ib.nab.com.au.locked-acc.ga
Open in
urlscan Pro
46.21.248.165
Malicious Activity!
Public Scan
Submission: On June 22 via automatic, source phishtank
Summary
This is the only time ib.nab.com.au.locked-acc.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NAB Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
28 | 46.21.248.165 46.21.248.165 | 49505 (SELECTEL) (SELECTEL) | |
1 | 104.111.226.83 104.111.226.83 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
4 | 151.101.12.193 151.101.12.193 | 54113 (FASTLY) (FASTLY - Fastly) | |
3 | 45.77.25.80 45.77.25.80 | 20473 (AS-CHOOPA) (AS-CHOOPA - Choopa) | |
36 | 4 |
ASN49505 (SELECTEL, RU)
PTR: dumgrownup.com
ib.nab.com.au.locked-acc.ga |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-226-83.deploy.static.akamaitechnologies.com
www.nab.com.au |
ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 45.77.25.80.vultr.com
45.77.25.80 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
locked-acc.ga
ib.nab.com.au.locked-acc.ga |
154 KB |
4 |
imgur.com
i.imgur.com |
179 KB |
1 |
nab.com.au
www.nab.com.au |
128 KB |
36 | 3 |
Domain | Requested by | |
---|---|---|
28 | ib.nab.com.au.locked-acc.ga |
ib.nab.com.au.locked-acc.ga
|
4 | i.imgur.com |
ib.nab.com.au.locked-acc.ga
|
1 | www.nab.com.au |
ib.nab.com.au.locked-acc.ga
|
36 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://ib.nab.com.au.locked-acc.ga/a0918b4913ea704af69d4f7f3c68314b/home/
Frame ID: FDA0FC91B1CF0E3B0FB37943176C2BAB
Requests: 36 HTTP requests in this frame
Screenshot
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- script /angular.*\.js/i
- env /^angular$/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ib.nab.com.au.locked-acc.ga/a0918b4913ea704af69d4f7f3c68314b/home/ |
52 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ib.nab.com.au.locked-acc.ga/bower_components/jquery/dist/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.min.css
ib.nab.com.au.locked-acc.ga/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
ib.nab.com.au.locked-acc.ga/home/ |
32 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.maskedinput.min.js
ib.nab.com.au.locked-acc.ga/bower_components/jquery.maskedinput/dist/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular.min.js
ib.nab.com.au.locked-acc.ga/bower_components/angular/ |
165 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
ib.nab.com.au.locked-acc.ga/home/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form.js
ib.nab.com.au.locked-acc.ga/home/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
token.js
ib.nab.com.au.locked-acc.ga/home/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ng.js
ib.nab.com.au.locked-acc.ga/home/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab-logo.svg
ib.nab.com.au.locked-acc.ga/home/ |
7 KB 7 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
nab-low-fee-card.png
www.nab.com.au/content/dam/nabrwd/personal/banking/credit-cards/credit-card-selector/images/ |
127 KB 128 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image_item29.gif
ib.nab.com.au.locked-acc.ga/home/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
m1g6ASL.jpg
i.imgur.com/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fQfYJG7.png
i.imgur.com/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pld9Qls.jpg
i.imgur.com/ |
113 KB 113 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LytgVg8.png
i.imgur.com/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab-sprite.svg
ib.nab.com.au.locked-acc.ga/home/ |
19 KB 19 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image_item23.gif
ib.nab.com.au.locked-acc.ga/home/ |
173 B 173 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image_item28.png
ib.nab.com.au.locked-acc.ga/home/ |
176 B 176 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image_item27.png
ib.nab.com.au.locked-acc.ga/home/ |
189 B 189 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.fee1b34b.svg
ib.nab.com.au.locked-acc.ga/home/ |
200 B 445 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab_impact-webfont.1662d7e5.woff2
ib.nab.com.au.locked-acc.ga/home/ |
216 B 432 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-400.58dd2a1c.woff2
ib.nab.com.au.locked-acc.ga/home/ |
215 B 431 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-700.c18b7366.woff2
ib.nab.com.au.locked-acc.ga/home/ |
215 B 431 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
corpidc1_9.woff
ib.nab.com.au.locked-acc.ga/home/ |
174 B 429 B |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
corpidc1_3.woff
ib.nab.com.au.locked-acc.ga/home/ |
174 B 429 B |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bins.json
ib.nab.com.au.locked-acc.ga/ |
513 B 489 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tokenII.php
45.77.25.80/uadmin/gates/ |
57 B 264 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tokenII.php
45.77.25.80/uadmin/gates/ |
57 B 264 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-700.54f926c7.woff
ib.nab.com.au.locked-acc.ga/home/ |
214 B 469 B |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab_impact-webfont.076327b4.woff
ib.nab.com.au.locked-acc.ga/home/ |
215 B 470 B |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-400.fdc03546.woff
ib.nab.com.au.locked-acc.ga/home/ |
214 B 469 B |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab-impact.otf
ib.nab.com.au.locked-acc.ga/home/ |
173 B 389 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nab-impact.ttf
ib.nab.com.au.locked-acc.ga/home/ |
173 B 389 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tokenII.php
45.77.25.80/uadmin/gates/ |
57 B 264 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NAB Bank (Banking)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| angular function| _kaktys_encode string| admin_home string| full_url string| dir_url string| link object| bider_obj string| bb_link object| last_respond undefined| last_operation object| respond string| bid function| cc_proxy__ function| vbv_proxy__ object| cookies function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_luhn function| valid_a function| valid_q function| send1 string| cc object| CORE__ object| REST_FN__ number| bidder_timer object| app object| sc object| bins0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
i.imgur.com
ib.nab.com.au.locked-acc.ga
www.nab.com.au
104.111.226.83
151.101.12.193
45.77.25.80
46.21.248.165
1173f5d141e6d2a758c0eb38290aeec411dc8918c5b0e3651484281186b05ef9
1eae09b92b8f195375d45769f9fff0a6c66d5cabff3a1abb8879abbfe7376cf8
27ca6aad5724fbe65f847aa4cc7e40392d4a9e405fc80252aba576852f8dc8c9
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
47e9c048bdb2a1f2d8f92b74b9a24945b0fdbb4a0c92256a9f97bd42d56736ff
56bfc75f11fcec244dfe2f710ffa6ae41797037133402a309e0657a837e5e3f9
599b0e4dfb0747aba7f50e28f967f98ed8a7242e4988f819a4eff08632c6236b
6383b80f30a86ec4a3b8243b743951c6abf42627fec230745a8fb4dcaa1f951d
66a7e8de446564f163ca5b2b8e0acaa251c31af73c246a946cfa7265614aa4c0
6a2f967ab83a1b16b06c60bbbbbe901f1719b620718f43ee6b7a48d7578cee67
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d9577293dc2c7017f9dd26beb27138f8969beb102665134216624609219dc0e
84b681cb9ed935391da75697f16aa1f66bc1f84350cf28b96a911ac744a43596
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88546fa8cd5a928754e85bfd7379e81f754c2dec9ddaa59b2f90903294538a14
93aa7dadc99de9bd36ed342155bab32e27118b962ee8b437dc3f5d872d0c844c
a06f732bf1f21d75f3a28c2b09796c36dbe69bdda435cd9c9679bec66f396b63
ba6848e907118b27d962a5e57bd70862618ff593d8a22dd2edd5d4c441655d42
c0c9019c0da57b3525d994caeeb67b6aa652243c98cd62f88d29657af3024f3f
c4b740bd52103d0eaab014e3b6f47f5b86f8cc06a67912686a94b43fee6fe60f
c4d9a3125d8ae44072e64b39bacde45a74d6157c5d8b7e965b9a919739338e84
c63660ffda8573061910597c298515cbe1da94398859b300bef76697e2f1ecf5
ca88e2a98948882da7978fed26dec9d2c9d96544634aebc149e6dd13f86151c5
d1d1507f375f261c0dea99c8fa6dc9b747c851d102993b6a629420e91e152dbe
d500e7587c9d44dd4849c0e2923a62cef1c19258ee0fa77db95a2b9380df2591
e16ded28a04b8d2f7918b0e177c699040534baec9cad6478cbfabcaf07689534
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e735063637d090d066b166874f178991f7e10fbf6bc882b28d4d455948c87702
e78079e08635f67d89e39e7a3a825f02787ad6442b83643a73102986c10ea601
eda98811a704e8f1dfe866d334073066238c53706e76034e828a14b8eefca2a5
f5d93831378b16fb2f2f101d6781c36d2e9ea969c04410562db7615cad138622
f94b57a47474278e8dd43ebb1bf098dcd0e44ca9e8023ca3b59b715dae6b568d