ib-nab.6te.net
Open in
urlscan Pro
162.253.155.227
Malicious Activity!
Public Scan
Submission: On June 22 via automatic, source openphish
Summary
This is the only time ib-nab.6te.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NAB Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.253.155.227 162.253.155.227 | 62838 (REPRISE-H...) (REPRISE-HOSTING) | |
1 | 95.101.85.130 95.101.85.130 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
3 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a95-101-85-130.deploy.static.akamaitechnologies.com
ib.nab.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
nab.com.au
ib.nab.com.au |
|
1 |
6te.net
ib-nab.6te.net |
2 MB |
3 | 2 |
Domain | Requested by | |
---|---|---|
1 | ib.nab.com.au |
ib-nab.6te.net
|
1 | ib-nab.6te.net | |
3 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
ib.nab.com.au |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ib.nab.com.au Entrust Certification Authority - L1M |
2020-11-23 - 2021-11-23 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://ib-nab.6te.net/nabib/
Frame ID: 7AD548FB89EA45B7123BD1D80359B9AA
Requests: 12 HTTP requests in this frame
Frame:
data://truncated
Frame ID: 2F6067412C79279FDD87203ABCE2FE9D
Requests: 3 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Reset your password
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ib-nab.6te.net/nabib/ |
2 MB 2 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ib.nab.com.au/DB9VIB04vwdd/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
185 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 2F60 |
15 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 2F60 |
37 KB 37 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 2F60 |
37 KB 37 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NAB Bank (Banking)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| savepage_ShadowLoader boolean| bLauNCTx0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ib-nab.6te.net
ib.nab.com.au
162.253.155.227
95.101.85.130
00a5058fc5da3a52c6ad20919b446eb741bb299d93cab63c78f81827839e02f5
572e0ebdd6520be130332d2bdc5f19f8daffbc7a3c282b46463fe01703e8ff82
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
668100f09711dd36d5910cfab96382062d43c17a08b1f39eeaa2c3c5c1ae74c1
853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c
86580c6c18b735513267164dc9da2287b9032d93a23f94729deb35f7b23328e2
89422a822bd5caa699bcce06aa0fb9567ce9124c58ead7941cea413b70513009
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0
a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec
c20f9bd9921aa033d0b40a2c8646748e74d9b958a9951f2082b798c1d30e1718
db23f96e265a441082c50587b660ba7ee4729cc78e01c887bfa1c00bbf97d045
e3032ed1fe6a5bdb8cae63bf763d512f5a66750ff7669ad7f0abeba007948f9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453
ea07872aaed934e600a19b6a02dbe59d12b79b1df101a65d365625646db3b273