www.theta.com.tw Open in urlscan Pro
125.227.250.232  Malicious Activity! Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request pero.php Show response www.theta.com.tw/sem/nps.nce/net_secured/	57 KB 57 KB	758ms 228ms	Document text/html	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / PHP/5.5.38 Resource Hash b997ea8d14e5a77db2e848dd7d936034757d606a62edb920a109d738966a87eb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:04 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 Connection Keep-Alive X-Powered-By PHP/5.5.38 Transfer-Encoding chunked Keep-Alive timeout=5, max=100 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	logonButton.jpg www.theta.com.tw/sem/nps.nce/net_secured/images/	2 KB 2 KB	235ms 235ms	Image image/jpeg	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/logonButton.jpg Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "892-4ab6234927200" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2194
GET H/1.1	200 OK	Promo_Right.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	197 B 197 B	228ms 227ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/Promo_Right.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "c5-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 197
GET H/1.1	200 OK	Login_Bottom.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	233 B 233 B	230ms 230ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/Login_Bottom.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "e9-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 233
GET H/1.1	200 OK	info.css www.theta.com.tw/sem/nps.nce/net_secured/css/	2 KB 2 KB	444ms 228ms	Stylesheet text/css	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/css/info.css Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 4e5bd28ed60824f9586df04409d3eecaf7fdf26497b4cdd0e73a3031c6a9bf8a Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "6cc-4ab623473ed80" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1740
GET H/1.1	200 OK	main.css www.theta.com.tw/sem/nps.nce/net_secured/css/	5 KB 5 KB	459ms 228ms	Stylesheet text/css	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/css/main.css Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 9fc2bcc53ce9d841065b36e1cdf26e9da500f15239e239b2031922631c67321d Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "15da-4ab623473ed80" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5594
GET H/1.1	200 OK	style.css www.theta.com.tw/sem/nps.nce/net_secured/css/	9 KB 9 KB	463ms 228ms	Stylesheet text/css	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/css/style.css Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 829daa1e158b231d119d7dbc6a08de4ca80dc144454cf73b2b055da6e7df45c3 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "23e1-4ab623473ed80" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9185
GET H/1.1	404 Not Found	jquery-1.4.2.min.js icproxy.googlecode.com/files/	0 0	28ms 14ms	Script text/html	2a00:1450:400c:c0b::52 Google Inc.
General Check archive.org Show headers Download Go to Full URL http://icproxy.googlecode.com/files/jquery-1.4.2.min.js Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 2a00:1450:400c:c0b::52 , Ireland, ASN15169 (GOOGLE - Google Inc., US), Reverse DNS Software / Resource Hash Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Tue, 12 Sep 2017 12:14:54 GMT Referrer-Policy no-referrer Content-Length 1586 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	NedbankLogo.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	2 KB 2 KB	226ms 226ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/NedbankLogo.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 811a0d96cb6b717ef578136f7097d43de2a459f727ca760626e5cefa5eff59c3 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "930-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2352
GET H/1.1	200 OK	menu_shadow_left.jpg www.theta.com.tw/sem/nps.nce/net_secured/images/	405 B 405 B	230ms 230ms	Image image/jpeg	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/menu_shadow_left.jpg Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "195-4ab6234927200" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 405
GET H/1.1	200 OK	Login_Top.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	230 B 230 B	227ms 227ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/Login_Top.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "e6-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 230
GET H/1.1	200 OK	Promo_Left.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	195 B 195 B	690ms 228ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/Promo_Left.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "c3-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 195
GET H/1.1	200 OK	lock.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	587 B 587 B	441ms 228ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/lock.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "24b-4ab623473ed80" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 587
GET H/1.1	200 OK	arrow_down.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	56 B 56 B	228ms 228ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/arrow_down.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "38-4ab623473ed80" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 56
GET H/1.1	200 OK	arrow.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	56 B 56 B	228ms 228ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/arrow.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "38-4ab623473ed80" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 56
GET H/1.1	200 OK	Promo_Top.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	244 B 244 B	654ms 228ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/Promo_Top.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "f4-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 244
GET H/1.1	200 OK	1Trusteerpromo.jpg www.theta.com.tw/sem/nps.nce/net_secured/images/	16 KB 16 KB	430ms 228ms	Image image/jpeg	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/1Trusteerpromo.jpg Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 2f69b28906e772f2f516d6ac5f718090837a394ee0a243db06d07bf5acdeeb79 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "40b1-4ab623473ed80" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 16561
GET H/1.1	200 OK	Promo_Bottom.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	247 B 247 B	446ms 240ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/Promo_Bottom.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "f7-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 247
GET H/1.1	200 OK	alertIcon.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	754 B 754 B	663ms 228ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/alertIcon.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "2f2-4ab623473ed80" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 754
GET H/1.1	200 OK	EntrustLogo.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	2 KB 2 KB	443ms 236ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/EntrustLogo.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "963-4ab623473ed80" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2403
GET H/1.1	200 OK	PSALogo.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	448 B 448 B	658ms 228ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/PSALogo.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 04a07a2d47ac28097936104995b996bd289c14e99783ecc2e9f880a36b5f877f Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "1c0-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 448
GET H/1.1	200 OK	AskOnceLogo.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	2 KB 2 KB	435ms 232ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/AskOnceLogo.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash 3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77 Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:22 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "770-4ab623473ed80" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1904
GET H/1.1	200 OK	NedbankFooterLogo.gif www.theta.com.tw/sem/nps.nce/net_secured/images/	2 KB 2 KB	431ms 228ms	Image image/gif	125.227.250.232 HINET Data Commun...
General Check archive.org Show headers Download Go to Show image Full URL http://www.theta.com.tw/sem/nps.nce/net_secured/images/NedbankFooterLogo.gif Requested by Host: www.theta.com.tw URL: http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php Protocol HTTP/1.1 Server 125.227.250.232 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW), Reverse DNS 125-227-250-232.HINET-IP.hinet.net Software Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 / Resource Hash fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d Request headers Referer http://www.theta.com.tw/sem/nps.nce/net_secured/pero.php User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36 Response headers Date Tue, 12 Sep 2017 12:16:05 GMT Last-Modified Fri, 26 Aug 2011 05:56:24 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.5.38 ETag "8bc-4ab6234927200" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2236
GET		Welcome.htm netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/ Frame 3246	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

netbank.nedsecure.co.za

URL

https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/Welcome.htm

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nedbank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			netbank.nedsecure.co.za/	1970-01-01 00:00:00	Name: TS01d73912 Value: 01db7de33707a905ae88128a7ff270978b6f049aa7c3b18e7d41023a5c946e0df95416712bbf91f48dc7a9924c307942319403b1cb
			netbank.nedsecure.co.za/	1970-01-01 00:00:00	Name: BIGipServer~partition_so-retail~poolprd_nbr-ie-nedbank_11001 Value: 3875608748.63786.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

icproxy.googlecode.com
netbank.nedsecure.co.za
www.theta.com.tw
netbank.nedsecure.co.za
125.227.250.232
2a00:1450:400c:c0b::52
04a07a2d47ac28097936104995b996bd289c14e99783ecc2e9f880a36b5f877f
1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c
1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046
2f69b28906e772f2f516d6ac5f718090837a394ee0a243db06d07bf5acdeeb79
3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77
43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf
45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979
4e5bd28ed60824f9586df04409d3eecaf7fdf26497b4cdd0e73a3031c6a9bf8a
5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4
5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e
6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917
811a0d96cb6b717ef578136f7097d43de2a459f727ca760626e5cefa5eff59c3
829daa1e158b231d119d7dbc6a08de4ca80dc144454cf73b2b055da6e7df45c3
87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6
89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86
9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050
9fc2bcc53ce9d841065b36e1cdf26e9da500f15239e239b2031922631c67321d
a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70
b997ea8d14e5a77db2e848dd7d936034757d606a62edb920a109d738966a87eb
bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc
d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2
fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d