Submitted URL: https://maluku-cerdas.id/wp-includes/Requests/Exception/Transport/cgiawe/home/aspx.php
Effective URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Submission: On March 24 via manual from AU — Scanned from AU

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 22 HTTP transactions. The main IP is 185.58.96.92, located in Antwerp, Belgium and belongs to AS-UNIXSOLUTIONS Unix-Solutions Network, BE. The main domain is redherring.be.
TLS certificate: Issued by R3 on February 21st 2023. Valid for: 3 months.
This is the only time redherring.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NAB Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 202.74.236.113 131775 (IDNIC-JAL...)
3 23 185.58.96.92 39923 (AS-UNIXSO...)
1 104.69.159.39 16625 (AKAMAI-AS)
22 3
Apex Domain
Subdomains
Transfer
23 redherring.be
redherring.be
465 KB
1 nab.com.au
www.nab.com.au — Cisco Umbrella Rank: 524861
118 KB
1 maluku-cerdas.id
maluku-cerdas.id
341 B
22 3
Domain Requested by
23 redherring.be 3 redirects maluku-cerdas.id
redherring.be
1 www.nab.com.au redherring.be
1 maluku-cerdas.id
22 3

This site contains links to these domains. Also see Links.

Domain
ib.nab.com.au
Subject Issuer Validity Valid
www.maluku-cerdas.id
R3
2023-02-27 -
2023-05-28
3 months crt.sh
redherring.be
R3
2023-02-21 -
2023-05-22
3 months crt.sh
www.nab.com.au
Entrust Certification Authority - L1M
2022-09-28 -
2023-10-28
a year crt.sh

This page contains 1 frames:

Primary Page: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Frame ID: F5EF791F0DFFAE7BCFAC9DA953D26694
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

NAB Internet Banking

Page URL History Show full URLs

  1. https://maluku-cerdas.id/wp-includes/Requests/Exception/Transport/cgiawe/home/aspx.php Page URL
  2. https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

582 kB
Transfer

576 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://maluku-cerdas.id/wp-includes/Requests/Exception/Transport/cgiawe/home/aspx.php Page URL
  2. https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.js HTTP 301
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.js/
Request Chain 11
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2 HTTP 301
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2/
Request Chain 20
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.c572a4203877394bb74874558461e2ad.woff HTTP 301
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.c572a4203877394bb74874558461e2ad.woff/

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
aspx.php
maluku-cerdas.id/wp-includes/Requests/Exception/Transport/cgiawe/home/
134 B
341 B
Document
General
Full URL
https://maluku-cerdas.id/wp-includes/Requests/Exception/Transport/cgiawe/home/aspx.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.74.236.113 Jakarta, Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Mar 2023 00:07:30 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Primary Request /
redherring.be/wp-includes/customize/cgiawe/home/login/nab/
28 KB
28 KB
Document
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Requested by
Host: maluku-cerdas.id
URL: https://maluku-cerdas.id/wp-includes/Requests/Exception/Transport/cgiawe/home/aspx.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
9d7addb18466a521c4f63b155b82343ca0b4b4b05cfc35da15ac7f5d3d4f3b09

Request headers

Referer
https://maluku-cerdas.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Mar 2023 00:07:31 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
_ibRedesign-styles.css
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/
8 KB
8 KB
Stylesheet
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/_ibRedesign-styles.css
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
6019f1a770d94603ac78997617cc19bb5a608d43ed59662a8e4755485b762a27

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:31 GMT
Last-Modified
Tue, 21 Mar 2023 17:53:10 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8231
jquery-3.6.0.min.js
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/
87 KB
88 KB
Script
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/jquery-3.6.0.min.js
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:32 GMT
Last-Modified
Tue, 21 Mar 2023 14:58:33 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
89501
loader-page.css
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/
3 KB
3 KB
Stylesheet
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader-page.css
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
33fba9380ebcf5465a9438d70c1ff01460e237442d8c5113e75e5006a4576aa4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:32 GMT
Last-Modified
Tue, 21 Mar 2023 14:58:33 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2957
loader.css
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/
57 KB
57 KB
Stylesheet
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
6c2b5c0a4bcd53ec948c1a5dcbcb73eeb0b45ab06f55ef51f599c04517073326

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:32 GMT
Last-Modified
Tue, 21 Mar 2023 18:07:22 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
58081
/
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.js/
Redirect Chain
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.js
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.js/
27 KB
27 KB
Script
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.js/
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Protocol
HTTP/1.1
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
c90a2d7b324ab5d54ca6c102248eb561257fa83832f626090ddc95bdaf46b6a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:32 GMT
Server
Apache
Connection
Keep-Alive
Link
<https://redherring.be/index.php?rest_route=/>; rel="https://api.w.org/", <https://redherring.be/index.php?rest_route=/wp/v2/pages/709>; rel="alternate"; type="application/json", <https://redherring.be/>; rel=shortlink
Keep-Alive
timeout=5, max=99
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 24 Mar 2023 00:07:32 GMT
Server
Apache
X-Redirect-By
WordPress
Content-Type
text/html; charset=UTF-8
Location
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.js/
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0
star_nab_more.03a9540d7ae7a72c39c235f7e58679c3.svg
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/
9 KB
9 KB
Image
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/star_nab_more.03a9540d7ae7a72c39c235f7e58679c3.svg
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
ce56c017a4b04dd507163f35d6c09d6c28ca91b7d468fd808cdc3a50358cad1c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:33 GMT
Last-Modified
Tue, 21 Mar 2023 14:58:34 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
9069
star_nab.49030fddae05ccbb4a82467133879db3.svg
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/
3 KB
3 KB
Image
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/star_nab.49030fddae05ccbb4a82467133879db3.svg
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
b7ca8ff0e0035b63d22472cece9ba2c7fcb377fa984a715c865f1cf4acea814c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:33 GMT
Last-Modified
Tue, 21 Mar 2023 14:58:34 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2904
font-sourcesanspro.css
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/
2 KB
2 KB
Stylesheet
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/_ibRedesign-styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
424fc1bd41cdb376c29fed38dd1962336ec8482ab4b58dd3f57b22f2e441ab48

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/_ibRedesign-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:32 GMT
Last-Modified
Tue, 21 Mar 2023 17:56:54 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1866
ib-components.css
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/
7 KB
7 KB
Stylesheet
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/ib-components.css
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/_ibRedesign-styles.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
aef4f3c51bb81f7c1fcc34575283853733feb7fe536768cf3361893cbcf2360d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/_ibRedesign-styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:32 GMT
Last-Modified
Tue, 21 Mar 2023 17:57:25 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7132
ib-login-banner2-1797x800.jpg
www.nab.com.au/content/dam/nabrwd/images/types/backgrounds/
118 KB
118 KB
Image
General
Full URL
https://www.nab.com.au/content/dam/nabrwd/images/types/backgrounds/ib-login-banner2-1797x800.jpg
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.159.39 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-159-39.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0767709fddbcd9ce91fa947dfcccb81317cd1ac28086e5b8ac70da250b6110f3
Security Headers
Name Value
Strict-Transport-Security max-age=600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 00:07:34 GMT
strict-transport-security
max-age=600
last-modified
Sat, 04 Feb 2023 06:03:19 GMT
x-serial
85
server
Akamai Image Manager
x-check-cacheable
YES
etag
W/"2f6f3-5f3d98ddb1ef2"
x-origin
default-rule
content-type
image/avif
cache-control
private, no-transform, max-age=783474
content-length
120339
expires
Sun, 02 Apr 2023 01:45:28 GMT
/
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2/
Redirect Chain
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2/
27 KB
27 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2/
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Protocol
HTTP/1.1
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
c90a2d7b324ab5d54ca6c102248eb561257fa83832f626090ddc95bdaf46b6a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:34 GMT
Server
Apache
Connection
Keep-Alive
Link
<https://redherring.be/index.php?rest_route=/>; rel="https://api.w.org/", <https://redherring.be/index.php?rest_route=/wp/v2/pages/709>; rel="alternate"; type="application/json", <https://redherring.be/>; rel=shortlink
Keep-Alive
timeout=5, max=97
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 24 Mar 2023 00:07:33 GMT
Server
Apache
X-Redirect-By
WordPress
Content-Type
text/html; charset=UTF-8
Location
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2/
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
0
sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/
14 KB
14 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa

Request headers

Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Origin
https://redherring.be
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:33 GMT
Last-Modified
Tue, 21 Mar 2023 17:54:40 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14308
sourcesanspro-300.a8ae0d5401bb928346ea5696443d4909.woff2
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/
14 KB
14 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/sourcesanspro-300.a8ae0d5401bb928346ea5696443d4909.woff2
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
a4fac6d6f6782da9cfe8d8c756d89953e2e1ca6a5340724385b948e083bbf569

Request headers

Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Origin
https://redherring.be
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:33 GMT
Last-Modified
Tue, 21 Mar 2023 17:54:45 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
14308
sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/
18 KB
18 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec

Request headers

Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Origin
https://redherring.be
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:33 GMT
Last-Modified
Tue, 21 Mar 2023 17:54:46 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17988
sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/
14 KB
14 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0

Request headers

Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Origin
https://redherring.be
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:34 GMT
Last-Modified
Tue, 21 Mar 2023 17:54:49 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
13892
sourcesanspro-light-webfont.woff
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/
29 KB
29 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/sourcesanspro-light-webfont.woff
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
c023c07272e16a150972863fbc304dc10b10f0e56589314af574a4157b19133d

Request headers

Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Origin
https://redherring.be
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:34 GMT
Last-Modified
Tue, 21 Mar 2023 18:15:48 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
29440
sourcesanspro-bold-webfont.woff
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/
29 KB
29 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/sourcesanspro-bold-webfont.woff
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
15435827eb508b00a5a473032738918ece0a1a6baba4f2a8832d9e8b8d886587

Request headers

Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Origin
https://redherring.be
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:34 GMT
Last-Modified
Tue, 21 Mar 2023 18:15:52 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
29328
sourcesanspro-regular-webfont.woff
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/
29 KB
29 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/sourcesanspro-regular-webfont.woff
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
a07b6772c9e702f6f2b7b83e02f76515970eb54aeec4b7b7b00450a3b35594f3

Request headers

Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Origin
https://redherring.be
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:34 GMT
Last-Modified
Tue, 21 Mar 2023 17:54:43 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
29732
sourcesanspro-semibold-webfont.woff
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/
29 KB
29 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/fonts/sourcesanspro-semibold-webfont.woff
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
1516e6b886bc6416bfec631059887732b3e34b4109380384a7fe83af0558f739

Request headers

Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/font-sourcesanspro.css
Origin
https://redherring.be
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:34 GMT
Last-Modified
Tue, 21 Mar 2023 18:15:50 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
29860
/
redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.c572a4203877394bb74874558461e2ad.woff/
Redirect Chain
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.c572a4203877394bb74874558461e2ad.woff
  • https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.c572a4203877394bb74874558461e2ad.woff/
27 KB
27 KB
Font
General
Full URL
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.c572a4203877394bb74874558461e2ad.woff/
Requested by
Host: redherring.be
URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
Protocol
HTTP/1.1
Server
185.58.96.92 Antwerp, Belgium, ASN39923 (AS-UNIXSOLUTIONS Unix-Solutions Network, BE),
Reverse DNS
web2.gigaserving.com
Software
Apache /
Resource Hash
c90a2d7b324ab5d54ca6c102248eb561257fa83832f626090ddc95bdaf46b6a2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/loader.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Fri, 24 Mar 2023 00:07:35 GMT
Server
Apache
Connection
Keep-Alive
Link
<https://redherring.be/index.php?rest_route=/>; rel="https://api.w.org/", <https://redherring.be/index.php?rest_route=/wp/v2/pages/709>; rel="alternate"; type="application/json", <https://redherring.be/>; rel=shortlink
Keep-Alive
timeout=5, max=95
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 24 Mar 2023 00:07:34 GMT
Server
Apache
X-Redirect-By
WordPress
Content-Type
text/html; charset=UTF-8
Location
https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.c572a4203877394bb74874558461e2ad.woff/
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NAB Bank (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
www.nab.com.au/ Name: akacd_www_nab_com_au
Value: 3857069253~rv=64~id=b9839a7a890060619bab5ba5ce858d2f

4 Console Messages

Source Level URL
Text
other warning URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Message:
Failed to decode downloaded font: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2
other warning URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Message:
OTS parsing error: invalid sfntVersion: 1008813135
other warning URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Message:
Failed to decode downloaded font: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/assets/assets/epilogue-600.c572a4203877394bb74874558461e2ad.woff
other warning URL: https://redherring.be/wp-includes/customize/cgiawe/home/login/nab/
Message:
OTS parsing error: invalid sfntVersion: 1008813135