Report - mynabsecured.com/

Report Overview

Submitted URL
mynabsecured.com/
IP
194.36.191.196
ASN
#60117 Host Sailor Ltd
Submitted
2022-11-29 17:03:04
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - National Australia Bank

Detections

urlquery
20
Network Intrusion Detection
0
Threat Detection Systems
102

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	85 kB	69.16.175.42
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.148.163
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
mynabsecured.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	430 kB	194.36.191.196
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited
2022-11-29	medium	mynabsecured.com/	National Australia Bank Limited

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	mynabsecured.com/	Phishing
2022-11-29	medium	mynabsecured.com/assets/star_nab_more.03a9540d7ae7a72c39c235f7e58679c3.svg	Phishing
2022-11-29	medium	mynabsecured.com/assets/star_nab.49030fddae05ccbb4a82467133879db3.svg	Phishing
2022-11-29	medium	mynabsecured.com/static/bootstrap.min.js	Phishing
2022-11-29	medium	mynabsecured.com/assets/index_1.html	Phishing
2022-11-29	medium	mynabsecured.com/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2	Phishing
2022-11-29	medium	mynabsecured.com/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2	Phishing
2022-11-29	medium	mynabsecured.com/assets/sourcesanspro-300.a8ae0d5401bb928346ea5696443d4909.woff2	Phishing
2022-11-29	medium	mynabsecured.com/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2	Phishing
2022-11-29	medium	mynabsecured.com/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2	Phishing
2022-11-29	medium	mynabsecured.com/assets/sourcesanspro-light-webfont.woff	Phishing
2022-11-29	medium	mynabsecured.com/assets/sourcesanspro-semibold-webfont.woff	Phishing
2022-11-29	medium	mynabsecured.com/assets/sourcesanspro-bold-webfont.woff	Phishing
2022-11-29	medium	mynabsecured.com/files/activity.php	Phishing
2022-11-29	medium	mynabsecured.com/files/activity.php	Phishing
2022-11-29	medium	mynabsecured.com/files/activity.php	Phishing
2022-11-29	medium	mynabsecured.com/files/activity.php	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.5.1.js	288 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/jquery-3.5.1.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-04-18 13:12:26 Times Seen3660 Hash 23c7c5d2d1317508e807a6c7f777d6ed ad16c4a132ad2a03b4951185fed46d55397b5e88 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37 Loading...

	mynabsecured.com/	153 B	2023-03-08	2024-03-22
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:30:50 Last Seen2024-03-22 17:29:08 Times Seen5 Hash e5dc54e48890558b177684419baa158f 6d8a802579f9994f01ef2fcddbedd9fe5ade4073 2270369bd2b9e4aee821c44936e8f2f15e4be8746b61507eddc7b45bbf3605b0 Loading...

	mynabsecured.com/	111 B	2023-03-08	2024-03-22
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:56:00 Last Seen2024-03-22 17:29:08 Times Seen256 Hash 8c026176cd3a063c2ee597906087b243 459c7382cb216c68d7d01284ec2e1730ae3231ef bca7b2e8a842836b4749531e8d5b2df26068b215210120918a66514ef6db001a Loading...

	mynabsecured.com/	43 B	2023-03-08	2024-03-22
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:56:00 Last Seen2024-03-22 17:29:08 Times Seen256 Hash cce336b36a2f27694ecdd6ae78f62877 90947d96e0c7a9033a8bb25bd65070e7e94ba80f 5597a5da22c1d5d1d9059ef26adae6b818c400c976b5dc77f17163e04b0c8ec9 Loading...

	mynabsecured.com/	1.0 kB	2023-03-08	2024-03-22
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:56:00 Last Seen2024-03-22 17:29:08 Times Seen256 Hash 9680ff3d5e1284328c56d17260f7ae9a de39a49ff74bb78c4e132554437e47db60c72eef 8dffd4898c461dabe1080710291ffbfcc53c2a98ebbea46c190bce73e56568e0 Loading...

	mynabsecured.com/static/bootstrap.min.js	60 kB	2023-03-07	2024-04-19
Pretty URL mynabsecured.com/static/bootstrap.min.js IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-19 07:32:11 Times Seen6304 Hash 6bea60c34c5db6797150610dacdc6bce 544afefd148715da7dd52d368a414703390ca0e0 38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff Loading...

	mynabsecured.com/	98 B	2023-03-08	2024-03-22
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:56:00 Last Seen2024-03-22 17:29:08 Times Seen256 Hash b97d12d1bc60e07858d2b6f48f1192ab 19723e9f1ea47fa6b8fb13c861fa31e6823b93f8 d599ef73ed92e4daa70d66ba48489b0f3e9d2b22f048052c34d4de40162ee521 Loading...

	mynabsecured.com/	121 B	2023-03-08	2024-03-22
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:30:50 Last Seen2024-03-22 17:29:08 Times Seen235 Hash aed61f147a26ef177c62d1a859b6a9b6 683a28d65c4a65e9aafd8e0b107f9b52e8aeb24b 955710ffeaeb7d1f480cac3b34350c1531d0cd539bd136b77f87c2dd7806bd5a Loading...

	mynabsecured.com/	535 B	2023-03-08	2024-03-22
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:30:50 Last Seen2024-03-22 17:29:08 Times Seen228 Hash 08da42842dc08deab1461d4b4c98bcd8 f75003af4f93544feba9dc9b0ba2b5bf9e3c77d6 dbb2986b81063d584912cedf6234a2db1ab1afae92112ddee90028d95ecb0b33 Loading...

	mynabsecured.com/	416 B	2023-03-08	2023-05-29
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:56:00 Last Seen2023-05-29 13:04:52 Times Seen231 Hash 2a31afba75dd4b7d55e3bdaeb2ad4102 64109d5a19f830519ecc3ea28ab3c0c78973cfae 308a9dc89329b794b0a4817755efd6233304fcaf877c309859f23114b54334e3 Loading...

	mynabsecured.com/	586 B	2023-03-09	2023-05-29
Pretty URL mynabsecured.com/ IP 194.36.191.196 ASN #60117 Host Sailor Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 05:37:28 Last Seen2023-05-29 13:04:51 Times Seen3 Hash 76f5d5776cbf4a011f1e41e2a10b6b27 28764c22be3403c397e05845d92f07f3ded064b7 05b56e266410949b0cc53bd2fa7153e84489465ad39bb82041690c2ebadd577c Loading...

HTTP Transactions (55)

URL IP Response Size

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3654
Cache-Control: max-age=152952
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:02:53 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:32:05 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6616
Expires: Tue, 29 Nov 2022 18:53:09 GMT
Date: Tue, 29 Nov 2022 17:02:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 16:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2698
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12201
Expires: Tue, 29 Nov 2022 20:26:14 GMT
Date: Tue, 29 Nov 2022 17:02:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 284xk8NRtodtx8WGwErRV2OF/YbrAyveUwbseLGB+RrjVG7Bj8931eKBMZMXEnFm0gPZk/9Qu+o=
x-amz-request-id: 6BQCFC9S9CJF3GDV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 16:42:34 GMT
age: 1219
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:02:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

mynabsecured.com/assets/DB9VIBs1dTqVFazgPNNQC.css

194.36.191.196

200 OK

48 B

URL HTTP/2
mynabsecured.com/assets/DB9VIBs1dTqVFazgPNNQC.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text, with no line terminators
Size
48 B (48 bytes)
Hash
e31c76f12514071c5d9ba567331bd6a8
f8b0ff95fea7c6887704f6ad856adf7a5306f385
555963f3061e2caec05122b9f44900e6d7fbf5e96485aa1a3e99f70091f4d5c7

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/DB9VIBs1dTqVFazgPNNQC.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-length: 48
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/

194.36.191.196

200 OK

7.9 kB

URL HTTP/2
mynabsecured.com/
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11003), with CRLF line terminators
Size
7.9 kB (7858 bytes)
Hash
8ba1b4b7c9440c5e59dcf672c2458e24
ff7992bec83637ecec93f8727e0975202b5fb94e
f085d51552cf0d2c65c494f2f6ec10884937bb19d54e167fa8472666279749f7

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
set-cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

mynabsecured.com/assets/_template-styles.css

194.36.191.196

200 OK

4.0 kB

URL HTTP/2
mynabsecured.com/assets/_template-styles.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Unicode text, UTF-8 text
Size
4.0 kB (4044 bytes)
Hash
83e20c5c18cf6b1c39baa4b3b76800f0
d02ea4aa3a2759a2f873b351a08200f0fdf7a559
a07ed40a8a9591713d777fae7329f48d8e18fae335585a19178bb33101e5a016

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/_template-styles.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:38:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4044
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/_content-styles.css

194.36.191.196

200 OK

2.9 kB

URL HTTP/2
mynabsecured.com/assets/_content-styles.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text
Size
2.9 kB (2938 bytes)
Hash
13bac3de58befd53a837e3a5a30b6c87
d08ee94cf7905d5112b4e769a46ce527f6397837
c3d1f4dbc83fe55d5244c125c4e2e101ee2fda0c19e6e2fea962dc2491ce2bc7

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/_content-styles.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2938
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/added-styles.css

194.36.191.196

200 OK

1.2 kB

URL HTTP/2
mynabsecured.com/assets/added-styles.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text
Size
1.2 kB (1227 bytes)
Hash
3db5fad4599268fe264b119b9ae65c0c
d7bd5b5ea6b8ef6a5467496d921e8751a84beb80
f07a259f0f44501affc629aa8267dab154d50c14fa0cb578735730d81d0fac14

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/added-styles.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1227
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/_campaign-styles.css

194.36.191.196

200 OK

698 B

URL HTTP/2
mynabsecured.com/assets/_campaign-styles.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text
Size
698 B (698 bytes)
Hash
b2bf784521a1c73f9cbb2b0a2be3387a
8918f6cc5577385554a71e6b6f7c152bf2ddd479
7c4646126401dfc3541ff6187d5027145db0ec2aa15acbdff0f02949f6eeb925

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/_campaign-styles.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:38:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 698
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/_ibRedesign-styles.css

194.36.191.196

200 OK

2.0 kB

URL HTTP/2
mynabsecured.com/assets/_ibRedesign-styles.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text
Size
2.0 kB (1994 bytes)
Hash
c66c3bfd78e04202c845b325655a15e8
d19e89eaab51cf0f40f1b23c17335603f3775854
b4840d7440302f73af9ac18d740adfac5d40a90129d8efb302d7a859bcb00965

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/_ibRedesign-styles.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:38:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1994
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/_print-styles.css

194.36.191.196

200 OK

1.2 kB

URL HTTP/2
mynabsecured.com/assets/_print-styles.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text
Size
1.2 kB (1243 bytes)
Hash
c64e6e94e20851b9155dafb21b9cd4cd
bd4c2a6e1a4afea349642527ad034c498af38d02
6ca31f167e05f8950d7d62b039b4d5ddb7516ff1df7b1db33365636e4096bd7f

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/_print-styles.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1243
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/jquery.fancybox-1.3.1.css

194.36.191.196

200 OK

1.4 kB

URL HTTP/2
mynabsecured.com/assets/jquery.fancybox-1.3.1.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text
Size
1.4 kB (1394 bytes)
Hash
4bfaae71d74dab94239fdf89952bcda6
55c59a165131554f7c7a5a9597aaea496170c27c
4bbeb3e4b85f9c3b5c49fc7015c4c1bf8fe0f7fe35c376e072d5fd914e112a26

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/jquery.fancybox-1.3.1.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1394
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/loader-page.css

194.36.191.196

200 OK

667 B

URL HTTP/2
mynabsecured.com/assets/loader-page.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text, with very long lines (2952), with no line terminators
Size
667 B (667 bytes)
Hash
08a0d7f5b7c11c0ca1a8a6b8aa01fa8d
a9d263379407c9fc70570c3ff18052dd0c5b872d
499f7bbc5b9bef8e26f4de0f24041066429429a082513db760d8b4efc79283cd

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/loader-page.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 667
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/loader.css

194.36.191.196

200 OK

7.8 kB

URL HTTP/2
mynabsecured.com/assets/loader.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text, with very long lines (60372), with no line terminators
Size
7.8 kB (7779 bytes)
Hash
09a0ef4c0e8f5e0988bea3f290a8b148
1444b5f4d63537ee23e22bce70ff4601a32db7ee
b0f91891f1d3d3d5d45a70f2a78ce2bfbb92c9d8099a2c519815078b30a775b2

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/loader.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7779
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/c1986af3c26609b8b7d8933f99c51c1a89e9ea6b.png

194.36.191.196

200 OK

68 B

URL HTTP/2
mynabsecured.com/assets/c1986af3c26609b8b7d8933f99c51c1a89e9ea6b.png
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/c1986af3c26609b8b7d8933f99c51c1a89e9ea6b.png HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: image/png
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-length: 68
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/star_nab_more.03a9540d7ae7a72c39c235f7e58679c3.svg

194.36.191.196

200 OK

3.2 kB

URL HTTP/2
mynabsecured.com/assets/star_nab_more.03a9540d7ae7a72c39c235f7e58679c3.svg
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (6172)
Size
3.2 kB (3208 bytes)
Hash
2288c639a915c627d6bc649321d16886
cbdeb5a22e6cc943706e1c44c5620d2cdddcec16
613462eee867947802ee8300e99175b0e7c5c13bb7d08eae5500838a349e6554

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/star_nab_more.03a9540d7ae7a72c39c235f7e58679c3.svg HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Nov 2022 05:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3208
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/star_nab.49030fddae05ccbb4a82467133879db3.svg

194.36.191.196

200 OK

1.1 kB

URL HTTP/2
mynabsecured.com/assets/star_nab.49030fddae05ccbb4a82467133879db3.svg
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with very long lines (877)
Size
1.1 kB (1056 bytes)
Hash
877c670a5114fb7adbc4daa50a6c4f44
337ce8f2001e64e1920dfe9ce56841f3678f2bcb
a013217a3a11a321fab7bf42ed8110cfc751c6e2107a745fdd730b47b5d098c5

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/star_nab.49030fddae05ccbb4a82467133879db3.svg HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: image/svg+xml
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1056
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/DB9VIBGA0tUTGGlsCt.gif

194.36.191.196

200 OK

43 B

URL HTTP/2
mynabsecured.com/assets/DB9VIBGA0tUTGGlsCt.gif
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/DB9VIBGA0tUTGGlsCt.gif HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: image/gif
last-modified: Sun, 27 Nov 2022 05:38:18 GMT
accept-ranges: bytes
content-length: 43
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/static/bootstrap.min.js

194.36.191.196

200 OK

14 kB

URL HTTP/2
mynabsecured.com/static/bootstrap.min.js
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text, with very long lines (59893)
Size
14 kB (14242 bytes)
Hash
b52707dcdf4c96a6a787aaeb8db57639
e52c9728e4291cbc6c0d3934818d0c8128b21788
ed28f5ac0ce365f45979d30a908fcaac1eee266d38330ef0e96273d3912932ac

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /static/bootstrap.min.js HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 11:13:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14242
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.js

69.16.175.42

200 OK

84 kB

URL HTTP/2
code.jquery.com/jquery-3.5.1.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
84 kB (84374 bytes)
Hash
ad571ea184084783080d0391add24d9f
5a94acbbe3c7dfeadbb5af44b4baf7920243c4b1
5bfb1df44242cef31542b5b193050538e90183b515ffe0b99037b97d1fc42e0f

HTTP Headers

GET /jquery-3.5.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mynabsecured.com
Connection: keep-alive
Referer: https://mynabsecured.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:02:53 GMT
content-encoding: gzip
content-length: 84374
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-4638e"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669741373.dop208.sk1.t,1669741373.cds210.sk1.hn,1669741373.cds207.sk1.c
X-Firefox-Spdy: h2

mynabsecured.com/assets/font-sourcesanspro.css

194.36.191.196

200 OK

195 B

URL HTTP/2
mynabsecured.com/assets/font-sourcesanspro.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text
Size
195 B (195 bytes)
Hash
b8212fe3efb0854bc287c455d2a71ff5
e89ad584cc4bd8462de44b5848be743b8f98c932
9f5e01c1bd9998a45d556dc048564e4fa8ef00d52cca514aa4ac8df8d2edd7ad

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/font-sourcesanspro.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/assets/_ibRedesign-styles.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 195
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/ib-components.css

194.36.191.196

200 OK

1.5 kB

URL HTTP/2
mynabsecured.com/assets/ib-components.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
ASCII text
Size
1.5 kB (1474 bytes)
Hash
a4256edbe49dd68935ba867e829f6892
f9de6bb2192678abdd0d0608dc25c2190754ba31
a92e6376fddb532f45439ccbbe8b8792d73c94ce42521572084a60c832e34518

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/ib-components.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/assets/_ibRedesign-styles.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1474
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/index_1.html

194.36.191.196

200 OK

4.7 kB

URL HTTP/2
mynabsecured.com/assets/index_1.html
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (3367)
Size
4.7 kB (4734 bytes)
Hash
03e47b941183bcd3afeeac157e500bed
98a147de3a78e2cd30e0354cb60193137be0c424
f0f7df406fd81bdf44fbccfc9ef87f119013f2cb6ab403b0b138fec6a715d548

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/index_1.html HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/html
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4734
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2

194.36.191.196

200 OK

14 kB

URL HTTP/2
mynabsecured.com/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Web Open Font Format (Version 2), TrueType, length 14308, version 1.3276\012- data
Size
14 kB (14308 bytes)
Hash
58dd2a1c6d7861ea261912ba153ac8e3
235c384b9599ed2099f8fda87ba7bc8917eb1aa4
599d93e0748728edc6bd55a82a52bff61196b149d566a67d4ed86d55d9c520aa

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2 HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mynabsecured.com/assets/loader.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: font/woff2
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-length: 14308
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2

194.36.191.196

200 OK

13 kB

URL HTTP/2
mynabsecured.com/assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Web Open Font Format (Version 2), TrueType, length 12696, version 1.0\012- data
Size
13 kB (12696 bytes)
Hash
277829caedf33fa33e47d9c481d2fb10
969f882dcdfe2cdea0e01f1e51d7c4433137cc20
f951333e6474d4b7f9cd23d5afea66130b4175f40b88f3b0979d545663d391ec

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/epilogue-600.277829caedf33fa33e47d9c481d2fb10.woff2 HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mynabsecured.com/assets/loader.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: font/woff2
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-length: 12696
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1657
Cache-Control: max-age=145892
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:02:53 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:34:25 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

mynabsecured.com/assets/ib-login-banner2-1797x800.jpg

194.36.191.196

200 OK

194 kB

URL HTTP/2
mynabsecured.com/assets/ib-login-banner2-1797x800.jpg
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1796], baseline, precision 8, 1796x800, components 3\012- data
Size
194 kB (194291 bytes)
Hash
a274b2f542dec44644c62799a939810a
075b85b88c01352fc17aea26c5657e3057f76a84
eaa5a0f93d160bb09361d0e50ea7b683981b432fe751167b47dbc652003a8f90

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/ib-login-banner2-1797x800.jpg HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: image/jpeg
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-length: 194291
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/sourcesanspro-300.a8ae0d5401bb928346ea5696443d4909.woff2

194.36.191.196

200 OK

14 kB

URL HTTP/2
mynabsecured.com/assets/sourcesanspro-300.a8ae0d5401bb928346ea5696443d4909.woff2
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Web Open Font Format (Version 2), TrueType, length 14308, version 1.3276\012- data
Size
14 kB (14308 bytes)
Hash
a8ae0d5401bb928346ea5696443d4909
b9c7821c54dad58ca7f53e42cb17cb7b85f37d0a
a4fac6d6f6782da9cfe8d8c756d89953e2e1ca6a5340724385b948e083bbf569

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/sourcesanspro-300.a8ae0d5401bb928346ea5696443d4909.woff2 HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mynabsecured.com/assets/loader.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: font/woff2
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-length: 14308
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2

194.36.191.196

200 OK

18 kB

URL HTTP/2
mynabsecured.com/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Web Open Font Format (Version 2), TrueType, length 17988, version 1.3276\012- data
Size
18 kB (17988 bytes)
Hash
605135ed81218e3c6926d6603a2aba14
38c5d6ce98e2b8d405b910cf6c8d73d01ccf01b7
a97d10cefd0d747b1db289932dddd94f0e651b70a60af08de5e254539cb4ddec

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2 HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mynabsecured.com/assets/loader.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: font/woff2
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-length: 17988
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2

194.36.191.196

200 OK

14 kB

URL HTTP/2
mynabsecured.com/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Web Open Font Format (Version 2), TrueType, length 13892, version 1.3276\012- data
Size
14 kB (13892 bytes)
Hash
c18b7366babf6ace33427f60cf7fa7e0
b380e9f3dc4dfb061e70a88e1156ec89b008808a
895b2a4707f964bde44b6543d155f6dc43ddf4bcff2dc46094789a7e313e07f0

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2 HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mynabsecured.com/assets/loader.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: font/woff2
last-modified: Sun, 27 Nov 2022 05:37:40 GMT
accept-ranges: bytes
content-length: 13892
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/font-awesome.css

194.36.191.196

200 OK

6.9 kB

URL HTTP/2
mynabsecured.com/assets/font-awesome.css
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
troff or preprocessor input, ASCII text
Size
6.9 kB (6937 bytes)
Hash
5118fddd89f7a81f4358c48e7697443a
aa758d65ea0a7115e0a9bedf309d296f3502cae2
b24e197a3985ee6410a72eacfed8a960008c8498a5d19dcac0189e4e4ea112c1

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited

HTTP Headers

GET /assets/font-awesome.css HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/assets/index_1.html
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:32 GMT
content-type: text/css
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6937
date: Tue, 29 Nov 2022 17:00:32 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 16:08:56 GMT
cache-control: public,max-age=3600
age: 3237
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

mynabsecured.com/favicon.ico

194.36.191.196

404 Not Found

1.2 kB

URL HTTP/2
mynabsecured.com/favicon.ico
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 29 Nov 2022 17:00:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/sourcesanspro-light-webfont.woff

194.36.191.196

200 OK

29 kB

URL HTTP/2
mynabsecured.com/assets/sourcesanspro-light-webfont.woff
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Web Open Font Format, TrueType, length 29440, version 1.0\012- data
Size
29 kB (29440 bytes)
Hash
23b3096d364fd833d407bd64ee3c83de
2a19c57f647127d2b3814404573bc85f847fef24
c023c07272e16a150972863fbc304dc10b10f0e56589314af574a4157b19133d

Detections

Analyzer	Verdict	Alert
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/sourcesanspro-light-webfont.woff HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mynabsecured.com/assets/font-sourcesanspro.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:33 GMT
content-type: font/woff
last-modified: Sun, 27 Nov 2022 05:37:36 GMT
accept-ranges: bytes
content-length: 29440
date: Tue, 29 Nov 2022 17:00:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/sourcesanspro-semibold-webfont.woff

194.36.191.196

200 OK

30 kB

URL HTTP/2
mynabsecured.com/assets/sourcesanspro-semibold-webfont.woff
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Web Open Font Format, TrueType, length 29860, version 1.0\012- data
Size
30 kB (29860 bytes)
Hash
e2e8e9235aa9f62e2e4071689db34306
70d3beb656846aa006a8711b780bbb1d5646db25
1516e6b886bc6416bfec631059887732b3e34b4109380384a7fe83af0558f739

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/sourcesanspro-semibold-webfont.woff HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mynabsecured.com/assets/font-sourcesanspro.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:33 GMT
content-type: font/woff
last-modified: Sun, 27 Nov 2022 05:38:12 GMT
accept-ranges: bytes
content-length: 29860
date: Tue, 29 Nov 2022 17:00:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/assets/sourcesanspro-bold-webfont.woff

194.36.191.196

200 OK

29 kB

URL HTTP/2
mynabsecured.com/assets/sourcesanspro-bold-webfont.woff
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
Web Open Font Format, TrueType, length 29328, version 1.0\012- data
Size
29 kB (29328 bytes)
Hash
65fbd879ddef000960975d2da6ddee97
89324cc14086364d5ce2ef6dd8de0e630937476f
15435827eb508b00a5a473032738918ece0a1a6baba4f2a8832d9e8b8d886587

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /assets/sourcesanspro-bold-webfont.woff HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mynabsecured.com/assets/font-sourcesanspro.css
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:00:33 GMT
content-type: font/woff
last-modified: Sun, 27 Nov 2022 05:38:16 GMT
accept-ranges: bytes
content-length: 29328
date: Tue, 29 Nov 2022 17:00:33 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.161.148.163

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.148.163:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TJIvrKujf1ErzABoO2qSew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: trVFiReHycczQbQKvdOU+j3egMQ=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 17:02:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 17:02:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 17:02:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 17:02:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4275
Expires: Tue, 29 Nov 2022 18:14:10 GMT
Date: Tue, 29 Nov 2022 17:02:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 43985
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4916 bytes)
Hash
83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 49484
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8921 bytes)
Hash
823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 69360
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 68460
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9376 bytes)
Hash
cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 10:09:32 GMT
age: 24803
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 69361
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mynabsecured.com/files/activity.php

194.36.191.196

200 OK

22 B

URL HTTP/2
mynabsecured.com/files/activity.php
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
02735d7c4ab0b3f8844d5ce89569a885
a51901ca39dbc909f2a7e1428d600e524ad51870
64880b05404977a7275d83c0c05e0711751718a6a9ac3b47b888d2eb3d75779c

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /files/activity.php HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 22
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 17:00:35 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/files/activity.php

194.36.191.196

200 OK

22 B

URL HTTP/2
mynabsecured.com/files/activity.php
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
02735d7c4ab0b3f8844d5ce89569a885
a51901ca39dbc909f2a7e1428d600e524ad51870
64880b05404977a7275d83c0c05e0711751718a6a9ac3b47b888d2eb3d75779c

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /files/activity.php HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 22
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 17:00:35 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/files/activity.php

194.36.191.196

200 OK

22 B

URL HTTP/2
mynabsecured.com/files/activity.php
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
02735d7c4ab0b3f8844d5ce89569a885
a51901ca39dbc909f2a7e1428d600e524ad51870
64880b05404977a7275d83c0c05e0711751718a6a9ac3b47b888d2eb3d75779c

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /files/activity.php HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 22
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 17:00:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

mynabsecured.com/files/activity.php

194.36.191.196

200 OK

22 B

URL HTTP/2
mynabsecured.com/files/activity.php
IP
194.36.191.196:0
ASN
#60117 Host Sailor Ltd

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
02735d7c4ab0b3f8844d5ce89569a885
a51901ca39dbc909f2a7e1428d600e524ad51870
64880b05404977a7275d83c0c05e0711751718a6a9ac3b47b888d2eb3d75779c

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - National Australia Bank
openphish	National Australia Bank Limited
fortinet	Phishing

HTTP Headers

GET /files/activity.php HTTP/1.1
Host: mynabsecured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://mynabsecured.com/
Cookie: PHPSESSID=ea204824491097e8df04b5a100f703ae
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 22
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 17:00:38 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations