redirect Chain

http://ib.nab.com.au/DB9VIBs1dTqVFazgPNNQC.css
https://ib.nab.com.au/DB9VIBs1dTqVFazgPNNQC.css

104 B
963 B

367ms
327ms

Stylesheet
text/css

104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/DB9VIBs1dTqVFazgPNNQC.css
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e7c436ea1c356b1b471b49414eaf17cc8bb7398964d0ab9639bef0d37c33f858

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
cache-control: private, max-age=86400
content-length: 104
content-type: text/css

Redirect headers

Location: https://ib.nab.com.au/DB9VIBs1dTqVFazgPNNQC.css
Date: Wed, 12 Jan 2022 23:46:35 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 404 reset.css
ib.nab.com.au/ 0
0 496ms
405ms Stylesheet
text/html 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/reset.css?id=6.28.0-B755
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 404 _template-styles.css
ib.nab.com.au/ 0
0 461ms
370ms Stylesheet
text/html 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/_template-styles.css?id=6.28.0-B755
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 404 _content-styles.css
ib.nab.com.au/ 0
0 452ms
361ms Stylesheet
text/html 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/_content-styles.css?id=6.28.0-B755
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 404 added-styles.css
ib.nab.com.au/ 0
0 474ms
383ms Stylesheet
text/html 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/added-styles.css?id=6.28.0-B755
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 404 _campaign-styles.css
ib.nab.com.au/login/ 0
0 486ms
396ms Stylesheet
text/html 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/login/_campaign-styles.css?id=6.28.0-B755
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 _ibRedesign-styles.css
ib.nab.com.au/nabib/styles/login/ 8 KB
2 KB 165ms
74ms Stylesheet
text/css 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/nabib/styles/login/_ibRedesign-styles.css?id=6.28.0-B755
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 81e9ae4c8db0f6af6b2a5edece1250816f111fd97631ca4b3323d14955aae5f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 00:33:18 GMT
etag: W/"2043-5d155c5696f80"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=600
content-length: 2219
expires: Wed, 12 Jan 2022 23:56:35 GMT

GET
H2 200 _print-styles.css
ib.nab.com.au/nabib/styles/login/ 3 KB
2 KB 190ms
100ms Stylesheet
text/css 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/nabib/styles/login/_print-styles.css?id=6.28.0-B755
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d2a4368b74c2510597107db94def97f5bb4d379e25d20fc47922660cb1ace13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 00:33:18 GMT
etag: W/"d0a-5d155c5696f80"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=600
content-length: 1359
expires: Wed, 12 Jan 2022 23:56:35 GMT

GET
H2 200 jquery.fancybox-1.3.1.css
ib.nab.com.au/nabib/scripts/fancybox/ 8 KB
2 KB 188ms
98ms Stylesheet
text/css 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/nabib/scripts/fancybox/jquery.fancybox-1.3.1.css?id=6.28.0-B755
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c9ca47cc5368eba18d4e0867b61d5818361d9143eb1c24aead6123de525ba28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 00:33:18 GMT
etag: W/"1fe2-5d155c5696f80"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=600
content-length: 1548
expires: Wed, 12 Jan 2022 23:56:35 GMT

GET
H2 200 loader-page.css
ib.nab.com.au//reno/shell/v4.13.0/ 3 KB
1 KB 190ms
100ms Stylesheet
text/css 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au//reno/shell/v4.13.0/loader-page.css
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2c5685385062c683b6f26fed1d264b4146569815ccdc3d7cfb7dc5f04b335bd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 11:38:17 GMT
etag: W/"b8d-5d1874b457a6c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
content-length: 773
expires: Thu, 12 Jan 2023 23:46:35 GMT

GET
H2 200 loader.css
ib.nab.com.au/reno/shell/v4.13.0/ 54 KB
8 KB 189ms
99ms Stylesheet
text/css 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/reno/shell/v4.13.0/loader.css
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a71bab0e5aa8f92523b69f180dbbc90e1bc12b6e6189167a215ea5139bc8e149

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 11:38:17 GMT
etag: W/"d649-5d1874b457a6c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
content-length: 7748
expires: Thu, 12 Jan 2023 23:46:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 128ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap

Requested by

Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdcfce73f65bf4f177c18b19744e141d543898e0186e10086d6c7af248606588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 23:46:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 12 Jan 2022 23:46:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jan 2022 23:46:35 GMT

GET
H2 200 star_nab_more.a3e1121c24cb2bd0957c143488ba84c9.svg
ib.nab.com.au/reno/shell/v4.13.0/assets/ 5 KB
2 KB 87ms
86ms Image
image/svg+xml 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/star_nab_more.a3e1121c24cb2bd0957c143488ba84c9.svg
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: db23f96e265a441082c50587b660ba7ee4729cc78e01c887bfa1c00bbf97d045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 11:38:17 GMT
etag: W/"1486-5d1874b457684"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
content-length: 2136
expires: Thu, 12 Jan 2023 23:46:35 GMT

GET
H2 200 star.3e6c270ed043559b19775e086bf97f20.svg
ib.nab.com.au/reno/shell/v4.13.0/assets/ 2 KB
1 KB 167ms
167ms Image
image/svg+xml 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/star.3e6c270ed043559b19775e086bf97f20.svg
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea07872aaed934e600a19b6a02dbe59d12b79b1df101a65d365625646db3b273

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 11:38:17 GMT
etag: W/"6a5-5d1874b457684"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
content-length: 829
expires: Thu, 12 Jan 2023 23:46:35 GMT

GET
H2 200 star_nab.91d7da1ca9ee569cc4c6c877e12cfe42.svg
ib.nab.com.au/reno/shell/v4.13.0/assets/ 2 KB
1 KB 123ms
123ms Image
image/svg+xml 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/star_nab.91d7da1ca9ee569cc4c6c877e12cfe42.svg
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 572e0ebdd6520be130332d2bdc5f19f8daffbc7a3c282b46463fe01703e8ff82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 11:38:17 GMT
etag: W/"904-5d1874b457684"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
content-length: 1196
expires: Thu, 12 Jan 2023 23:46:35 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
ib.nab.com.au/DB9VIB04vwdd/ 53 B
889 B 422ms
422ms Image
image/jpeg 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.nab.com.au/DB9VIB04vwdd/?id=IB&c=im&phg=Mq0BMQvqS84N
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-length: 53
content-type: image/jpeg

GET
H/1.1 404
Not Found nab_id_instruction.png
attempt-online-nab.squareelevator.com/nabib/images/login/ 315 B
315 B 142ms
141ms Image
text/html 162.215.218.216
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://attempt-online-nab.squareelevator.com/nabib/images/login/nab_id_instruction.png
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: HTTP/1.1
Server: 162.215.218.216 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.shreyawebsoft.com
Software: nginx/1.21.4 /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 23:46:35 GMT
Server: nginx/1.21.4
Connection: keep-alive
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 DB9VIBGA0tUTGGlsCt.gif
ib.nab.com.au/ 43 B
214 B 878ms
878ms Image
image/gif 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.nab.com.au/DB9VIBGA0tUTGGlsCt.gif
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:36 GMT
cache-control: private, max-age=86400
content-length: 43
content-type: image/gif

GET
H2 200 font-sourcesanspro.css
ib.nab.com.au/nabib/styles/ 2 KB
486 B 40ms
40ms Stylesheet
text/css 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/nabib/styles/font-sourcesanspro.css
Requested by: Host: ib.nab.com.au
URL: https://ib.nab.com.au/nabib/styles/login/_ibRedesign-styles.css?id=6.28.0-B755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c5b48e898e22eb3a36aa77281faaed1e18e22c403531b45c11e27afc3894a370

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ib.nab.com.au/nabib/styles/login/_ibRedesign-styles.css?id=6.28.0-B755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 00:33:18 GMT
etag: W/"97a-5d155c5696f80"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=600
content-length: 314
expires: Wed, 12 Jan 2022 23:56:35 GMT

GET
H2 200 ib-components.css
ib.nab.com.au/nabib/styles/ 7 KB
2 KB 47ms
47ms Stylesheet
text/css 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.nab.com.au/nabib/styles/ib-components.css
Requested by: Host: ib.nab.com.au
URL: https://ib.nab.com.au/nabib/styles/login/_ibRedesign-styles.css?id=6.28.0-B755
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72e5dbb3a9db63dbd462048eeb6aadf00625a72e09d1c2876e7a844533f23add

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ib.nab.com.au/nabib/styles/login/_ibRedesign-styles.css?id=6.28.0-B755
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 00:33:18 GMT
etag: W/"1beb-5d155c5696f80"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=600
content-length: 1679
expires: Wed, 12 Jan 2022 23:56:35 GMT

GET
H2 200 ib-login-banner-1797x800.jpg
www.nab.com.au/content/dam/nabrwd/images/types/backgrounds/ 185 KB
186 KB 82ms
17ms Image
image/jpeg 104.117.194.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nab.com.au/content/dam/nabrwd/images/types/backgrounds/ib-login-banner-1797x800.jpg

Requested by

Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.117.194.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-117-194-196.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://attempt-online-nab.squareelevator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:35 GMT
x-origin: default-rule
x-serial: 422
etag: W/"2e31b-5d444a8bb74d8"
strict-transport-security: max-age=600
content-type: image/jpeg
x-check-cacheable: YES
cache-control: private, no-transform, max-age=1327085
last-modified: Wed, 29 Dec 2021 08:23:58 GMT
content-length: 189211
server: Akamai Image Manager
expires: Fri, 28 Jan 2022 08:24:40 GMT

GET
H2 200 /
ib.nab.com.au/DB9VIB04vwdd/ 53 B
816 B 332ms
332ms Image
image/jpeg 104.117.210.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.nab.com.au/DB9VIB04vwdd/?id=IB&c=ss&phg=8vUSMJNSE31i
Requested by: Host: ib.nab.com.au
URL: https://ib.nab.com.au/DB9VIBs1dTqVFazgPNNQC.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.210.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-210-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ib.nab.com.au/DB9VIBs1dTqVFazgPNNQC.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:46:36 GMT
content-length: 53
content-type: image/jpeg

GET
H/1.1 200
OK nab_impact-webfont.1662d7e5b17fc9245a1852b34da07d2b.woff2
attempt-online-nab.squareelevator.com/files/ 13 KB
13 KB 147ms
147ms Font
font/woff2 162.215.218.216
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://attempt-online-nab.squareelevator.com/files/nab_impact-webfont.1662d7e5b17fc9245a1852b34da07d2b.woff2
Requested by: Host: attempt-online-nab.squareelevator.com
URL: http://attempt-online-nab.squareelevator.com/
Protocol: HTTP/1.1
Server: 162.215.218.216 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.shreyawebsoft.com
Software: nginx/1.21.4 /
Resource Hash: 853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c

Request headers

Referer: http://attempt-online-nab.squareelevator.com/
Origin: http://attempt-online-nab.squareelevator.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 23:46:35 GMT
Last-Modified: Sat, 26 Jun 2021 16:24:48 GMT
Server: nginx/1.21.4
Content-Type: font/woff2
Cache-Control: s-maxage=10
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13060

GET sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
ib.nab.com.au/reno/shell/v4.13.0/assets/ 0
0

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ 13 KB
13 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://attempt-online-nab.squareelevator.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 03:54:20 GMT
x-content-type-options: nosniff
age: 157935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12936
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 03:54:20 GMT

GET sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
ib.nab.com.au/reno/shell/v4.13.0/assets/ 0
0

GET sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
ib.nab.com.au/reno/shell/v4.13.0/assets/ 0
0

GET sourcesanspro-semibold-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ 0
0

GET sourcesanspro-semibold-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ 0
0

GET sourcesanspro-regular-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ 0
0

GET sourcesanspro-regular-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ 0
0

GET sourcesanspro-bold-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ 0
0

GET sourcesanspro-bold-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.woff

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.ttf

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.woff

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.ttf

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.woff

Domain: ib.nab.com.au
URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NAB Bank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
attempt-online-nab.squareelevator.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d8824b432ac625fc89917e17804b0229
www.nab.com.au/	1969-12-31 23:59:59	Name: akacd_www_nab_com_au Value: 3819483994~rv=95~id=aaf1f6dca2907dede5ad8c7ac0812771
ib.nab.com.au/	1969-12-31 23:59:59	Name: akacd_ib_nab_com_au Value: 3819483994~rv=67~id=57f8259637602f226619ab810fd8b36f

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://attempt-online-nab.squareelevator.com/nabib/images/login/nab_id_instruction.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://ib.nab.com.au/_content-styles.css?id=6.28.0-B755 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib.nab.com.au/_template-styles.css?id=6.28.0-B755 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib.nab.com.au/added-styles.css?id=6.28.0-B755 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib.nab.com.au/login/_campaign-styles.css?id=6.28.0-B755 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ib.nab.com.au/reset.css?id=6.28.0-B755 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.woff' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.woff' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/reno/shell/v4.13.0/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.ttf' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.woff' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.ttf' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://attempt-online-nab.squareelevator.com/ Message: Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.ttf' from origin 'http://attempt-online-nab.squareelevator.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attempt-online-nab.squareelevator.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
ib.nab.com.au
www.nab.com.au
ib.nab.com.au
104.117.194.196
104.117.210.162
162.215.218.216
2001:4de0:ac18::1:a:2b
2606:4700::6810:125e
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
0d14a3a656216743eb1e133b5af93d6eaa98c6260b411a01894323e62166f80f
1c9ca47cc5368eba18d4e0867b61d5818361d9143eb1c24aead6123de525ba28
1d2a4368b74c2510597107db94def97f5bb4d379e25d20fc47922660cb1ace13
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
2c5685385062c683b6f26fed1d264b4146569815ccdc3d7cfb7dc5f04b335bd2
4c0cc637858d6503cba9262f8be75740c29e853605a153a7bde46a6e2e367eb0
572e0ebdd6520be130332d2bdc5f19f8daffbc7a3c282b46463fe01703e8ff82
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6518d59a080befb4a684a9e71a2e2999cf52a9967e512a178e4c535c8daee56b
72e5dbb3a9db63dbd462048eeb6aadf00625a72e09d1c2876e7a844533f23add
81e9ae4c8db0f6af6b2a5edece1250816f111fd97631ca4b3323d14955aae5f4
853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c
a71bab0e5aa8f92523b69f180dbbc90e1bc12b6e6189167a215ea5139bc8e149
c5b48e898e22eb3a36aa77281faaed1e18e22c403531b45c11e27afc3894a370
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
db23f96e265a441082c50587b660ba7ee4729cc78e01c887bfa1c00bbf97d045
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453
e7c436ea1c356b1b471b49414eaf17cc8bb7398964d0ab9639bef0d37c33f858
ea07872aaed934e600a19b6a02dbe59d12b79b1df101a65d365625646db3b273
f8d3e2d9178ac88eb284d0a527bf094b36cc9a286aeca8e697ce0bc11eb7d613
fdcfce73f65bf4f177c18b19744e141d543898e0186e10086d6c7af248606588
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

attempt-online-nab.squareelevator.com Open in urlscan Pro 162.215.218.216 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

66 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

8 IPs

3 Countries

302 kBTransfer

466 kBSize

3 Cookies

0 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

attempt-online-nab.squareelevator.com Open in urlscan Pro
162.215.218.216 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

66 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

302 kB
Transfer

466 kB
Size

3
Cookies

38 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!