Report - nabgtygf.azurewebsites.net/nab-login-four/?url=www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7

Report Overview

Submitted URL
nabgtygf.azurewebsites.net/nab-login-four/?url=www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
IP
20.40.202.33
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-09-27 15:00:04
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
nabgtygf.azurewebsites.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	24 kB	264 kB	20.40.202.33
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	43 kB	142.250.74.72
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	21 kB	142.250.74.174
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.39.57.61
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	32 kB	142.250.74.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook
2022-09-27	medium	nabgtygf.azurewebsites.net/	Outlook

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7	151 B	2023-03-07	2023-03-17
Pretty URL nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7 IP 20.40.202.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:21 Last Seen2023-03-17 12:51:27 Times Seen1 Hash dd214a17228933f3a1231f8f35c286d4 e555b585c0cf78a37d1526280f7364272ef78820 a17ce5bd454692f9c13aa86dcfc82aaec0a284ac836ae743a19cffa342f53137 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-25 18:11:08 Times Seen261381 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.googletagmanager.com/gtag/js?id=UA-158588778-1	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-158588778-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:32:28 Last Seen2023-03-08 02:32:28 Times Seen1 Hash b744c3cfec2c1dd477695417a62752d1 b470f4fda9498739d0c8340afc3ce73a34489236 b19abeae3058970a9a1642cb7865c6d4ab6c775c20b304f7c244ebbf8c3957be Loading...

	nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7	76 B	2023-03-07	2023-03-17
Pretty URL nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7 IP 20.40.202.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:08:58 Last Seen2023-03-17 12:51:27 Times Seen1 Hash 92ecfd14dd1698bc1e6620666875f43c 4cbefc8d2001e22da89db4aeed13312a035ece93 02cb4c7f2af7044c48b8c4305c7d96eb91dd59198ae732bee4ec243d7dd039b2 Loading...

	nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7	566 B	2023-03-07	2023-03-17
Pretty URL nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7 IP 20.40.202.33 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:08:58 Last Seen2023-03-17 12:51:27 Times Seen1 Hash b467ba244aed799e2ab4c3c96d4db4fa 90289ab4225f479950a7f283c9cabf9c1d69b627 ebc05258f5271e69ca90ff5cef95128c1ef6d3849b3bd1a85ade65e277642381 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

HTTP Transactions (61)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 14:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7KkH73fM3fyv3LVHtJZNNsD90x4mFFyt2oIlksrEnf5RsKECJYInbQ==
Age: 2662

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10477
Expires: Tue, 27 Sep 2022 17:54:29 GMT
Date: Tue, 27 Sep 2022 14:59:52 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Tue, 27 Sep 2022 16:46:00 GMT
Date: Tue, 27 Sep 2022 14:59:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: zjgeMbGRUi9e0A70OpdcWpVPZADmw+1fX5qHzGvR8Dmd3PIU9lVS4XDP+OoOZxHUF8kDe9nn6sk=
x-amz-request-id: K64D9DAQGQ110DDY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 14:49:28 GMT
age: 625
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7

20.40.202.33

301 Moved Permanently

0 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7 HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Length: 0
Date: Tue, 27 Sep 2022 14:59:52 GMT
Location: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:59:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 14:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 15:06:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YMBm8mCUEPtvfPSKrSq7-WEFVZsd9GwjwzQJi3X5Vv6MsUQ-TkgX0A==
Age: 2947

nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7

20.40.202.33

200 OK

2.9 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (302)
Size
2.9 kB (2935 bytes)
Hash
352185d5fb03148799db501d7971aefb
2667ab75376d06cde4244014c2c7b3ee2f85ddea
d72fe9ffcc1f67db0a048a974f81ace2ef633747deab78d6adcb16f85f69cb97

HTTP Headers

GET /nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7 HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Content-Length: 2935
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "0cf17c216cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:06 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3084
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:59:53 GMT
Last-Modified: Tue, 27 Sep 2022 14:08:29 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

142.250.74.138

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 09:42:03 GMT
expires: Tue, 26 Sep 2023 09:42:03 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 105470
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-158588778-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-158588778-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
42 kB (42334 bytes)
Hash
2589332ed333b86e1a7c196087e36fa7
9e88b912d144342fe259d2de50ae5685387fdb10
8ba500696cfee489285e268533f95f70ab7c722a791da1507b957aa3f04fc9bb

HTTP Headers

GET /gtag/js?id=UA-158588778-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 14:59:53 GMT
expires: Tue, 27 Sep 2022 14:59:53 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

nabgtygf.azurewebsites.net/nab-login-four/assets/DB9VIBs1dTqVFazgPNNQC.css

20.40.202.33

200 OK

224 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/DB9VIBs1dTqVFazgPNNQC.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
224 B (224 bytes)
Hash
bab84751fef795e97dae7fafee535a42
0f324f751a2ba950d25e6ecffd2beceba662dd39
403ddfff7809360525a4bb37e5073f43ebf80e10f07a8b4321d44ed63286b8fc

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/DB9VIBs1dTqVFazgPNNQC.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 224
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "cfb716c016cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:02 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:59:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

nabgtygf.azurewebsites.net/nab-login-four/assets/_content-styles.css

20.40.202.33

200 OK

4.2 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/_content-styles.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
4.2 kB (4151 bytes)
Hash
6c9a87e594fd778fb139838898e5bd0c
2e4f0dbe5fa604b92038f8dcf46182b3c28396d8
2e9b6d9684475e16c8f7e1b452161b441048cc02b7366ec126e2b5864f92d8f9

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/_content-styles.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 4151
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "813670c216cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:06 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

push.services.mozilla.com/

52.39.57.61

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.57.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bIyAXg1ZiJ9v9T1osBQEBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WorR/UJu5rjq/Yzy98ZHCSuh/kc=

nabgtygf.azurewebsites.net/nab-login-four/assets/_print-styles.css

20.40.202.33

200 OK

1.6 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/_print-styles.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
1.6 kB (1626 bytes)
Hash
2a7ea2585595139334ec91e2d25cc4ee
d2ab5b2f7d0b9d28c2491ad4ae0461f5a4024500
982a01a611aa522ef28ad613207a0970cf59f629deb8d3894aa660e15532ca3f

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/_print-styles.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1626
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "b73d7cc216cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:06 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/_template-styles.css

20.40.202.33

200 OK

7.9 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/_template-styles.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text
Size
7.9 kB (7942 bytes)
Hash
84dd83d0960cd255fd44be3bc06c9d9f
97320a65e500d948026da5c04c01e37e728bf9a5
c510062caf01684d78cfcf8baed2b11d4d7532fa85c44c01532260c6c328f89e

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/_template-styles.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 7942
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "75281c216cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:06 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/reset.css

20.40.202.33

200 OK

540 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/reset.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (607), with no line terminators
Size
540 B (540 bytes)
Hash
769c19d4d78a8d3630157181c27b719c
3055e6962a873e604cc88b47a085c0e8a3d970a3
019476004fe3ff9e07bba04f09c636bee79cb024436610f85c55b0bd0a07295c

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/reset.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 540
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "9ea9e7c116cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:05 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/added-styles.css

20.40.202.33

200 OK

1.7 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/added-styles.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
1.7 kB (1676 bytes)
Hash
b65e0fe74482317d2951826108007026
b9e6e98080f83b045d30d733879bff50d166c46d
28ab104d8cd1a7ea25a06445cee032e92e0f96dac41139cd70835f1b57f8951a

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/added-styles.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1676
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "5bd6b5be16cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:00 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/_campaign-styles.css

20.40.202.33

200 OK

993 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/_campaign-styles.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
993 B (993 bytes)
Hash
e7a98941753e960017f233a3c898409d
3d19f63a3613c504209ff52d9070385f3bbfc0bc
3291cd1b3281b4bd0542591b28903722707f3db3dab1391a1dac07f9b6b62aa9

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/_campaign-styles.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 993
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "afd155c216cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:06 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/ib-components.css

20.40.202.33

200 OK

2.2 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/ib-components.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
2.2 kB (2162 bytes)
Hash
6f4220de447c3c7fbaeb9db36050f376
251a598ca973c3f3772031389b2c7ee02babb96c
0bf85b29584b6bdedcee8c59f420618ea01932cc33dac347851cbeb8cc27537f

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/ib-components.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 2162
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "a4b4d0c016cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:03 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/_ibRedesign-styles.css

20.40.202.33

200 OK

2.8 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/_ibRedesign-styles.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
2.8 kB (2750 bytes)
Hash
6a0cf7f87549af54b4dbb8c853613033
aab33c1564f82d8b27ff31cd99bf3fc1649da600
929b84a7b779a2de4d4dce099ef9b73a0abc1f06e6d881dcb8a73b5155869cfc

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/_ibRedesign-styles.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 2750
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "813670c216cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:06 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/jquery.fancybox-1.3.1.css

20.40.202.33

200 OK

1.9 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/jquery.fancybox-1.3.1.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
1.9 kB (1941 bytes)
Hash
c7bc3f147a758f510083978c13962c1e
7fbc2cdd0f946595fbf787ab30c22bb325f638ac
025fd7309bc1a8a303c72ab455e661cdddcc089b7cec68dd0be4546049b14e91

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/jquery.fancybox-1.3.1.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1941
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "9d934c116cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:04 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/loader-page.css

20.40.202.33

200 OK

984 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/loader-page.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (2957), with no line terminators
Size
984 B (984 bytes)
Hash
a1be810b12248a572279e08ece3c38ec
65b40e049ed1de87e75df6e3291b9583647191db
f14c12453e502f0820b5f04b1b4b3e01ecdf5db9feba7a0d3ee68752f1fb15bf

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/loader-page.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 984
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "beff5ac116cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:04 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/loader.css

20.40.202.33

200 OK

11 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/loader.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (55413), with no line terminators
Size
11 kB (11409 bytes)
Hash
bebc134e7ea4eb0a03093782875d91fa
353ac950171159bb8903bb47abe9b7e87de0537e
01e8bed552e1ca2c24b892fff2b170a69c36301d991a2e56bf5efb018dd889d5

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/loader.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 11409
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "538664c116cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:04 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/font-sourcesanspro.css

20.40.202.33

200 OK

462 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/font-sourcesanspro.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
462 B (462 bytes)
Hash
dd04812ff49905978955e26da62d1c67
d2bc2d26675f61214ca6bfc959ec1e151e507cfe
6afaf7e01cd0fa43f269e5278352e4ee3ec7a57ac86dffb6d55e031406bf1ebf

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/font-sourcesanspro.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/ib-components.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 462
Content-Type: text/css
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "c13ebbc016cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:03 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
Vary: Accept-Encoding
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nabib/styles/ib-components.css

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nabib/styles/ib-components.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nabib/styles/ib-components.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/_ibRedesign-styles.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nabib/styles/font-sourcesanspro.css

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nabib/styles/font-sourcesanspro.css
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nabib/styles/font-sourcesanspro.css HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/_ibRedesign-styles.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/star_nab_more.a3e1121c24cb2bd0957c143488ba84c9.svg

20.40.202.33

200 OK

5.3 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/star_nab_more.a3e1121c24cb2bd0957c143488ba84c9.svg
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
5.3 kB (5254 bytes)
Hash
a3e1121c24cb2bd0957c143488ba84c9
346ee6e455eb62b40365fdd5eb3745eb7afd42ab
db23f96e265a441082c50587b660ba7ee4729cc78e01c887bfa1c00bbf97d045

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/star_nab_more.a3e1121c24cb2bd0957c143488ba84c9.svg HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 5254
Content-Type: image/svg+xml
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "919342c216cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:06 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/nab_id_instruction.png

20.40.202.33

200 OK

6.5 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/nab_id_instruction.png
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 146 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6451 bytes)
Hash
c001ae70fa727fd10e9313d3a58c24fa
72556ca2fd6e749ab066398ea082448f155ba3cd
e3032ed1fe6a5bdb8cae63bf763d512f5a66750ff7669ad7f0abeba007948f9d

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/nab_id_instruction.png HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 6451
Content-Type: image/png
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "3e5cbac116cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:05 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/logo.png

20.40.202.33

200 OK

3.6 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/logo.png
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 50 x 53, 8-bit/color RGB, non-interlaced\012- data
Size
3.6 kB (3571 bytes)
Hash
8d9f795d541d98cc9e25261716927607
e4d7e73b3d31ab8ed01cea2e5683d2a258a8e34f
c25f08029fe9e0fbf66f939a22b5ea12e6807b0f66c3e8f766f9d763b5eacbf8

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/logo.png HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 3571
Content-Type: image/png
Date: Tue, 27 Sep 2022 14:59:53 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "78118dc116cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:05 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/nab_impact-webfont.1662d7e5b17fc9245a1852b34da07d2b.woff2

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/nab_impact-webfont.1662d7e5b17fc9245a1852b34da07d2b.woff2
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/nab_impact-webfont.1662d7e5b17fc9245a1852b34da07d2b.woff2 HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/loader.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2 HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/loader.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-700.c18b7366babf6ace33427f60cf7fa7e0.woff2 HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/loader.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-600.605135ed81218e3c6926d6603a2aba14.woff2 HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/loader.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/nab_impact-webfont.076327b495f9e00c7972c81f67dd9ed3.woff

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/nab_impact-webfont.076327b495f9e00c7972c81f67dd9ed3.woff
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/nab_impact-webfont.076327b495f9e00c7972c81f67dd9ed3.woff HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/loader.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-400.58dd2a1c6d7861ea261912ba153ac8e3.woff2 HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/loader.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-regular-webfont.woff

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-regular-webfont.woff
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-regular-webfont.woff HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/font-sourcesanspro.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-semibold-webfont.woff

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-semibold-webfont.woff
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-semibold-webfont.woff HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/font-sourcesanspro.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-bold-webfont.woff

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-bold-webfont.woff
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-bold-webfont.woff HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/font-sourcesanspro.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/NAB-Impact.otf

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/NAB-Impact.otf
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/NAB-Impact.otf HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/_template-styles.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-regular-webfont.ttf

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-regular-webfont.ttf
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-regular-webfont.ttf HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/font-sourcesanspro.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/ib-login-banner-1797x800.jpg

20.40.202.33

200 OK

189 kB

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/ib-login-banner-1797x800.jpg
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1797x800, components 3\012- data
Size
189 kB (189211 bytes)
Hash
7a0b3cd123b084be0e6bfe1e1b6a811b
964331f8d13681d361ae7056a77289d55fea4758
e6f1885aa9fc30aacc0f76863c02f30235305c44fb990ca1f02afa8a54dfd453

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/ib-login-banner-1797x800.jpg HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/?url=https://www.nab.com.au/personal/accounts/savings-accounts?url=https://www.nab.com.au/personal/accounts/savings-accounts&id=7
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 189211
Content-Type: image/jpeg
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "75d8f6c016cfd81:0"
Last-Modified: Fri, 23 Sep 2022 06:36:04 GMT
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-bold-webfont.ttf

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-bold-webfont.ttf
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-bold-webfont.ttf HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/font-sourcesanspro.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-semibold-webfont.ttf

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/sourcesanspro-semibold-webfont.ttf
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/sourcesanspro-semibold-webfont.ttf HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/font-sourcesanspro.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

nabgtygf.azurewebsites.net/nab-login-four/assets/NAB-Impact.ttf

20.40.202.33

404 Not Found

103 B

URL HTTP/1.1
nabgtygf.azurewebsites.net/nab-login-four/assets/NAB-Impact.ttf
IP
20.40.202.33:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
openphish	Outlook

HTTP Headers

GET /nab-login-four/assets/NAB-Impact.ttf HTTP/1.1
Host: nabgtygf.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/nab-login-four/assets/_template-styles.css
Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0; ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Tue, 27 Sep 2022 14:59:54 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;Secure;Domain=nabgtygf.azurewebsites.net
ARRAffinitySameSite=72e05dae26f068792af1dcecd2d9175362c662280b705c9b4ebfe70900dda1d0;Path=/;HttpOnly;SameSite=None;Secure;Domain=nabgtygf.azurewebsites.net
X-Powered-By: ASP.NET

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 14:41:09 GMT
expires: Tue, 27 Sep 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 1126
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14543
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:59:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14543
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:59:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14543
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:59:55 GMT
Connection: keep-alive

www.google-analytics.com/j/collect?v=1&_v=j97&a=2083920107&t=pageview&_s=1&dl=https%3A%2F%2Fnabgtygf.azurewebsites.net%2Fnab-login-four%2F%3Furl%3Dhttps%3A%2F%2Fwww.nab.com.au%2Fpersonal%2Faccounts%2Fsavings-accounts%3Furl%3Dhttps%3A%2F%2Fwww.nab.com.au%2Fpersonal%2Faccounts%2Fsavings-accounts%26id%3D7&ul=en-us&de=windows-1252&dt=NAB%20Internet%20Banking&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=212656006&gjid=710236087&cid=756989698.1664290793&tid=UA-158588778-1&_gid=1399045445.1664290793&_r=1&gtm=2ou9q0&z=2105040075

142.250.74.174

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j97&a=2083920107&t=pageview&_s=1&dl=https%3A%2F%2Fnabgtygf.azurewebsites.net%2Fnab-login-four%2F%3Furl%3Dhttps%3A%2F%2Fwww.nab.com.au%2Fpersonal%2Faccounts%2Fsavings-accounts%3Furl%3Dhttps%3A%2F%2Fwww.nab.com.au%2Fpersonal%2Faccounts%2Fsavings-accounts%26id%3D7&ul=en-us&de=windows-1252&dt=NAB%20Internet%20Banking&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=212656006&gjid=710236087&cid=756989698.1664290793&tid=UA-158588778-1&_gid=1399045445.1664290793&_r=1&gtm=2ou9q0&z=2105040075
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j97&a=2083920107&t=pageview&_s=1&dl=https%3A%2F%2Fnabgtygf.azurewebsites.net%2Fnab-login-four%2F%3Furl%3Dhttps%3A%2F%2Fwww.nab.com.au%2Fpersonal%2Faccounts%2Fsavings-accounts%3Furl%3Dhttps%3A%2F%2Fwww.nab.com.au%2Fpersonal%2Faccounts%2Fsavings-accounts%26id%3D7&ul=en-us&de=windows-1252&dt=NAB%20Internet%20Banking&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=212656006&gjid=710236087&cid=756989698.1664290793&tid=UA-158588778-1&_gid=1399045445.1664290793&_r=1&gtm=2ou9q0&z=2105040075 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://nabgtygf.azurewebsites.net
Connection: keep-alive
Referer: https://nabgtygf.azurewebsites.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://nabgtygf.azurewebsites.net
date: Tue, 27 Sep 2022 14:59:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14543
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:59:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9163 bytes)
Hash
deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 62448
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8931 bytes)
Hash
720fc80bd0ff9b71f20c8e0c13e1084e
6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50
e84bcabd01425354050fe8ba5f4b29a97f05e6f5f15d26d0706c174136de30e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: 9255ee80-ae19-4b47-882b-01e663e857ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG-EmZoAMFyWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-70cc0bc87ed2480879ba081a;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Md06h9jRAN491M1gOjvAXN4Zp2msjqH-dYNVxyH6xJ2G8pf50tyHeQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:23:21 GMT
age: 59794
etag: "6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IWzfDNFlgYdqYnbQ9uWfOvqb5zl3I3mgTZrT5pU5P3EvetMRDN5P7w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:06:47 GMT
age: 49988
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13213 bytes)
Hash
62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 62458
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10211 bytes)
Hash
347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 61412
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6390 bytes)
Hash
14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 48125
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (61)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size