verify-nab.firebaseapp.com Open in urlscan Pro
2620:0:890::100  Malicious Activity! Public Scan

URL: https://verify-nab.firebaseapp.com/
Submission: On June 30 via manual from AU — Scanned from US

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is verify-nab.firebaseapp.com.
TLS certificate: Issued by GTS CA 1D4 on June 21st 2022. Valid for: 3 months.
This is the only time verify-nab.firebaseapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NAB Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
8 2620:0:890::100 54113 (FASTLY)
1 23.5.235.38 16625 (AKAMAI-AS)
18 3
Apex Domain
Subdomains
Transfer
8 firebaseapp.com
verify-nab.firebaseapp.com
450 KB
1 nab.com.au
ib.nab.com.au — Cisco Umbrella Rank: 900844 Failed
591 B
18 2
Domain Requested by
8 verify-nab.firebaseapp.com verify-nab.firebaseapp.com
1 ib.nab.com.au verify-nab.firebaseapp.com
18 2

This site contains no links.

Subject Issuer Validity Valid
firebaseapp.com
GTS CA 1D4
2022-06-21 -
2022-09-19
3 months crt.sh
ib.nab.com.au
Entrust Certification Authority - L1M
2021-10-18 -
2022-10-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://verify-nab.firebaseapp.com/
Frame ID: 2436E67E025AA237F09894FA537E323E
Requests: 29 HTTP requests in this frame

Screenshot

Page Title

nab

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Page Statistics

18
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

640 kB
Transfer

2518 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
verify-nab.firebaseapp.com/
3 KB
1 KB
Document
General
Full URL
https://verify-nab.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b5a10b358f64c6ed24e3a1e0ea8272101eabc86e453b3df6a9c2372de63ddc65
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
804
content-type
text/html; charset=utf-8
date
Thu, 30 Jun 2022 22:28:07 GMT
etag
"27da4ba6863622e8121186dfaba7620cba7aaf82e576e34be8bedf2d184d5582-br"
last-modified
Thu, 30 Jun 2022 00:26:10 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
1
x-served-by
cache-ewr18145-EWR
x-timer
S1656628087.184908,VS0,VE1
6.e9aacabaf5866be310391.822554931317406.js
verify-nab.firebaseapp.com/_nuxt/
2 KB
1 KB
Script
General
Full URL
https://verify-nab.firebaseapp.com/_nuxt/6.e9aacabaf5866be310391.822554931317406.js
Requested by
Host: verify-nab.firebaseapp.com
URL: https://verify-nab.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fde8569d4adef7c49a4a0b4ee838b291341c1130d69a6b4008b7f346b4249f8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://verify-nab.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 30 Jun 2022 00:26:10 GMT
x-timer
S1656628087.196282,VS0,VE2
etag
"84baab27952ae5dffe65acc4b64dde449d5b10bbda28b092a1a5165e6b5a429a-br"
x-served-by
cache-ewr18145-EWR
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Thu, 30 Jun 2022 22:28:07 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1099
x-cache-hits
1
1.d79874da2c5f1f664d942.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/
192 KB
58 KB
Script
General
Full URL
https://verify-nab.firebaseapp.com/_nuxt/1.d79874da2c5f1f664d942.8920439209433346.js
Requested by
Host: verify-nab.firebaseapp.com
URL: https://verify-nab.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b38b540271daccc06d9b51ab31651bbdd940453e1b1de6555dfe9cad50eff11
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://verify-nab.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 30 Jun 2022 00:26:10 GMT
x-timer
S1656628087.196377,VS0,VE2
etag
"1ed66071b351626f8afcec5a525677aa5f1a454f8da1dbb71c8b2f3da6a127f8-br"
x-served-by
cache-ewr18145-EWR
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Thu, 30 Jun 2022 22:28:07 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
59498
x-cache-hits
1
7.f473d4df31023424cfc52.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/
56 KB
15 KB
Script
General
Full URL
https://verify-nab.firebaseapp.com/_nuxt/7.f473d4df31023424cfc52.8920439209433346.js
Requested by
Host: verify-nab.firebaseapp.com
URL: https://verify-nab.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c25fae01f3d533727ed91660c352361177d60becaf1a9918829ba15ddc338e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://verify-nab.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 30 Jun 2022 00:26:10 GMT
x-timer
S1656628087.196549,VS0,VE1
etag
"14e27144d7f37796cea24080cba75fa604404c74b654a8e69d129bea6ee71471-br"
x-served-by
cache-ewr18145-EWR
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Thu, 30 Jun 2022 22:28:07 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
14843
x-cache-hits
1
0.0eafde03a32587da9d1c2.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/
119 B
203 B
Script
General
Full URL
https://verify-nab.firebaseapp.com/_nuxt/0.0eafde03a32587da9d1c2.8920439209433346.js
Requested by
Host: verify-nab.firebaseapp.com
URL: https://verify-nab.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e5174af3db3b5e05fdc10059d98dc0949864ad66928208c7e1e18e85c2843ea
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://verify-nab.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 30 Jun 2022 00:26:10 GMT
x-timer
S1656628087.196525,VS0,VE1
etag
"080dbe943395897d86299f8c929e1f57146bd6b8550f70f8fa2b8c6e75394437-br"
x-served-by
cache-ewr18145-EWR
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Thu, 30 Jun 2022 22:28:07 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
91
x-cache-hits
1
2.7dc8036fddc27c2728e72.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/
20 KB
7 KB
Script
General
Full URL
https://verify-nab.firebaseapp.com/_nuxt/2.7dc8036fddc27c2728e72.8920439209433346.js
Requested by
Host: verify-nab.firebaseapp.com
URL: https://verify-nab.firebaseapp.com/_nuxt/6.e9aacabaf5866be310391.822554931317406.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c985a29439b8fe255145d51808c30e01e9505b736a595332fa07f655a42bd0d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://verify-nab.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 30 Jun 2022 00:26:10 GMT
x-timer
S1656628087.252915,VS0,VE1
etag
"39bad113c857f3f4f85f88db5a9ce1e671ce7e4db6cc9c0317c8a9f22212afe1-br"
x-served-by
cache-ewr18162-EWR
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Thu, 30 Jun 2022 22:28:07 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6334
x-cache-hits
1
8.9b9e5dd97aeab872e1c12.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/
22 KB
6 KB
Script
General
Full URL
https://verify-nab.firebaseapp.com/_nuxt/8.9b9e5dd97aeab872e1c12.8920439209433346.js
Requested by
Host: verify-nab.firebaseapp.com
URL: https://verify-nab.firebaseapp.com/_nuxt/6.e9aacabaf5866be310391.822554931317406.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bb93aa94a3814a975a8d5a43e9fd77d1d494e8a760b5571dc92cc68c8b90942
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://verify-nab.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 30 Jun 2022 00:26:10 GMT
x-timer
S1656628087.253385,VS0,VE1
etag
"a07f5016663eaaeee845128779ed33acea48985d785c1a65f544f51958c18602-br"
x-served-by
cache-ewr18162-EWR
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Thu, 30 Jun 2022 22:28:07 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6147
x-cache-hits
1
5.5baeb02e0cca6587bf282.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/
2 MB
362 KB
Script
General
Full URL
https://verify-nab.firebaseapp.com/_nuxt/5.5baeb02e0cca6587bf282.8920439209433346.js
Requested by
Host: verify-nab.firebaseapp.com
URL: https://verify-nab.firebaseapp.com/_nuxt/6.e9aacabaf5866be310391.822554931317406.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
55fe53fc19f53bf10bd04f1471882128d51060d0c91ed81887dfe16d672e0a6d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://verify-nab.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
last-modified
Thu, 30 Jun 2022 00:26:10 GMT
x-timer
S1656628087.253354,VS0,VE133
etag
"5f48cb0e669803ee04329116347abf65934dac61c2aa08f760f123b7452f165b-br"
x-served-by
cache-ewr18162-EWR
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600
date
Thu, 30 Jun 2022 22:28:07 GMT
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
370404
x-cache-hits
1
sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
ib.nab.com.au/reno/shell/v4.22.0/assets/
0
0

truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa

Request headers

Referer
Origin
https://verify-nab.firebaseapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
29 KB
29 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a07b6772c9e702f6f2b7b83e02f76515970eb54aeec4b7b7b00450a3b35594f3

Request headers

Referer
Origin
https://verify-nab.firebaseapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea07872aaed934e600a19b6a02dbe59d12b79b1df101a65d365625646db3b273

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel_18a4ef50
ib.nab.com.au/akam/13/
0
591 B
Image
General
Full URL
https://ib.nab.com.au/akam/13/pixel_18a4ef50?a=dD00ZTE0MWM5YWQzMjFhNWViYzJkZTYxYTkxZjA5ZDZmNzZmZDIzYjdhJmpzPW9mZg==
Requested by
Host: verify-nab.firebaseapp.com
URL: https://verify-nab.firebaseapp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.5.235.38 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-235-38.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://verify-nab.firebaseapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 22:28:07 GMT
content-length
0
content-type
text/html
truncated
/
185 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
280 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a896aa0442917bb7d85724bf614b42ab9ff82ad1f6a970733b76f2b11bfee2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
ib.nab.com.au/reno/shell/v4.22.0/assets/
0
0

truncated
/
13 KB
13 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c

Request headers

Referer
Origin
https://verify-nab.firebaseapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
font/woff2
sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
ib.nab.com.au/reno/shell/v4.22.0/assets/
0
0

truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0

Request headers

Referer
Origin
https://verify-nab.firebaseapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
29 KB
29 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15435827eb508b00a5a473032738918ece0a1a6baba4f2a8832d9e8b8d886587

Request headers

Referer
Origin
https://verify-nab.firebaseapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
44 KB
44 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2d673fe34af57267a38b98a3f6f16b1f28758f407b3011089b6eb88e12856ec

Request headers

Referer
Origin
https://verify-nab.firebaseapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
application/font-sfnt
truncated
/
18 KB
18 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec

Request headers

Referer
Origin
https://verify-nab.firebaseapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/
29 KB
29 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1516e6b886bc6416bfec631059887732b3e34b4109380384a7fe83af0558f739

Request headers

Referer
Origin
https://verify-nab.firebaseapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
application/font-woff
sourcesanspro-semibold-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/
0
0

sourcesanspro-bold-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/
0
0

sourcesanspro-regular-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/
0
0

sourcesanspro-semibold-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/
0
0

sourcesanspro-bold-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/
0
0

sourcesanspro-regular-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ib.nab.com.au
URL
https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
Domain
ib.nab.com.au
URL
https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
Domain
ib.nab.com.au
URL
https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
Domain
ib.nab.com.au
URL
https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.woff
Domain
ib.nab.com.au
URL
https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.woff
Domain
ib.nab.com.au
URL
https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.woff
Domain
ib.nab.com.au
URL
https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.ttf
Domain
ib.nab.com.au
URL
https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.ttf
Domain
ib.nab.com.au
URL
https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NAB Bank (Banking)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt

1 Cookies

Domain/Path Name / Value
ib.nab.com.au/ Name: akacd_ib_nab_com_au
Value: 3834080886~rv=80~id=fcf35dca51da5ea3d02bb039b0ce58dd

18 Console Messages

Source Level URL
Text
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.woff' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.woff' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.woff' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.ttf' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.ttf' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.ttf
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://verify-nab.firebaseapp.com/
Message:
Access to font at 'https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.ttf' from origin 'https://verify-nab.firebaseapp.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.ttf
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ib.nab.com.au
verify-nab.firebaseapp.com
ib.nab.com.au
23.5.235.38
2620:0:890::100
0c25fae01f3d533727ed91660c352361177d60becaf1a9918829ba15ddc338e0
1516e6b886bc6416bfec631059887732b3e34b4109380384a7fe83af0558f739
15435827eb508b00a5a473032738918ece0a1a6baba4f2a8832d9e8b8d886587
1b38b540271daccc06d9b51ab31651bbdd940453e1b1de6555dfe9cad50eff11
1e5174af3db3b5e05fdc10059d98dc0949864ad66928208c7e1e18e85c2843ea
55fe53fc19f53bf10bd04f1471882128d51060d0c91ed81887dfe16d672e0a6d
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa
6fde8569d4adef7c49a4a0b4ee838b291341c1130d69a6b4008b7f346b4249f8
853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0
8a896aa0442917bb7d85724bf614b42ab9ff82ad1f6a970733b76f2b11bfee2e
9bb93aa94a3814a975a8d5a43e9fd77d1d494e8a760b5571dc92cc68c8b90942
9c985a29439b8fe255145d51808c30e01e9505b736a595332fa07f655a42bd0d
a07b6772c9e702f6f2b7b83e02f76515970eb54aeec4b7b7b00450a3b35594f3
a2d673fe34af57267a38b98a3f6f16b1f28758f407b3011089b6eb88e12856ec
a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec
b5a10b358f64c6ed24e3a1e0ea8272101eabc86e453b3df6a9c2372de63ddc65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453
ea07872aaed934e600a19b6a02dbe59d12b79b1df101a65d365625646db3b273