r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12872
Expires: Mon, 31 Oct 2022 14:46:27 GMT
Date: Mon, 31 Oct 2022 11:11:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c936a37c0ab225115a83277467091ec
d357ab9189990d3718036f67c12f467efe43552d
747c8165e4d62420f0c769d2e91ca9e7a04cfc02bd29f35ca3f74c106964c04f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6058
Cache-Control: max-age=86408
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 11:11:55 GMT
Etag: "635e4459-1d7"
Expires: Tue, 01 Nov 2022 11:12:03 GMT
Last-Modified: Sun, 30 Oct 2022 09:31:05 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c936a37c0ab225115a83277467091ec
d357ab9189990d3718036f67c12f467efe43552d
747c8165e4d62420f0c769d2e91ca9e7a04cfc02bd29f35ca3f74c106964c04f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6058
Cache-Control: max-age=86408
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 11:11:55 GMT
Etag: "635e4459-1d7"
Expires: Tue, 01 Nov 2022 11:12:03 GMT
Last-Modified: Sun, 30 Oct 2022 09:31:05 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e59d16ee0744a08cb29d0f7e664a3827
f64722982e24ecc948f599edc76e36250ddf5112
2ef6e5bddd86663d50c9c66bc8b46f92534f4d0ef5e490a24fb876355ec006b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EF6E5BDDD86663D50C9C66BC8B46F92534F4D0EF5E490A24FB876355EC006B9"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9463
Expires: Mon, 31 Oct 2022 13:49:38 GMT
Date: Mon, 31 Oct 2022 11:11:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
Alt-Used: 0
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 31 Oct 2022 10:42:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6RquUjUIkfnGw+GtJRuXwKzWYo6IzetezSe+0JCLxddyMt/q0iAjar7+9KVWpOtg7rcVYQ82Iow=
x-amz-request-id: PKN4EX358S7SHWTX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 31 Oct 2022 11:11:32 GMT
age: 23
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 31 Oct 2022 11:11:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f646a3a97223c35e424ccb52d0ff73da
d88c49b4ac278348e6c669792334170911fb43dd
065a4e4db1b5f7d8231afbd3cb75ce74f0a74aee63bc12a79f5a8d050f55a05b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2985
Cache-Control: max-age=164676
Content-Type: application/ocsp-response
Date: Mon, 31 Oct 2022 11:11:56 GMT
Etag: "635f8217-1d7"
Expires: Wed, 02 Nov 2022 08:56:32 GMT
Last-Modified: Mon, 31 Oct 2022 08:06:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.148.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.148.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: c2AwRS9/cD3ZGPKjzPJBTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DcVsgtaZRsgps6hJOu7fgmX4wuk=
nablogin.38894-au.online/index.php
41.216.183.200302 Found 0 B URL HTTP/1.1 nablogin.38894-au.online/index.php
IP 41.216.183.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /index.php HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 31 Oct 2022 11:11:56 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.2.0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3932
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 11:11:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3932
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 11:11:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3932
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 11:11:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3932
Expires: Mon, 31 Oct 2022 12:17:29 GMT
Date: Mon, 31 Oct 2022 11:11:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a5598b5025c779903462274690bb7e3
0f8f5bacc06a4ee8e3be25c1dc642d22b91bca5c
9b862b8885ab187323aa8f7fdd7cd712959fd7a0b02f5b74c98896be2c5eccd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23c27174-26b8-4527-8bea-cad88bdc0d34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9749
x-amzn-requestid: ec256f33-dd6c-42dc-976e-970755bcb610
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a1oYkGpmoAMFtQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635eedd0-6758a6d921b2dca27986636f;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 21:34:08 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FuyyaxZh6Eayqcr0LtISy45sor5qV8EaJle4q8Jcbl4K1ZTKTZakkQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:57:36 GMT
age: 47661
etag: "0f8f5bacc06a4ee8e3be25c1dc642d22b91bca5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcea499342cb4ca7e3c89244dc8d849
819d9d46a49d75af68dc0cc06b3f5e9f86ec2a23
b62cd13dbfc77ef5eed5e0325d5502b2de6e24dcbe038d05a5611b00ea6105be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda9e9d05-60e1-4306-8343-0c7528ff720b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4604
x-amzn-requestid: 0c493247-ae7e-4f88-b1e5-4edb7dbed418
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajLO1Gu7IAMFWHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578bf8-282d95bb13a0e224024608bd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iMDP-thn7HuLaQvocbtVTk2slo-zKJ3fqL-EVtuFhxV1fisNq5cBew==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 13:09:15 GMT
age: 79362
etag: "819d9d46a49d75af68dc0cc06b3f5e9f86ec2a23"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5973f412-f758-44c8-a6b2-cef4cc9e352e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5973f412-f758-44c8-a6b2-cef4cc9e352e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1b425d4df9a72bd2846e9adb21e8532
25a02f622f634a7a329eae1a028851ee58a18030
57266a6e26dff5fafbdfb6cc3259fae2de0e390aa898f083ade8afeaee480343
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5973f412-f758-44c8-a6b2-cef4cc9e352e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: 728c7cf2-43e4-472f-9566-41643f8b7862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apNEyFjHIAMFjuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359f551-347d01a53b6f9c3b24dc3689;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 03:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fZII17wzwZpLNvv8RnI5Pbwe5CH06NCKWZz9N6Aw2jOfx5T6pyFEcA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 11:52:45 GMT
age: 83952
etag: "25a02f622f634a7a329eae1a028851ee58a18030"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75fc75d83e2c8db4b32c5a9fb53b31db
ff724242913f99f4d8d0d68a92b231b490072eab
fae871d41be568efd749a7b76d7d975020231053a0052df967a20b63589715ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8cfc555-4048-4e14-86b3-cc69eee56121.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10057
x-amzn-requestid: 11e904c9-7f64-460b-ac84-52fac380750b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a1py7G2_oAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635ef012-1bbd672d35611b964e43a108;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zxxZaQ_QoqAkE_zda-o2dfdqdbjeXdXDznweZ_pbEEHSgNvlfIw1lA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 22:10:49 GMT
etag: "ff724242913f99f4d8d0d68a92b231b490072eab"
content-type: image/jpeg
age: 46868
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb3964a844616e8156299a91f6068d3b
dc8a6f2b451b87f4b8f4573daf9f3587d801e1ed
014216665e0feb6a3f64460d8dd50023d4621e10fd31180d6807c9eda8f57364
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa07876b5-faa6-4aa0-a431-a5353c5e0126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: ede9fc0d-bac4-495c-8ecb-39cae7324858
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aznUqG2RIAMFn3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635e1f50-772b9c7e057f59c46cc7bd6f;Sampled=0
x-amzn-remapped-date: Sun, 30 Oct 2022 06:53:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: h9FWRKRLJCQT9M7qKj7c7wdASXyF4eaogCiAmea4i3UQlnOugk1qUw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 13:01:33 GMT
age: 79824
etag: "dc8a6f2b451b87f4b8f4573daf9f3587d801e1ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nablogin.38894-au.online/login.php?sessionid=40a230ac2bdcb07ef5f1de2827992ca3
41.216.183.200302 Found 19 kB URL HTTP/1.1 nablogin.38894-au.online/login.php?sessionid=40a230ac2bdcb07ef5f1de2827992ca3
IP 41.216.183.200:0
Hash 5861325b166f7fecf4ed900b48248202
be6793504a1ef6e00ebd01ebba12a231b84d29ff
a91b83bfcc71201f881136f9e7c677add54ba12fd27cd08a446b0fa4423cc315
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /login.php?sessionid=40a230ac2bdcb07ef5f1de2827992ca3 HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 31 Oct 2022 11:11:55 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.2.0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn; path=/
Location: index.php
Vary: User-Agent
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
41.216.183.200200 OK 3.2 kB URL HTTP/1.1 nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
IP 41.216.183.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2188), with CRLF line terminators
Hash 28f8d72a594c30f2ac8594fefa53c5a7
e989c486b7d1d8b134715a432c17afe71dc69fe9
264ddca262a4d12c3288da0a13719ab26f1a5fb0ccaab9fd309a25978c62f405
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /login.php?sessionid=35b0bce9d250429df012c0426f88d0bd HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:57 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
X-Powered-By: PHP/7.2.0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3249
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
nablogin.38894-au.online/assets/index_1.html
41.216.183.200200 OK 393 B URL HTTP/1.1 nablogin.38894-au.online/assets/index_1.html
IP 41.216.183.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (589), with no line terminators
Hash 8becc43275d0fb89145fdf10cd1bcd63
371cf83265461d382276e38c844f60841e017c8c
2af0342b1589b576b39796d754aee3a95e56c5384d6aff47f2661b9c1c4b548f
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/index_1.html HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "24d-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 393
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
nablogin.38894-au.online/assets/added-styles.css
41.216.183.200200 OK 1.4 kB URL HTTP/1.1 nablogin.38894-au.online/assets/added-styles.css
IP 41.216.183.200:0
Hash bfc7fd80e05f8ac6c371f2e9bb267c40
5bfda4abddce68409a0d299d9c09778d8eb40a25
8cf0a519d521ee331e4f3da2029e2a9a40c62e0606241ae97f4312e980f8ba68
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/added-styles.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "f99-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1368
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/_campaign-styles.css
41.216.183.200200 OK 770 B URL HTTP/1.1 nablogin.38894-au.online/assets/_campaign-styles.css
IP 41.216.183.200:0
Hash 08f722fefd9f445df4d8a4a5400da5d1
24b9439adabc34e09668a26f948f067b82928223
ef5763752675c13ff06b3c88d115b1ca5b080763d30a38e38753838c985695d2
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/_campaign-styles.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:56 GMT
ETag: "929-5ebd5e92aa200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 770
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/_ibRedesign-styles.css
41.216.183.200200 OK 2.2 kB URL HTTP/1.1 nablogin.38894-au.online/assets/_ibRedesign-styles.css
IP 41.216.183.200:0
Hash 3d2383df60c284ac19d33f813ea1e38f
3ec2c89e5cd8463bf24e005fea9cffb998895d18
64e9cf7e1ac53e8dc61a7ffcec1f4db2a58bc49d9b20c879b0a927383611eb26
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/_ibRedesign-styles.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "1f73-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2156
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/_print-styles.css
41.216.183.200200 OK 1.4 kB URL HTTP/1.1 nablogin.38894-au.online/assets/_print-styles.css
IP 41.216.183.200:0
Hash 4cc5cce47293a0f518ae26e68327b837
4b076e67fda8534321c020636273e0b914b72a61
deefd37d48654749891ef47c842901cb9dd2c56c9bb747acec0b11b8c0cf0516
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/_print-styles.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "d0a-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1359
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/jquery.fancybox-1.3.1.css
41.216.183.200200 OK 1.5 kB URL HTTP/1.1 nablogin.38894-au.online/assets/jquery.fancybox-1.3.1.css
IP 41.216.183.200:0
Hash c5e6a94d2be2799071fe7a2606e5b6e3
8207930207a4c6e88c219c47db252322f169b5d1
7cc7bc93524cc4e55ecd96c3f605c75677b35eadd945d6e1a7696c2fe79f6a92
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/jquery.fancybox-1.3.1.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "1fce-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1547
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/loader-page.css
41.216.183.200200 OK 770 B URL HTTP/1.1 nablogin.38894-au.online/assets/loader-page.css
IP 41.216.183.200:0
File type ASCII text, with very long lines (2952), with no line terminators
Hash 3742c63bd526e15cf58c0ebfdd8d813c
8a36bbd7914e859095d429c9f313eb70cf4743b0
fa22940843da95d05a3e88854041ecac854be905f5bd131efd916ef5c5b95615
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/loader-page.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "b88-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 770
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/loader.css
41.216.183.200200 OK 7.8 kB URL HTTP/1.1 nablogin.38894-au.online/assets/loader.css
IP 41.216.183.200:0
File type ASCII text, with very long lines (57175), with no line terminators
Hash dcd79ea2a0e9825e93e2bdde5cc94245
6f078504c6961278c45027be343aad6d98e945fb
14a5351255393e0dc55a673495c0229eefbea0eedc14f0476b0715aa9d509e52
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/loader.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "df57-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7817
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/DB9VIBs1dTqVFazgPNNQC.css
41.216.183.200200 OK 48 B URL HTTP/1.1 nablogin.38894-au.online/assets/DB9VIBs1dTqVFazgPNNQC.css
IP 41.216.183.200:0
File type ASCII text, with no line terminators
Hash 74f8809d5f0c331a1c23dad0b808d26a
135d19cb1d5c941ed2ff143c1957b3bd524cc38d
da613d6b6ad98cf37e812deb96f7a9002e4ae58145c046d2072c91852bdc11dc
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/DB9VIBs1dTqVFazgPNNQC.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "30-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 48
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/reset.css
41.216.183.200200 OK 375 B URL HTTP/1.1 nablogin.38894-au.online/assets/reset.css
IP 41.216.183.200:0
File type ASCII text, with very long lines (607), with no line terminators
Hash 45541e1a53f7deb47b885123a0d95b38
24d623669c9fcd62860829533aeee587ce16f765
7e2e63b7ae5707009404ec7d5f97fed16ea545e08f62e0868eb2361de9f404f3
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/reset.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "25f-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 375
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/_content-styles.css
41.216.183.200200 OK 3.1 kB URL HTTP/1.1 nablogin.38894-au.online/assets/_content-styles.css
IP 41.216.183.200:0
Hash 9e4b9d12fa53a7caa9258f7507f9bbe2
9086b06d07fe65588a2b12bc95f85f4de771322f
86c7f6ed630fbe2cf19ba4956a2235c2ba5ab227478cb5460484ff97f3f72593
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/_content-styles.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "3015-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3128
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/_template-styles.css
41.216.183.200200 OK 4.3 kB URL HTTP/1.1 nablogin.38894-au.online/assets/_template-styles.css
IP 41.216.183.200:0
Hash bd1efcd8b217cc60bf9c3f9b61088546
091e10c0315e90ed02cf4c7eca86ef34b88a3686
fd9e5fa86bf6b264c8b6613e2093c3d0f5ff03a9d1417bc31fddb5818cd9fc5a
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/_template-styles.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "5786-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4252
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/font-sourcesanspro.css
41.216.183.200200 OK 251 B URL HTTP/1.1 nablogin.38894-au.online/assets/font-sourcesanspro.css
IP 41.216.183.200:0
Hash 130463b533f5425fa26872fa7d2e0391
70c4a7d15d881651e3a10f4184c4570092bf1def
548fd7be20ea92eb1694b71aa8838248910d4644271c88caa23a8af4cf05e6c8
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/font-sourcesanspro.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/assets/_ibRedesign-styles.css
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "5de-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 251
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/ib-components.css
41.216.183.200200 OK 1.6 kB URL HTTP/1.1 nablogin.38894-au.online/assets/ib-components.css
IP 41.216.183.200:0
Hash 01fd453c47d483c619cd29a0824a1e22
53f7c4569d6add02b4a3eec06887ba750da8e406
f5e31de28bedcdbaae664a36176f7b90ead99887fbbcab95b1a010038bc13703
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/ib-components.css HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/assets/_ibRedesign-styles.css
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "1b71-5ebd5e9492680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1647
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
nablogin.38894-au.online/assets/dc_pre=COv4vYfcmvgCFfBBnQkdbaMGfQ;src=3347639;type=brand839;cat=NABHo0;ord=1416353771979;gtm=2od660;auiddc=_;-oref=https.gif
41.216.183.200200 OK 42 B URL HTTP/1.1 nablogin.38894-au.online/assets/dc_pre=COv4vYfcmvgCFfBBnQkdbaMGfQ;src=3347639;type=brand839;cat=NABHo0;ord=1416353771979;gtm=2od660;auiddc=_;-oref=https.gif
IP 41.216.183.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/dc_pre=COv4vYfcmvgCFfBBnQkdbaMGfQ;src=3347639;type=brand839;cat=NABHo0;ord=1416353771979;gtm=2od660;auiddc=_;-oref=https.gif HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/assets/index_1.html
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "2a-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 42
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
nablogin.38894-au.online/assets/DB9VIBGA0tUTGGlsCt.gif
41.216.183.200200 OK 43 B URL HTTP/1.1 nablogin.38894-au.online/assets/DB9VIBGA0tUTGGlsCt.gif
IP 41.216.183.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/DB9VIBGA0tUTGGlsCt.gif HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "2b-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 43
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
nablogin.38894-au.online/assets/c1986af3c26609b8b7d8933f99c51c1a89e9ea6b.png
41.216.183.200200 OK 68 B URL HTTP/1.1 nablogin.38894-au.online/assets/c1986af3c26609b8b7d8933f99c51c1a89e9ea6b.png
IP 41.216.183.200:0
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/c1986af3c26609b8b7d8933f99c51c1a89e9ea6b.png HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "44-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 68
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
nablogin.38894-au.online/assets/star_nab.91d7da1ca9ee569cc4c6c877e12cfe42.svg
41.216.183.200200 OK 1.2 kB URL HTTP/1.1 nablogin.38894-au.online/assets/star_nab.91d7da1ca9ee569cc4c6c877e12cfe42.svg
IP 41.216.183.200:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6a0fd7d2371b93063ccaa4485d93ae28
761aa34cda25fe6b2e9814c7196f8c4a2b91c40a
d76c8a231e1c5c7389da7ff7635f3ed32c44c180e85d851e9733fa5fb342fdec
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/star_nab.91d7da1ca9ee569cc4c6c877e12cfe42.svg HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:21:00 GMT
ETag: "904-5ebd5e967ab00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1196
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
nablogin.38894-au.online/assets/nab_id_instruction.png
41.216.183.200200 OK 6.5 kB URL HTTP/1.1 nablogin.38894-au.online/assets/nab_id_instruction.png
IP 41.216.183.200:0
File type PNG image data, 146 x 138, 8-bit/color RGBA, non-interlaced\012- data
Hash c001ae70fa727fd10e9313d3a58c24fa
72556ca2fd6e749ab066398ea082448f155ba3cd
e3032ed1fe6a5bdb8cae63bf763d512f5a66750ff7669ad7f0abeba007948f9d
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/nab_id_instruction.png HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "1933-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 6451
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
nablogin.38894-au.online/assets/star.3e6c270ed043559b19775e086bf97f20.svg
41.216.183.200200 OK 829 B URL HTTP/1.1 nablogin.38894-au.online/assets/star.3e6c270ed043559b19775e086bf97f20.svg
IP 41.216.183.200:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1262)
Hash 4f1e0a3676d51df320b3782cc432e9f6
8e3bac476c2cf9d4dcdd0cbb7b6e0686d015841f
72060186ad6d1db760f902fd24ba44d7009f752c8dfcf3074cf6ef3a94621173
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/star.3e6c270ed043559b19775e086bf97f20.svg HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:21:00 GMT
ETag: "6a5-5ebd5e967ab00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 829
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
nablogin.38894-au.online/assets/star_nab_more.a3e1121c24cb2bd0957c143488ba84c9.svg
41.216.183.200200 OK 2.1 kB URL HTTP/1.1 nablogin.38894-au.online/assets/star_nab_more.a3e1121c24cb2bd0957c143488ba84c9.svg
IP 41.216.183.200:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0b4eea7d6096b5df7d878e29429c5505
5063c8c2c10938b19ae91b862d47082f23a1ad09
1071122a6caeda4140f0c98d1d57e224c5cc5a73a20eb6650133abcb5188133c
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/star_nab_more.a3e1121c24cb2bd0957c143488ba84c9.svg HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:21:00 GMT
ETag: "1486-5ebd5e967ab00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2136
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml
nablogin.38894-au.online/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
41.216.183.200200 OK 14 kB URL HTTP/1.1 nablogin.38894-au.online/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
IP 41.216.183.200:0
File type Web Open Font Format (Version 2), TrueType, length 14308, version 1.3276\012- data
Hash 58dd2a1c6d7861ea261912ba153ac8e3
235c384b9599ed2099f8fda87ba7bc8917eb1aa4
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2 HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nablogin.38894-au.online/assets/loader.css
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "37e4-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 14308
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
nablogin.38894-au.online/assets/nab_impact-webfont.1662d7e5b17fc9245a1852b34da07d2b.woff2
41.216.183.200200 OK 13 kB URL HTTP/1.1 nablogin.38894-au.online/assets/nab_impact-webfont.1662d7e5b17fc9245a1852b34da07d2b.woff2
IP 41.216.183.200:0
File type Web Open Font Format (Version 2), TrueType, length 13060, version 1.65\012- data
Hash 1662d7e5b17fc9245a1852b34da07d2b
21b1b15bcd3a386bce68aea29ce58aa2491faf68
853f501c07636c1cf0ab27ea73f4e5845b495f950ded2b2fcd603d377a8b547c
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/nab_impact-webfont.1662d7e5b17fc9245a1852b34da07d2b.woff2 HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nablogin.38894-au.online/assets/loader.css
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "3304-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 13060
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
nablogin.38894-au.online/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
41.216.183.200200 OK 14 kB URL HTTP/1.1 nablogin.38894-au.online/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
IP 41.216.183.200:0
File type Web Open Font Format (Version 2), TrueType, length 13892, version 1.3276\012- data
Hash c18b7366babf6ace33427f60cf7fa7e0
b380e9f3dc4dfb061e70a88e1156ec89b008808a
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2 HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nablogin.38894-au.online/assets/loader.css
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "3644-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 13892
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
nablogin.38894-au.online/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
41.216.183.200200 OK 18 kB URL HTTP/1.1 nablogin.38894-au.online/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
IP 41.216.183.200:0
File type Web Open Font Format (Version 2), TrueType, length 17988, version 1.3276\012- data
Hash 605135ed81218e3c6926d6603a2aba14
38c5d6ce98e2b8d405b910cf6c8d73d01ccf01b7
a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2 HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nablogin.38894-au.online/assets/loader.css
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "4644-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 17988
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
nablogin.38894-au.online/assets/ib-login-banner-1797x800.jpg
41.216.183.200200 OK 189 kB URL HTTP/1.1 nablogin.38894-au.online/assets/ib-login-banner-1797x800.jpg
IP 41.216.183.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1797x800, components 3\012- data
Size 189 kB (189211 bytes)
Hash 7a0b3cd123b084be0e6bfe1e1b6a811b
964331f8d13681d361ae7056a77289d55fea4758
e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /assets/ib-login-banner-1797x800.jpg HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 200 OK
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Last-Modified: Tue, 25 Oct 2022 06:20:58 GMT
ETag: "2e31b-5ebd5e9492680"
Accept-Ranges: bytes
Content-Length: 189211
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
nablogin.38894-au.online/favicon.ico
41.216.183.200404 Not Found 196 B URL HTTP/1.1 nablogin.38894-au.online/favicon.ico
IP 41.216.183.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert openphish National Australia Bank Limited
GET /favicon.ico HTTP/1.1
Host: nablogin.38894-au.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nablogin.38894-au.online/login.php?sessionid=35b0bce9d250429df012c0426f88d0bd
Cookie: PHPSESSID=l1fhv76sm24kmoqr4033bvernn
HTTP/1.1 404 Not Found
Date: Mon, 31 Oct 2022 11:11:58 GMT
Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2k-fips
Content-Length: 196
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6138c205ed582180977c00ae3231e5dd
76e15ea81dc440923032e72c3a8601124d895712
f5e7c84c06192e19ff0d5743031a770f79e89a7b41903ef37dab1bafb3978ac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10683
x-amzn-requestid: e8e77d09-5ea6-4ac8-8327-d18c78168383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV3aGtsoAMFa-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cfc-3af1e39158fbc9dd3b1f3cf9;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:37:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bXaLzFTgyeLjZlFqkAdhaX7XeNNQSvf5u9_rm2PZVH0vw_4tIk1Cyg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 21:49:18 GMT
age: 48166
etag: "76e15ea81dc440923032e72c3a8601124d895712"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2