ib-nab.6te.net Open in urlscan Pro
162.253.155.227  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
12 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ib-nab.6te.net/nabib/	2 MB 2 MB	508ms 371ms	Document text/html	162.253.155.227 REPRISE-HOSTING
General Check archive.org Show headers Download Go to Full URL http://ib-nab.6te.net/nabib/ Protocol HTTP/1.1 Server 162.253.155.227 , United States, ASN62838 (REPRISE-HOSTING, US), Reverse DNS Software Apache/2.4.41 / Resource Hash 86580c6c18b735513267164dc9da2287b9032d93a23f94729deb35f7b23328e2 Request headers Host ib-nab.6te.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 22 Jun 2021 01:51:47 GMT Server Apache/2.4.41 Upgrade h2,h2c Connection Upgrade, Keep-Alive Last-Modified Sun, 20 Jun 2021 08:38:08 GMT ETag "23b638-5c52e79ea01b3" Accept-Ranges bytes Content-Length 2340408 Keep-Alive timeout=1, max=10000 Content-Type text/html
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash db23f96e265a441082c50587b660ba7ee4729cc78e01c887bfa1c00bbf97d045 Request headers Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ ib.nab.com.au/DB9VIB04vwdd/	0 0	11674ms 11406ms	Image text/html	95.101.85.130 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ib.nab.com.au/DB9VIB04vwdd/?id=IB&c=im&phg=8TQB8jFCVSm4 Requested by Host: ib-nab.6te.net URL: http://ib-nab.6te.net/nabib/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.101.85.130 London, United Kingdom, ASN16625 (AKAMAI-AS, US), Reverse DNS a95-101-85-130.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ea07872aaed934e600a19b6a02dbe59d12b79b1df101a65d365625646db3b273 Request headers Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 572e0ebdd6520be130332d2bdc5f19f8daffbc7a3c282b46463fe01703e8ff82 Request headers Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e3032ed1fe6a5bdb8cae63bf763d512f5a66750ff7669ad7f0abeba007948f9d Request headers Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	185 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453 Request headers Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	13 KB 13 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c Request headers Origin http://ib-nab.6te.net Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	18 KB 18 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec Request headers Origin http://ib-nab.6te.net Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	14 KB 14 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa Request headers Origin http://ib-nab.6te.net Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	14 KB 14 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0 Request headers Origin http://ib-nab.6te.net Referer http://ib-nab.6te.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated / Frame 2F60	15 KB 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 00a5058fc5da3a52c6ad20919b446eb741bb299d93cab63c78f81827839e02f5 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame 2F60	37 KB 37 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c20f9bd9921aa033d0b40a2c8646748e74d9b958a9951f2082b798c1d30e1718 Request headers Origin null Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated / Frame 2F60	37 KB 37 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 89422a822bd5caa699bcce06aa0fb9567ce9124c58ead7941cea413b70513009 Request headers Origin null Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NAB Bank (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| savepage_ShadowLoader boolean| bLauNCTx

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ib-nab.6te.net
ib.nab.com.au
162.253.155.227
95.101.85.130
00a5058fc5da3a52c6ad20919b446eb741bb299d93cab63c78f81827839e02f5
572e0ebdd6520be130332d2bdc5f19f8daffbc7a3c282b46463fe01703e8ff82
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
668100f09711dd36d5910cfab96382062d43c17a08b1f39eeaa2c3c5c1ae74c1
853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c
86580c6c18b735513267164dc9da2287b9032d93a23f94729deb35f7b23328e2
89422a822bd5caa699bcce06aa0fb9567ce9124c58ead7941cea413b70513009
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0
a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec
c20f9bd9921aa033d0b40a2c8646748e74d9b958a9951f2082b798c1d30e1718
db23f96e265a441082c50587b660ba7ee4729cc78e01c887bfa1c00bbf97d045
e3032ed1fe6a5bdb8cae63bf763d512f5a66750ff7669ad7f0abeba007948f9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453
ea07872aaed934e600a19b6a02dbe59d12b79b1df101a65d365625646db3b273