verify-nab.firebaseapp.com
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Submission: On June 30 via manual from AU — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1D4 on June 21st 2022. Valid for: 3 months.
This is the only time verify-nab.firebaseapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NAB Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 23.5.235.38 23.5.235.38 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
18 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-5-235-38.deploy.static.akamaitechnologies.com
ib.nab.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
firebaseapp.com
verify-nab.firebaseapp.com |
450 KB |
1 |
nab.com.au
ib.nab.com.au — Cisco Umbrella Rank: 900844 Failed |
591 B |
18 | 2 |
Domain | Requested by | |
---|---|---|
8 | verify-nab.firebaseapp.com |
verify-nab.firebaseapp.com
|
1 | ib.nab.com.au |
verify-nab.firebaseapp.com
|
18 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
firebaseapp.com GTS CA 1D4 |
2022-06-21 - 2022-09-19 |
3 months | crt.sh |
ib.nab.com.au Entrust Certification Authority - L1M |
2021-10-18 - 2022-10-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://verify-nab.firebaseapp.com/
Frame ID: 2436E67E025AA237F09894FA537E323E
Requests: 29 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
verify-nab.firebaseapp.com/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.e9aacabaf5866be310391.822554931317406.js
verify-nab.firebaseapp.com/_nuxt/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.d79874da2c5f1f664d942.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/ |
192 KB 58 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.f473d4df31023424cfc52.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/ |
56 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.0eafde03a32587da9d1c2.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/ |
119 B 203 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2.7dc8036fddc27c2728e72.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/ |
20 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
8.9b9e5dd97aeab872e1c12.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/ |
22 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
5.5baeb02e0cca6587bf282.8920439209433346.js
verify-nab.firebaseapp.com/_nuxt/ |
2 MB 362 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
ib.nab.com.au/reno/shell/v4.22.0/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel_18a4ef50
ib.nab.com.au/akam/13/ |
0 591 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
185 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
280 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
ib.nab.com.au/reno/shell/v4.22.0/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
ib.nab.com.au/reno/shell/v4.22.0/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 KB 44 KB |
Font
application/font-sfnt |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 29 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-semibold-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-bold-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-regular-webfont.woff
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-semibold-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-bold-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sourcesanspro-regular-webfont.ttf
ib.nab.com.au/nabib/styles/fonts/sourcesanspro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/reno/shell/v4.22.0/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.woff
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.woff
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.woff
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-semibold-webfont.ttf
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-bold-webfont.ttf
- Domain
- ib.nab.com.au
- URL
- https://ib.nab.com.au/nabib/styles/fonts/sourcesanspro/sourcesanspro-regular-webfont.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NAB Bank (Banking)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ib.nab.com.au/ | Name: akacd_ib_nab_com_au Value: 3834080886~rv=80~id=fcf35dca51da5ea3d02bb039b0ce58dd |
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ib.nab.com.au
verify-nab.firebaseapp.com
ib.nab.com.au
23.5.235.38
2620:0:890::100
0c25fae01f3d533727ed91660c352361177d60becaf1a9918829ba15ddc338e0
1516e6b886bc6416bfec631059887732b3e34b4109380384a7fe83af0558f739
15435827eb508b00a5a473032738918ece0a1a6baba4f2a8832d9e8b8d886587
1b38b540271daccc06d9b51ab31651bbdd940453e1b1de6555dfe9cad50eff11
1e5174af3db3b5e05fdc10059d98dc0949864ad66928208c7e1e18e85c2843ea
55fe53fc19f53bf10bd04f1471882128d51060d0c91ed81887dfe16d672e0a6d
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa
6fde8569d4adef7c49a4a0b4ee838b291341c1130d69a6b4008b7f346b4249f8
853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0
8a896aa0442917bb7d85724bf614b42ab9ff82ad1f6a970733b76f2b11bfee2e
9bb93aa94a3814a975a8d5a43e9fd77d1d494e8a760b5571dc92cc68c8b90942
9c985a29439b8fe255145d51808c30e01e9505b736a595332fa07f655a42bd0d
a07b6772c9e702f6f2b7b83e02f76515970eb54aeec4b7b7b00450a3b35594f3
a2d673fe34af57267a38b98a3f6f16b1f28758f407b3011089b6eb88e12856ec
a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec
b5a10b358f64c6ed24e3a1e0ea8272101eabc86e453b3df6a9c2372de63ddc65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453
ea07872aaed934e600a19b6a02dbe59d12b79b1df101a65d365625646db3b273