24-7.co.za Open in urlscan Pro
197.242.144.34 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://24-7.co.za/sax/ned/index.htm
Submission: On August 21 via automatic, source phishtank (August 21st 2017, 11:28:17 am UTC)

Summary HTTP 38 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 38 HTTP transactions. The main IP is 197.242.144.34, located in South Africa and belongs to Afrihost, ZA. The main domain is 24-7.co.za.

This is the only time 24-7.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nedbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
16	197.242.144.34 197.242.144.34	37611 (Afrihost) (Afrihost)
21	168.142.204.33 168.142.204.33	3741 (IS) (IS)
1	176.34.227.159 176.34.227.159	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
38	3

16 197.242.144.34 (South Africa)

ASN37611 (Afrihost, ZA)
PTR: yamcha.aserv.co.za

24-7.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 168.142.204.33 (Johannesburg, South Africa)

ASN3741 (IS, ZA)

netbank.nedsecure.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.227.159 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-227-159.eu-west-1.compute.amazonaws.com

www.splash-screen.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	nedsecure.co.za netbank.nedsecure.co.za	95 KB
16	24-7.co.za 24-7.co.za	17 KB
1	splash-screen.net www.splash-screen.net	177 B
38	3

	Domain	Requested by
21	netbank.nedsecure.co.za	24-7.co.za
16	24-7.co.za	24-7.co.za
1	www.splash-screen.net	24-7.co.za
38	3

This site contains links to these domains. Also see Links.

Domain
netbank.nedsecure.co.za
www.nedbank.co.za
www.netbankdemo.co.za
nedbankonlinetrading.nedsecure.co.za
myfinanciallife.nedsecure.co.za
www.entrust.net

Subject Issuer	Validity	Valid
netbank.nedsecure.co.za Entrust Certification Authority - L1M	`2016-10-25` - `2018-10-25`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://24-7.co.za/sax/ned/index.htm
Frame ID: 14419.1
Requests: 37 HTTP requests in this frame

Frame: http://24-7.co.za/sax/ned/html/Welcome.htm
Frame ID: 14419.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

38
Requests

55 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

112 kB
Transfer

170 kB
Size

1
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://netbank.nedsecure.co.za/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/website/content/promotions/index_detail.asp?PromoID=529
Title: Online Security

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/website/content/forms/Formsdetails.asp?FormsId=661
Title: Apply

Search URL Search Domain Scan URL

URL: http://www.netbankdemo.co.za/Netbank2012Rel1/
Title: NetBank Demo

Search URL Search Domain Scan URL

URL: http://www.netbankdemo.co.za/NetbankRel12011/Netbank%20UserGuide/main_menu.html
Title: NetBank User Guide

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/website/content/promotions/index_detail.asp?PromoID=528
Title: More About NetBank

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/website/content/forms/form.asp?FormsId=68&Location=&FormLocation=
Title: Talk to Us

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/personalmoneymanager/
Title: Personal Money Manager

Search URL Search Domain Scan URL

URL: https://nedbankonlinetrading.nedsecure.co.za/Home.aspx
Title: Online Share Trading

Search URL Search Domain Scan URL

URL: http://www.netbankdemo.co.za/NetbankRel12011/DOCS/ELECTRONIC%20BANKING%20SERVICES%20TERMS%20AND%20CONDITIONS.pdf
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.netbankdemo.co.za/NetbankRel12011/DOCS/internet%20banking%202011FAQs.pdf
Title: FAQ

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/rapport/
Title: Trusteer Rapport Security

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/improved_nedbanking/index.asp

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/nedbank_app/index_app.asp

Search URL Search Domain Scan URL

URL: https://myfinanciallife.nedsecure.co.za/

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile.cfm?domain=netbank.nedsecure.co.za
Title: Click here

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/bfc/
Title: Fees

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/askonce/askonce.asp

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/
Title: Home

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/legal/index.asp
Title: Legal Requirements

Search URL Search Domain Scan URL

URL: http://www.nedbank.co.za/website/content/home/glossary.asp
Title: Glossary

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.htm Show response
24-7.co.za/sax/ned/ 69 KB
16 KB 367ms
185ms Document
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

f6bd6d224ef862487262fe474061587aff2f9a259792db65223e0bfcbc7af1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: public
Date: Mon, 21 Aug 2017 11:28:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 08 Apr 2013 21:07:36 GMT
Server: nginx
ETag: W/"112b4-4d9dfd37d9600"
X-Cache-Status: HIT
Vary: Accept-Encoding, Accept-Encoding,User-Agent, Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=1, public
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Mon, 21 Aug 2017 11:28:04 GMT

GET
H/1.1 200
OK info.css
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/ 2 KB
553 B 1361ms
195ms Stylesheet
text/css 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/info.css?version=3.7.0013.0
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: f59b7978885e1ce59874d8b42ecdeeaf96eaecbe4eaa3299748805ec6c8cc5bb

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2013 14:32:18 GMT
X-Powered-By: ASP.NET
ETag: "045e9acfccfce1:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=7200, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 553
Expires: Mon, 21 Aug 2017 13:28:04 GMT

GET
H/1.1 200
OK main.css
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/ 5 KB
1 KB 1361ms
196ms Stylesheet
text/css 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/main.css?version=3.7.0013.0
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 5f5077cb7cdffe7e22862fbe4b9594099092cf655df8d7df889fcb0a2d8e0fe8

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Oct 2013 14:32:18 GMT
X-Powered-By: ASP.NET
ETag: "045e9acfccfce1:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=7200, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1154
Expires: Mon, 21 Aug 2017 13:28:04 GMT

GET
H/1.1 404
Not Found jquery-ui-1.8.16.custom.css
24-7.co.za/App_Themes/NedbankTheme/ 0
0 1564ms
1383ms Stylesheet
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/App_Themes/NedbankTheme/jquery-ui-1.8.16.custom.css?version=3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found Nedbank.css
24-7.co.za/App_Themes/NedbankTheme/ 0
0 1499ms
1316ms Stylesheet
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/App_Themes/NedbankTheme/Nedbank.css?version=3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found jquery.min.js
24-7.co.za/Browser/Brands/Nedbank/Logon/jQuery/ 0
0 1557ms
1374ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Brands/Nedbank/Logon/jQuery/jquery.min.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found JQuery.js
24-7.co.za/Browser/Common/SDK/Scripts/Common/ 0
0 1557ms
1374ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/SDK/Scripts/Common/JQuery.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found jquery-ui.min.js
24-7.co.za/Browser/Common/SDK/Scripts/Common/ 0
0 1570ms
1381ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/SDK/Scripts/Common/jquery-ui.min.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found USSDDialog.js
24-7.co.za/Browser/Common/Scripts/USSDAuth/ 0
0 1571ms
1381ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/Scripts/USSDAuth/USSDDialog.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found USSDPolling.js
24-7.co.za/Browser/Common/Scripts/USSDAuth/ 0
0 1687ms
188ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/Scripts/USSDAuth/USSDPolling.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found MyFinancialLife.js
24-7.co.za/Browser/Common/Scripts/MyFinancialLife/ 0
0 1756ms
199ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/Scripts/MyFinancialLife/MyFinancialLife.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK NedbankLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 2 KB
2 KB 189ms
188ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/NedbankLogo.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 811a0d96cb6b717ef578136f7097d43de2a459f727ca760626e5cefa5eff59c3

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 2352
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK menu_shadow_left.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 405 B
405 B 188ms
187ms Image
image/jpeg 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/menu_shadow_left.jpg
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Last-Modified: Wed, 23 Oct 2013 14:29:54 GMT
X-Powered-By: ASP.NET
ETag: "09d1457fccfce1:0"
Content-Type: image/jpeg
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 405
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK arrow_down.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 56 B
56 B 375ms
187ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/arrow_down.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 56
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK arrow.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 56 B
56 B 376ms
187ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/arrow.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 56
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK Login_Top.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 230 B
230 B 565ms
194ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Login_Top.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 230
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK Promo_Left.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 195 B
195 B 562ms
187ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Left.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 195
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK lock.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 587 B
587 B 375ms
187ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/lock.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 587
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK logonButton.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 2 KB
2 KB 560ms
190ms Image
image/jpeg 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/logonButton.jpg
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:29:54 GMT
X-Powered-By: ASP.NET
ETag: "09d1457fccfce1:0"
Content-Type: image/jpeg
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 2194
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK Promo_Right.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 197 B
197 B 373ms
190ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Right.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 197
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK Login_Bottom.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 233 B
233 B 380ms
198ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Login_Bottom.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 233
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK Promo_Top.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 244 B
244 B 189ms
189ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Top.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 244
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK banner_1.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 40 KB
40 KB 188ms
188ms Image
image/jpeg 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/banner_1.jpg
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: c4710f862b06ce2fa554b66f9a0d1fb61f89fa8d3afbdcc5b6ffc0f386b80e74

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Tue, 24 May 2016 09:03:12 GMT
X-Powered-By: ASP.NET
ETag: "0c854199bb5d11:0"
Content-Type: image/jpeg
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 40878
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 404
Not Found banner_2.jpg
24-7.co.za/sax/ned/images/ 404 B
0 190ms
190ms Image
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://24-7.co.za/sax/ned/images/banner_2.jpg

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

b81b1e0dba8b7d830e6eb62cc52c6ba18d76f308dadb16af8906534853e28245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK banner_3.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 39 KB
39 KB 561ms
560ms Image
image/jpeg 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/banner_3.jpg
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 0167df051de262477bacd5db85160f22bb9f66a31b699a1b0271a382c60c2e33

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Sun, 16 Oct 2016 09:49:26 GMT
X-Powered-By: ASP.NET
ETag: "057a9949227d21:0"
Content-Type: image/jpeg
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 39494
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK Promo_Bottom.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 247 B
247 B 188ms
188ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Bottom.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 247
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK alertIcon.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 754 B
754 B 188ms
188ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/alertIcon.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 754
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK EntrustLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 2 KB
2 KB 187ms
187ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/EntrustLogo.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 2403
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK PSALogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 448 B
448 B 187ms
187ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/PSALogo.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 04a07a2d47ac28097936104995b996bd289c14e99783ecc2e9f880a36b5f877f

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:29:54 GMT
X-Powered-By: ASP.NET
ETag: "09d1457fccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 448
Expires: Mon, 21 Aug 2017 13:28:05 GMT

GET
H/1.1 200
OK AskOnceLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 2 KB
2 KB 188ms
188ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/AskOnceLogo.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: 3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 1904
Expires: Mon, 21 Aug 2017 13:28:06 GMT

GET
H/1.1 200
OK NedbankFooterLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ 2 KB
2 KB 188ms
188ms Image
image/gif 168.142.204.33
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/NedbankFooterLogo.gif
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.33 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: / ASP.NET
Resource Hash: fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Last-Modified: Wed, 23 Oct 2013 14:32:20 GMT
X-Powered-By: ASP.NET
ETag: "0721aaefccfce1:0"
Content-Type: image/gif
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
Content-Length: 2236
Expires: Mon, 21 Aug 2017 13:28:06 GMT

GET
H/1.1 404
Not Found JQuery.js
24-7.co.za/Browser/Common/SDK/Scripts/Common/ 0
0 190ms
190ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/SDK/Scripts/Common/JQuery.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found jquery-ui.min.js
24-7.co.za/Browser/Common/SDK/Scripts/Common/ 0
0 190ms
190ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/SDK/Scripts/Common/jquery-ui.min.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found USSDDialog.js
24-7.co.za/Browser/Common/Scripts/USSDAuth/ 0
0 189ms
189ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/Scripts/USSDAuth/USSDDialog.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found USSDPolling.js
24-7.co.za/Browser/Common/Scripts/USSDAuth/ 0
0 191ms
191ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/Scripts/USSDAuth/USSDPolling.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found MyFinancialLife.js
24-7.co.za/Browser/Common/Scripts/MyFinancialLife/ 0
0 189ms
189ms Script
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/Browser/Common/Scripts/MyFinancialLife/MyFinancialLife.js?3.7.0013.0

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 500
Internal Server Error Welcome.htm Show response
24-7.co.za/sax/ned/html/ Frame 1441 353 B
365 B 427ms
427ms Document
text/html 197.242.144.34
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://24-7.co.za/sax/ned/html/Welcome.htm

Requested by

Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm

Protocol

HTTP/1.1

Server

197.242.144.34 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

yamcha.aserv.co.za

Software

nginx /

Resource Hash

ea9fb8a018aebebfcd20c9093a9e5d623f29c910008b562b11fcbb924d61c740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 11:28:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
Ok rapi.js Show response
www.splash-screen.net/71524/ 177 B
177 B 463ms
30ms Script
application/x-javascript 176.34.227.159
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://www.splash-screen.net/71524/rapi.js?f=rHarvest
Requested by: Host: 24-7.co.za
URL: http://24-7.co.za/sax/ned/index.htm
Protocol: HTTP/1.1
Server: 176.34.227.159 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-227-159.eu-west-1.compute.amazonaws.com
Software: haile /
Resource Hash: 6e84a128818fd3a5940c3c9eefd0039c7e11dea6101746f5f0357456cf5f0b0c

Request headers

Referer: http://24-7.co.za/sax/ned/index.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2017 11:28:06 GMT
Server: haile
PICS-Label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 177
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nedbank (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			24-7.co.za/	1970-01-01 00:00:00	Name: a21d0accfed84c406a5544efa6754d66 Value: 7e5debb464d152d36dcdf4c132c5b441

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24-7.co.za
netbank.nedsecure.co.za
www.splash-screen.net
168.142.204.33
176.34.227.159
197.242.144.34
0167df051de262477bacd5db85160f22bb9f66a31b699a1b0271a382c60c2e33
04a07a2d47ac28097936104995b996bd289c14e99783ecc2e9f880a36b5f877f
1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c
1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046
3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77
43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf
45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979
5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4
5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e
5f5077cb7cdffe7e22862fbe4b9594099092cf655df8d7df889fcb0a2d8e0fe8
6e84a128818fd3a5940c3c9eefd0039c7e11dea6101746f5f0357456cf5f0b0c
6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917
811a0d96cb6b717ef578136f7097d43de2a459f727ca760626e5cefa5eff59c3
87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6
89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86
9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050
a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70
b81b1e0dba8b7d830e6eb62cc52c6ba18d76f308dadb16af8906534853e28245
bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc
c4710f862b06ce2fa554b66f9a0d1fb61f89fa8d3afbdcc5b6ffc0f386b80e74
d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2
ea9fb8a018aebebfcd20c9093a9e5d623f29c910008b562b11fcbb924d61c740
f59b7978885e1ce59874d8b42ecdeeaf96eaecbe4eaa3299748805ec6c8cc5bb
f6bd6d224ef862487262fe474061587aff2f9a259792db65223e0bfcbc7af1e7
fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d

24-7.co.za Open in urlscan Pro 197.242.144.34 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

38 Requests

55 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

112 kBTransfer

170 kBSize

1 Cookies

21 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

24-7.co.za Open in urlscan Pro
197.242.144.34 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

55 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

112 kB
Transfer

170 kB
Size

1
Cookies

38 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!