nedbank.pay-secure.gq Open in urlscan Pro
2606:4700:3035::ac43:c9c3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nedbank.pay-secure.gq/code.html
Effective URL:
https://nedbank.pay-secure.gq/code.html
Submission: On October 22 via manual (October 22nd 2022, 9:07:17 pm UTC) from ZA — Scanned from DE

Summary HTTP 61 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 9 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3035::ac43:c9c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is nedbank.pay-secure.gq.
TLS certificate: Issued by E1 on October 6th 2022. Valid for: 3 months.

This is the only time nedbank.pay-secure.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nedbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 11	2606:4700:303... 2606:4700:3035::ac43:c9c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	99.86.1.159 99.86.1.159	16509 (AMAZON-02) (AMAZON-02)
1	143.204.214.41 143.204.214.41	16509 (AMAZON-02) (AMAZON-02)
19	168.142.204.82 168.142.204.82	3741 (IS) (IS)
9	168.142.204.15 168.142.204.15	3741 (IS) (IS)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	54.76.60.98 54.76.60.98	16509 (AMAZON-02) (AMAZON-02)
2	18.203.13.19 18.203.13.19	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	52.212.190.143 52.212.190.143	16509 (AMAZON-02) (AMAZON-02)
61	13

11 2606:4700:3035::ac43:c9c3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nedbank.pay-secure.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14ca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.1.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-159.fra6.r.cloudfront.net

d3rnm236tp90vs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-41.fra53.r.cloudfront.net

d21ctq9anmk97c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 168.142.204.82 (Johannesburg, South Africa)

ASN3741 (IS, ZA)

secured.nedbank.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 168.142.204.15 (Johannesburg, South Africa)

ASN3741 (IS, ZA)

www.nedbank.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.60.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-60-98.eu-west-1.compute.amazonaws.com

nedbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.13.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-13-19.eu-west-1.compute.amazonaws.com

wa.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

nedbank.d3.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.190.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-190-143.eu-west-1.compute.amazonaws.com

wa.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	nedbank.co.za secured.nedbank.co.za www.nedbank.co.za — Cisco Umbrella Rank: 557474	2 MB
11	pay-secure.gq 1 redirects nedbank.pay-secure.gq	33 KB
3	cloudfront.net d3rnm236tp90vs.cloudfront.net d21ctq9anmk97c.cloudfront.net	61 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 490	71 KB
2	omtrdc.net nedbank.d3.sc.omtrdc.net	471 B
2	onelink.me wa.onelink.me — Cisco Umbrella Rank: 9586	831 B
2	demdex.net nedbank.demdex.net dpm.demdex.net — Cisco Umbrella Rank: 214	5 KB
2	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 5075 wa.appsflyer.com — Cisco Umbrella Rank: 6622	10 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306	31 KB
61	9

	Domain	Requested by
19	secured.nedbank.co.za	nedbank.pay-secure.gq secured.nedbank.co.za
11	nedbank.pay-secure.gq	1 redirects nedbank.pay-secure.gq
9	www.nedbank.co.za	nedbank.pay-secure.gq
3	assets.adobedtm.com	nedbank.pay-secure.gq
2	nedbank.d3.sc.omtrdc.net	assets.adobedtm.com nedbank.pay-secure.gq
2	wa.onelink.me	websdk.appsflyer.com
2	d3rnm236tp90vs.cloudfront.net	nedbank.pay-secure.gq d3rnm236tp90vs.cloudfront.net
1	wa.appsflyer.com	websdk.appsflyer.com
1	dpm.demdex.net	assets.adobedtm.com
1	nedbank.demdex.net	nedbank.pay-secure.gq
1	ajax.googleapis.com	nedbank.pay-secure.gq
1	d21ctq9anmk97c.cloudfront.net	nedbank.pay-secure.gq
1	websdk.appsflyer.com	nedbank.pay-secure.gq
61	13

This site contains links to these domains. Also see Links.

Domain
personal.nedbank.co.za
www.nedbank.co.za
www.avo.africa
www.entrust.net
onlinesharetrading.nedbank.co.za
play.google.com
itunes.apple.com
appgallery5.huawei.com

Subject Issuer	Validity	Valid
*.pay-secure.gq E1	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-22` - `2023-09-24`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
secured.nedbank.co.za Entrust Certification Authority - L1M	`2022-09-05` - `2023-10-04`	a year	crt.sh
*.nedbank.co.za Entrust Certification Authority - L1K	`2022-10-10` - `2023-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.onelink.me Amazon	`2022-03-06` - `2023-04-04`	a year	crt.sh
*.d3.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.appsflyersdk.com Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://nedbank.pay-secure.gq/code.html
Frame ID: ECA236BCCA85E136B66C81F08F5B27D6
Requests: 60 HTTP requests in this frame

Frame: https://nedbank.demdex.net/dest5.html?d_nsid=0
Frame ID: 233B2BB8FC436519106B0C95F1DE68EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Banking

Page URL History Show full URLs

http://nedbank.pay-secure.gq/code.html HTTP 301
https://nedbank.pay-secure.gq/code.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

87 %
HTTPS

33 %
IPv6

9
Domains

13
Subdomains

13
IPs

5
Countries

2077 kB
Transfer

2974 kB
Size

10
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://personal.nedbank.co.za/bank/ways-to-bank-and-pay/google-wallet.html?cmpid=DIS_RnqMV
Title: Add your card to Google Wallet™ and pay using Google Pay™. Find out more

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal/nedbank-money/nedbank-online-banking.html?cmpid=dis:onb:com:ob_register::ned
Title: Enjoy the convenience of Online Banking. Have you registered yet?... Find out more

Search URL Search Domain Scan URL

URL: https://personal.nedbank.co.za/bank/ways-to-bank-and-pay/bill-payments.html?cmpid=MA_qV6lM
Title: New feature: Don’t miss out on rewards by using Bill Payments. Find out more

Search URL Search Domain Scan URL

URL: https://personal.nedbank.co.za/borrow/solar-finance.html?cmpid=DIS_DGRs7
Title: Keep the lights on with Nedbank Solar Finance, powered by MFC. Find out more

Search URL Search Domain Scan URL

URL: https://personal.nedbank.co.za/promotions/cash-back.html?cmpid=DIS_KqEkK
Title: Get more cash back when you shop. Find out more

Search URL Search Domain Scan URL

URL: https://personal.nedbank.co.za/promotions/visa-promotion.html?cmpid=DIS_fwcXQ
Title: Win a trip for two to the FIFA World Cup™, thanks to Visa. Find out more

Search URL Search Domain Scan URL

URL: https://personal.nedbank.co.za/promotions/personal-loan-savvy-account-cashback.html?cmpid=DIS_34d44
Title: Get R200 cash back every month. T&Cs apply. Find out more

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/nedbank-insurance/desktop/gt/en/personal/funeral/nedbankinsuranceplan.html?cmpid=MA_J6b6r
Title: Get R30 000 funeral cover for only R3 a day. Find out more

Search URL Search Domain Scan URL

URL: https://www.avo.africa/
Title: Shop for everything, everywhere, in one go on Avo SuperShop. Find out more

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile.cfm?domain=secured.nedbank.co.za

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/aboutus/legal/fraud-awareness/How-to-stay-safe-while-banking-online.html
Title: Learn more →

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/aboutus/legal/fraud-awareness.html
Title: Fraud awareness

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal/tools-and-guidance/verify-payment.html
Title: Verify payments

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal/accessibility-main/accessibility.html
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://onlinesharetrading.nedbank.co.za/#/overview
Title: Online share trading

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/aboutus/legal/PrivacyNotice.html
Title: Privacy notice

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/dam/nedbank/site-assets/AboutUs/Legal/PAIA/PAIA_Manual_October_2019_Final.pdf
Title: PAIA

Search URL Search Domain Scan URL

URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal/nedbank-money.html
Title: Nedbank Money app

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=za.co.nedbank

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/nedbank-money/id1260981758?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://appgallery5.huawei.com/#/app/C101769191

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nedbank.pay-secure.gq/code.html HTTP 301
https://nedbank.pay-secure.gq/code.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request code.html Show response
nedbank.pay-secure.gq/
Redirect Chain

http://nedbank.pay-secure.gq/code.html
https://nedbank.pay-secure.gq/code.html

289 KB
31 KB

443ms
385ms

Document
text/html

2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nedbank.pay-secure.gq/code.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b87521359938f63ee4dc2ddbc1cdda2e9e70de226950a1cc085d8ba6999e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75e5336eac709156-FRA
content-encoding: br
content-type: text/html
date: Sat, 22 Oct 2022 21:07:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWFOOuNaXe2h7XN8KbQATf5eMcK5GUz4cSYIx7SJdnKR%2FEDTGEV%2BzlXvwMlxPL%2BHrMsevghvTZh27LWXr6yf7rZ5eLfq1498VbhME16yzFi%2FtxiJkJOsE3p8LWwfVqxNhVBz0%2FOagnQzUFrQUFpNXiCiwOY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 75e5336ceb35bba4-FRA
Connection: keep-alive
Content-Type: text/html
Date: Sat, 22 Oct 2022 21:07:09 GMT
Location: https://nedbank.pay-secure.gq:443/code.html
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4APNCIesuJErxvcCsjBE9c2f1vJNnOGHydxGTctez52N9RRG430THzLEcEDa1xwjfVr0UrW4IFp4EYemePEfXTyEAJMRze37VUIQU9XEYjPZhYU15K7z389jvwCq%2Bj5WylVSdIMRkxjB4%2BMPp1CXoFX4Co4%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 34 KB
10 KB 106ms
18ms Script
application/javascript 2a02:26f0:3500:11::215:14ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14ca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0828d80f1e2542b247915dbafaa268fcdd6f5c4ce4d6e57eccc0d37916752e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Apr 2022 08:41:43 GMT
Server: AmazonS3
x-amz-request-id: 2J59XASVB5765S0J
ETag: "cc82ca2a69eac2386ea395ea1e0ad0f6"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2375
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9575
x-amz-id-2: /apMVbXWSTtqXjQWlRf3witCgELHpxBuaSdgr85oVV6gQR9cVwF9Hw7j56vLmntu/nU9sj+T/gA=
Expires: Sat, 22 Oct 2022 21:46:44 GMT

GET
H2 200 launch-1bbd76e19c63.min.js Show response
assets.adobedtm.com/6422e0f550a2/567d03ce12ec/ 212 KB
57 KB 96ms
18ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/6422e0f550a2/567d03ce12ec/launch-1bbd76e19c63.min.js
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 281c360431a2d1baa9c533a4b69b599a15dceeed26b52cee21ec37da4365fe9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:09 GMT
content-encoding: gzip
last-modified: Wed, 05 Oct 2022 09:01:13 GMT
server: AkamaiNetStorage
etag: "517e105af150e18167b6f85cb948f1c6:1664960473.806653"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://nedbank.pay-secure.gq
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 57676
expires: Sat, 22 Oct 2022 22:07:09 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 79ms
16ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://nedbank.pay-secure.gq
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Sat, 22 Oct 2022 22:07:09 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 3 KB
2 KB 81ms
18ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:09 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "2d1382c349d480b6b41574ac0c1af066:1644856531.739514"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://nedbank.pay-secure.gq
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Sat, 22 Oct 2022 22:07:09 GMT

GET
H2 200 pqwct.js Show response
d3rnm236tp90vs.cloudfront.net/623923/ 66 KB
30 KB 162ms
93ms Script
application/x-javascript 99.86.1.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3rnm236tp90vs.cloudfront.net/623923/pqwct.js?r=0.8414701165661342

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.1.159 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-1-159.fra6.r.cloudfront.net

Software

haile /

Resource Hash

2320bae1e8e83c488651b7481eeb327d3f26992d119182952d984e5aafe01a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:10 GMT
strict-transport-security: max-age=86400
content-encoding: gzip
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
pragma: no-cache
server: haile
vary: Origin
access-control-allow-methods: GET, OPTIONS
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: hccnWBtJnUWKrqEX7saqi7nEBllHGYuywcFWZHp-80xQWliPpY_JFg==
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H2 200 load.js Show response
d21ctq9anmk97c.cloudfront.net/623923/ 68 KB
30 KB 216ms
111ms Script
application/x-javascript 143.204.214.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d21ctq9anmk97c.cloudfront.net/623923/load.js?dt=login&r=0.489887385589443

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.214.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-214-41.fra53.r.cloudfront.net

Software

haile /

Resource Hash

bd7034bbe7767aafcd452d005ea9e244853cc0e8f9abe66779a79749461e1a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 21:07:10 GMT
strict-transport-security: max-age=86400
content-encoding: gzip
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
server: haile
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: m21bQXRCDXr6PyPbqTGGfLA3M0E_wtCecyyn3OXVhL2a00g85brHqA==
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

GET
H/1.1 200
OK styles.7c2e2e301c8ce5e3.css
secured.nedbank.co.za/ 139 KB
23 KB 1265ms
418ms Stylesheet
text/css 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to

Full URL

https://secured.nedbank.co.za/styles.7c2e2e301c8ce5e3.css

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

443642c333c1aa7677d4217d443909557a7964858b959c5ef3b438f11874c5ee

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 22516
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 08:04:32 GMT
ETag: "0e86397a3dfd81:0"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK NedbankIcon.svg
secured.nedbank.co.za/assets/svg/ 1 KB
1 KB 1058ms
212ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/NedbankIcon.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

f7baf6fab8ed8563ffcf45e566735dc4adf36fd5243d0c2ffdf472905bc7e018

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 559
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:18 GMT
ETag: "04f3bdca2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK cross-Black-small.svg
secured.nedbank.co.za/assets/svg/ 816 B
1 KB 1059ms
212ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/cross-Black-small.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

1e18760ed18470f264f73c2984ea3b302a190cb29d0fe64faeb018df4860355b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 318
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:30 GMT
ETag: "05d62e3a2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK outdated-browser.svg
secured.nedbank.co.za/assets/svg/ 49 KB
15 KB 1268ms
420ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/outdated-browser.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

d4c4f3bcdff08509878d55ff3e067e99aa3ee36d01a9f6dab3d5dbfb6c926c83

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:09 GMT
Content-Length: 14952
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 08:00:16 GMT
ETag: "068cdfea2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK Error_Orange.svg
secured.nedbank.co.za/assets/svg/ 933 B
1 KB 1060ms
212ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/Error_Orange.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:09 GMT
Content-Length: 431
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:16 GMT
ETag: "022adba2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK NedbankExperience.svg
secured.nedbank.co.za/assets/svg/ 12 KB
4 KB 1061ms
213ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/NedbankExperience.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

3bf07d30c5c5867acf6a3ec763086a9c3d1ea5c7e6783c1550e1309c67e59bf3

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 3453
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:18 GMT
ETag: "04f3bdca2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK login-fast.svg
secured.nedbank.co.za/assets/svg/ 5 KB
3 KB 213ms
211ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/login-fast.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

e79680516f7aebb8535d875afb21b608dc955fa48f3084502858ea7513ba547c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 2008
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:44 GMT
ETag: "098baeba2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK login-easy.svg
secured.nedbank.co.za/assets/svg/ 4 KB
2 KB 212ms
210ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/login-easy.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

9731178a65895ad7a2835bb97c7d3e1fbb030448ce0af77fad66d45559beee0d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 1458
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:44 GMT
ETag: "098baeba2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK login-secure.svg
secured.nedbank.co.za/assets/svg/ 5 KB
2 KB 212ms
211ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/login-secure.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

5c6c8d8c0e52c66587d5f15d69de975d84894fc26afc864cd7b3eebde68b426c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 1571
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:44 GMT
ETag: "098baeba2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H2 404 FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
nedbank.pay-secure.gq/ 0
0 403ms
402ms Font
text/html 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nedbank.pay-secure.gq/FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nedbank.pay-secure.gq/code.html
Origin: https://nedbank.pay-secure.gq
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMWiU%2FuCCOaeabhs346XoZQ4AVGV5d7Izxq7N%2F%2FoRZXq%2FRp0Evn264VuuUaG8lWhKIuGQRZwQonhjPpLRGI7n0fZMZXMQPY%2FhpmYKtgD11gSmC6KH0tMqEuSYxSojfj3cUfbttbeoAat5AIPFpswiJmxLCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 75e53372fefc9156-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK Google_Wallet_PrivateClients_appTile.jpg
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 64 KB
65 KB 1387ms
384ms Image
image/jpeg 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/Google_Wallet_PrivateClients_appTile.jpg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: 66cdee716767ca9e1f894ba70d7250a709ce44ae7d3eddd3c6f9f7f9faf513a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:10 GMT
Last-Modified: Mon, 26 Sep 2022 07:01:39 GMT
ETag: "8b219ed375d1d81:0"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1895654357"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK OB_register_appTile2.jpg
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 211 KB
212 KB 1473ms
406ms Image
image/jpeg 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/OB_register_appTile2.jpg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: bbcc325054b5b9d75f208f6f93d28b69a67070a58aad5ca8dbd6c932bc2bc9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:10 GMT
Last-Modified: Wed, 01 Jun 2022 19:09:52 GMT
ETag: "c563f82beb75d81:0"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1943563713"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK Bill_Payments_appTile1.jpg
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 55 KB
56 KB 1441ms
421ms Image
image/jpeg 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/Bill_Payments_appTile1.jpg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: d8d1980aafe6487ebe185f03149f7dafceba1acffebce650d58a2783534dfcea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:10 GMT
Last-Modified: Wed, 08 Jun 2022 17:51:23 GMT
ETag: "bd3ce85d607bd81:0"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Server-Timing: dtSInfo;desc="0", dtRpid;desc="2075398022"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK Solar_Finance_appTile1.jpg
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 237 KB
239 KB 1397ms
407ms Image
image/jpeg 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/Solar_Finance_appTile1.jpg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: 2faf9dd4f983809c9700b446478c89efb1db1fcdfa056001a2b4db359744b75a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:10 GMT
Last-Modified: Thu, 01 Sep 2022 10:09:39 GMT
ETag: "825968f2eabdd81:0"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Server-Timing: dtSInfo;desc="0", dtRpid;desc="733462071"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK T3_AMEX_appTile.jpg
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 124 KB
125 KB 1386ms
404ms Image
image/jpeg 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/T3_AMEX_appTile.jpg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: 3d4e079616c1282712f54894f27baea16d199615582cd948fa8a6588a82ab622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:10 GMT
Last-Modified: Thu, 08 Sep 2022 08:09:31 GMT
ETag: "4db2c9525ac3d81:0"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Server-Timing: dtSInfo;desc="0", dtRpid;desc="441070128"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK FIFA_22_appTile.jpg
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 259 KB
260 KB 612ms
387ms Image
image/jpeg 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/FIFA_22_appTile.jpg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: 52bbe8e308b21ca0939cbfbdc7bc71377740e6a23fd985f4493d0c0e4c846fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:10 GMT
Last-Modified: Fri, 05 Aug 2022 13:33:11 GMT
ETag: "2dadae8cfa8d81:0"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-1046940407"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK PL_Savvy_R200_appTile.png
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 398 KB
399 KB 191ms
191ms Image
image/png 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/PL_Savvy_R200_appTile.png
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: 588400a711842caa93c2dffd2996537ddab0c2fc53015492d0f8981a78439050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:11 GMT
Last-Modified: Thu, 29 Sep 2022 10:06:51 GMT
ETag: "d4afa531ebd3d81:0"
Transfer-Encoding: chunked
Content-Type: image/png
Server-Timing: dtSInfo;desc="0", dtRpid;desc="-703911950"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK Funeral_Cover_T2_appTile.jpg
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 249 KB
251 KB 209ms
209ms Image
image/jpeg 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/Funeral_Cover_T2_appTile.jpg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: e0813e671602c2c1ac9052c2d10432377770643e239ac6a6ff7f6fd9cf002c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:11 GMT
Last-Modified: Tue, 12 Jul 2022 10:40:09 GMT
ETag: "ae5a0c2db95d81:0"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1199337491"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK Avo_SuperShop_OBtile.jpg
www.nedbank.co.za/content/dam/NedbankMoney/globalcards/ 139 KB
140 KB 200ms
200ms Image
image/jpeg 168.142.204.15
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nedbank.co.za/content/dam/NedbankMoney/globalcards/Avo_SuperShop_OBtile.jpg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 168.142.204.15 Johannesburg, South Africa, ASN3741 (IS, ZA),
Reverse DNS
Software: /
Resource Hash: b83d1f07b93621fb7fbe1e29daf5487ff0bd78f6607213db56dacfbd3b11307c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 22 Oct 2022 21:07:11 GMT
Last-Modified: Wed, 21 Sep 2022 15:01:41 GMT
ETag: "7f2c6fecbcdd81:0"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1159237272"
Accept-Ranges: bytes
Connection: keep-alive

GET
H/1.1 200
OK entrust_site_seal_ssl.png
secured.nedbank.co.za/assets/png/ 18 KB
19 KB 209ms
209ms Image
image/png 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/png/entrust_site_seal_ssl.png

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:57:18 GMT
Date: Sat, 22 Oct 2022 21:07:10 GMT
ETag: "0c3b494a2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Content-Length: 18758
X-XSS-Protection: 1; mode=block
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK GooglePlay.svg
secured.nedbank.co.za/assets/svg/ 22 KB
5 KB 211ms
211ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/GooglePlay.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 4084
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:18 GMT
ETag: "04f3bdca2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK AppStoreBadge.svg
secured.nedbank.co.za/assets/svg/ 12 KB
5 KB 212ms
212ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/AppStoreBadge.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 3914
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:16 GMT
ETag: "022adba2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK HuaweiStoreBadge.svg
secured.nedbank.co.za/assets/svg/ 22 KB
7 KB 214ms
214ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/assets/svg/HuaweiStoreBadge.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

1ff2a8671111fb294acbd910e0ff757971eaeb4b381206de8ebabb38e259ca15

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 6548
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:59:18 GMT
ETag: "04f3bdca2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 163ms
43ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 19:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 19:38:33 GMT

GET
H3 200 form1.js Show response
nedbank.pay-secure.gq/modules/ 420 B
737 B 391ms
389ms Script
application/javascript 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nedbank.pay-secure.gq/modules/form1.js

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a5a4243d5deb812322c88585c60005996d2dad53a656ed6c07595d09c877b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/code.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:10 GMT
strict-transport-security: max-age=31536000;
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 22 Oct 2022 07:16:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"635398b4-1a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bp8Feus8hKvv756bonTMlbeqqDkfDinm%2FOCN8R2aCOHw%2BORsCkyoyI%2Fj9%2FqH3CIJbUON%2FgBF1fQiwPM97nuESYcplUWUbk8hl6XDnFbm%2BOKIduDsRcq9CQLFdYucWA9h71eZ4I7XanNka0UZ%2F981o%2BPFJqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 75e533734b18923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 FFMarkWebProRegular.69386de63644c744.ttf
nedbank.pay-secure.gq/ 0
0 439ms
438ms Font
text/html 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nedbank.pay-secure.gq/FFMarkWebProRegular.69386de63644c744.ttf
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nedbank.pay-secure.gq/code.html
Origin: https://nedbank.pay-secure.gq
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:10 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3n5YA%2FqJfpQZVlfnCkF93%2Bt1sJk5B7XQBvx%2BoO%2FEwyYKAjT9t5BMw2gQrmjIBaERmmqHFmVdvmz5Gmnd%2BcHuj7Ulf4VLxA8emdhZurgbg4YDrOMQfEWMe%2FhDZoF%2FkmfsVnoq9%2F7jbXmX0NYgSfGZHxuge2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 75e533758efe923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 FFMarkWebProRegular.3594b4997f3f4009.woff
nedbank.pay-secure.gq/ 0
0 396ms
395ms Font
text/html 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nedbank.pay-secure.gq/FFMarkWebProRegular.3594b4997f3f4009.woff
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nedbank.pay-secure.gq/code.html
Origin: https://nedbank.pay-secure.gq
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxgAMZfYLEuV1P7xoqB1sLG2XV3VpIEt2JLCG5gV7v%2FdJVAbnHW9lfORXxjxNTMOGSMBIpYGlKfkPZgq3CErb6E%2Fi2%2B2htmJkUlW8GeKOFkNNKA5eF0bvf0nZZlZFuEsVvsAmC8zqShRe6X5yoqjZZ%2FFzCE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 75e533784ba5923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 FFMarkWebProRegular.fb38458d0fa9adfc.woff2
nedbank.pay-secure.gq/ 0
0 399ms
399ms Font
text/html 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nedbank.pay-secure.gq/FFMarkWebProRegular.fb38458d0fa9adfc.woff2
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://nedbank.pay-secure.gq/code.html
Origin: https://nedbank.pay-secure.gq
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU5BBF7isL7V%2BpkJluOyNSxNJ8rF4yVyNkzM910EGYK9ec3hQYvnfJ9Ry9VDI3rJoplLqyWCoaSVSNO0D1k0WmorXCvgSZ9s%2B95Xj%2FH28ikc1t4QNSLqhA24xDXq%2FdevAa0RaFLnBPJyJIfVMs1SG0m8lZw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 75e5337acfc7923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK styles.7c2e2e301c8ce5e3.css
secured.nedbank.co.za/ 139 KB
23 KB 208ms
208ms Stylesheet
text/css 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to

Full URL

https://secured.nedbank.co.za/styles.7c2e2e301c8ce5e3.css

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

443642c333c1aa7677d4217d443909557a7964858b959c5ef3b438f11874c5ee

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 22516
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 08:04:32 GMT
ETag: "0e86397a3dfd81:0"
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK dest5.html Show response
nedbank.demdex.net/ Frame 233B 7 KB
3 KB 206ms
43ms Document
text/html 54.76.60.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nedbank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.60.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-60-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nedbank.pay-secure.gq/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v044-046e68452.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 795/jKr/Sfc=
content-encoding: gzip
date: Sat, 22 Oct 2022 21:07:11 GMT
last-modified: Mon, 17 Oct 2022 12:31:02 GMT
vary: accept-encoding

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 642 B
1 KB 180ms
41ms XHR
application/json 54.76.60.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5B5243A15589607E7F000101%40AdobeOrg&d_nsid=0&ts=1666472831195

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6422e0f550a2/567d03ce12ec/launch-1bbd76e19c63.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.60.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-60-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

aa5e522e1a7b02b00ebe839f3719f30b46e41d23792a597ca409d16d929a206a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nedbank.pay-secure.gq/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v044-03c2552b2.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: r05zfA4NSMo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://nedbank.pay-secure.gq
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 474
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK NedbankIcon.3cee39915afd52c3.svg
secured.nedbank.co.za/ 1 KB
1 KB 366ms
208ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/NedbankIcon.3cee39915afd52c3.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

f7baf6fab8ed8563ffcf45e566735dc4adf36fd5243d0c2ffdf472905bc7e018

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 559
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 07:58:22 GMT
ETag: "063dabaa2dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK icon-chat-thin.aecf4aeab466cacf.svg
secured.nedbank.co.za/ 736 B
1 KB 370ms
208ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/icon-chat-thin.aecf4aeab466cacf.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

d88fedad79f51cae5be17cd5ee16ea706978380791b34100beade1881a5974f4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 329
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 08:01:44 GMT
ETag: "0244133a3dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK location-blank-green.15740b1c831edc89.svg
secured.nedbank.co.za/ 1 KB
1 KB 374ms
207ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/location-blank-green.15740b1c831edc89.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

8fd778cf8be190de02f1a95bb0a3d1ba158c4041b109fa8ac002c245056e06dc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 471
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 08:02:18 GMT
ETag: "0218547a3dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK contact-blank-green.36dfab02d2901e0a.svg
secured.nedbank.co.za/ 1 KB
1 KB 373ms
207ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/contact-blank-green.36dfab02d2901e0a.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

b56bd2aeb39c48bb1732623689421c02c93461a6024a657124450d5664bbbb56

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 490
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 08:01:20 GMT
ETag: "08f324a3dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H/1.1 200
OK demo-icon.993a5c7bb466a7ea.svg
secured.nedbank.co.za/ 2 KB
2 KB 212ms
212ms Image
image/svg+xml 168.142.204.82
IS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secured.nedbank.co.za/demo-icon.993a5c7bb466a7ea.svg

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

168.142.204.82 Johannesburg, South Africa, ASN3741 (IS, ZA),

Reverse DNS

Software

Resource Hash

39b5f1c0f6f72d7ca3c3181749b646470718a5a8eca80ce13d0b63c15edb2e7c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net https://aweuw4.advanced-web-analytics.com blob:
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Sat, 22 Oct 2022 21:07:10 GMT
Content-Length: 648
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Fri, 14 Oct 2022 08:01:28 GMT
ETag: "0bcb729a3dfd81:0"
X-Frame-Options: DENY
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0

GET
H3 404 icon-tailarrow-right.fabeb0b09e6324c8.svg
nedbank.pay-secure.gq/ 239 B
239 B 377ms
377ms Image
text/html 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedbank.pay-secure.gq/icon-tailarrow-right.fabeb0b09e6324c8.svg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39c3f3a34b7b37ce5381250ecae1250377bd4a8a4afd1d5976fb7f0aac68b174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/code.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Ms2cDNuMsjU3%2BxK6xnUfGwYVVpmX6Bl5G1%2FLCzn30FkBMEp61cffHFFq9IgGK59bYJg62OyBnZCiBrKK7fThc5%2BrL%2BOO7pTh8L2liqUK2kAEa2%2BmxcB3ymMSraKjekayEFZVLfNFRYxZjjWpBUBIOUtDhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 75e5337b1851923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 chevron.622175d3bf669705.svg
nedbank.pay-secure.gq/ 226 B
226 B 389ms
389ms Image
text/html 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedbank.pay-secure.gq/chevron.622175d3bf669705.svg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 940463392d08bd335260dd336a9f25ba7377066c485c4591f190c5a8aa553313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/code.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EG4lK2hAjQfDH496gVZ8BFCOSMg%2FSpdL3nn%2FweoOkmXyiGj7K%2BVhdDpD%2B%2BETx0UHyie%2F%2FNkB75GYqseFj9FPbUljlp0Fzz1tTU8KtZ1K3BzPOCIF54nESgrEqbJ9LI5eP4CiTvR9PweJkqvlF8B%2FduGIMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 75e5337b1853923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 Arrow.863bd05819ce952f.svg
nedbank.pay-secure.gq/ 224 B
224 B 412ms
412ms Image
text/html 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedbank.pay-secure.gq/Arrow.863bd05819ce952f.svg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5890a7bf39ba2a022ba9612c0a3c8356f36acfac4e32a5bfda52c800391ee984

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/code.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNMrTwAlqu2kvouR14twxNQjjedVIE40v7wnH97Vu6cJM5s%2B42BhJp0%2F5vB%2BhLkFOCHOa3Wa%2BfjCGeDdsXGUp4iJI6nkqS6RvZbmortT9HJQ6rMUZWNvySJJOq%2Bp3oyAtX6hPWaVBMML7yWB8IX8hEMdk2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 75e5337b1855923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 close-gray.255d2087c5e383f8.svg
nedbank.pay-secure.gq/ 229 B
229 B 382ms
382ms Image
text/html 2606:4700:3035::ac43:c9c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedbank.pay-secure.gq/close-gray.255d2087c5e383f8.svg
Requested by: Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c9c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84e88c73d0170c577b25327769d7aa377486b27da409f75c03f3c2fc1abc2bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/code.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 21:07:11 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2w9WqH0N2AFYsPXU1GqiYyQSAHGT0ermVMou4gIrbqgkdDhI3llQjZvljBRymDp94VvIZfZZOdbKOy4SnNZ9q0pV5LxqfiFbV7ONddMzs7XcmuB%2F%2FH3qgKCa1k0nQc80j29%2BcaQOCWlv3qJxx8kSgRNilM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 75e5337b1856923d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK onelink Show response
wa.onelink.me/v1/ 13 B
323 B 164ms
41ms XHR
application/json 18.203.13.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.13.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-13-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://nedbank.pay-secure.gq
Date: Sat, 22 Oct 2022 21:07:11 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 13
Content-Type: application/json

GET
H2 200 id Show response
nedbank.d3.sc.omtrdc.net/ 2 B
270 B 166ms
48ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nedbank.d3.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=5B5243A15589607E7F000101%40AdobeOrg&mid=12854490483875071382833846108766962269&ts=1666472831385

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6422e0f550a2/567d03ce12ec/launch-1bbd76e19c63.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nedbank.pay-secure.gq/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 22 Oct 2022 21:07:11 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://nedbank.pay-secure.gq
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET FontFont%20-%20MarkPro.307179f82a6dd2a0.otf
secured.nedbank.co.za/ 0
0

GET FontFont%20-%20MarkPro-Medium.fc8a82ca7526157c.otf
secured.nedbank.co.za/ 0
0

POST
H/1.1 200
OK events Show response
wa.appsflyer.com/ 77 B
529 B 170ms
40ms XHR
application/json 52.212.190.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=d2975d53-f8f0-4eab-9073-34d98ce344f4
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.190.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-190-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d0a53295ccc34fcfc8099f4527ae0df86fcd910e41a75655eced1c0ba71febf5

Request headers

Referer: https://nedbank.pay-secure.gq/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://nedbank.pay-secure.gq
Date: Sat, 22 Oct 2022 21:07:11 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 77
Content-Type: application/json

GET
H2 200 s34101193351453
nedbank.d3.sc.omtrdc.net/b/ss/nedbankonlinebankingprd,nedbankglobal/1/JS-2.22.4-LCXS/ 43 B
201 B 43ms
42ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nedbank.d3.sc.omtrdc.net/b/ss/nedbankonlinebankingprd,nedbankglobal/1/JS-2.22.4-LCXS/s34101193351453?AQB=1&ndh=1&pf=1&t=22%2F9%2F2022%2021%3A7%3A11%206%200&mid=12854490483875071382833846108766962269&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fnedbank.pay-secure.gq%2Fcode.html&cc=ZAR&server=nedbank.pay-secure.gq&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv2&v10=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F106.0.5249.119%20safari%2F537.36&v12=nedbank.pay-secure.gq&c14=D%3Dv14&v15=%3A&v16=%3A&v119=false&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5B5243A15589607E7F000101%40AdobeOrg&AQE=1

Requested by

Host: nedbank.pay-secure.gq
URL: https://nedbank.pay-secure.gq/code.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 21:07:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 23 Oct 2022 21:07:11 GMT
server: jag
etag: 3578723154848907264-4619694646180395523
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 21 Oct 2022 21:07:11 GMT

GET
H/1.1 200
OK onelink Show response
wa.onelink.me/v1/ 51 B
508 B 37ms
37ms XHR
application/json 18.203.13.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink?af_id=ea777c9f-278b-4d09-aeb7-7aa9ceba2f38-p
Requested by: Host: websdk.appsflyer.com
URL: https://websdk.appsflyer.com/?st=pba&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.13.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-13-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 11255fcfb3fb7d6a18f1e2e9aaaa8bee0841fd565eb5ba84e8494bf84c424700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://nedbank.pay-secure.gq
Date: Sat, 22 Oct 2022 21:07:11 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 51
Content-Type: application/json

GET FFMarkWebProRegular.69386de63644c744.ttf
secured.nedbank.co.za/ 0
0

GET FFMarkWebProMedium.d044c99156118d3f.ttf
secured.nedbank.co.za/ 0
0

GET FFMarkWebProRegular.3594b4997f3f4009.woff
secured.nedbank.co.za/ 0
0

GET FFMarkWebProMedium.158709a0105616cd.woff
secured.nedbank.co.za/ 0
0

GET FFMarkWebProMedium.c206d31548bfa5b6.woff2
secured.nedbank.co.za/ 0
0

GET FFMarkWebProRegular.fb38458d0fa9adfc.woff2
secured.nedbank.co.za/ 0
0

GET
H2 200 zeJc Show response
d3rnm236tp90vs.cloudfront.net/623923/ 90 B
650 B 87ms
87ms Script
text/javascript 99.86.1.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d3rnm236tp90vs.cloudfront.net/623923/zeJc?d=ZW5jZEB0bDVZWnhKNTRFZ2dUeWd5Rlo3ak90RlFyeStQR3hzcFU4UCtjc1BMNlhva1R2djVEaVpUYXVMNXhpQ043OTRJVmxKZ1l3TFIybE1UQUtqd2htN3RjVldadzJwaU5udEJNbnY0cEhDaTJnNVVoeExua1M4SU4vcUNIU1NiWUwyWndIdTJyckxpWkRVZXBVdFNXempBZ1ZCa3BTdjNvK0RCK0xNR25idkxQa20wR3NYOGtkK25WL09GSGpJdWJqck9rR25WdDZxdnd4YXVPSzk1dnNXbDJmc1I0MEd6Zk1odlJrRjNYbG1uY09oMWJETVZiSytkZDYwQUNQeDZFMnRxaGdqNlBuM1pNMncya05FeEZQSXFKeUdOa05yS2w5bkM2ZTBhZzBMbk1nWitjWU8yTzBHMDg5MWlMMjc1eWdsUEdaL09ibU9PZlhsaU9KWVIzTjZXUWR0b2huTlpHU0Y5MzJ1UFowVGlHTmJaUS9JTk5HTmJGNXFmTlE2NzNaYktRZ2ZTZFU1YjFqaytmTCtYM3UzS2ZNZ0RSMXk5VWVLOWFuL1VkZ1VwRFM3cm9qc1NhbDBBQnJBcXZneEN4dlN5Y21hSjYwdkR3blVTSU82Yi9DR1lTYXVLUWdYeUxtNXpuZVAwR2w3ZTJhUXVTUUMweXZMN091bnQxZ1p2S3hkZHBTU2tXZ0Q3bFcyZ0ZJSVM3WllHYm1mek9JM3o2dGpZYTFwWmRiMzF1NG1NeEpMTFZuMTNLSlo0UUkwemV2aGJxSFV2aUZIUHN4MFpKSHpxYzYxSndscUIwTG5ubjQ4cG1CMHJrdmdjTHg4UldjNW1sZnNCZzE3dmFBPT18N2JkYjRlNTM4YzA5N2IyMDVhNjU4MWM0YTBlOWEwZmRiMDEyNzJhZDQ4YTgwZGMzZmQ2NzJiMDZiNDY3NGNiODg5NzgyZDBhN2U2MmQwMjY1ZTE3NjJjNzZlMjk5MjU3M2RmMWY4Zjc0ZDZiZmQxZWZkMmQ1Y2FmN2Y3YjkyODQwZTg5MWNiMTFmYjExOTQ5NzA2YTcyZmE3OGMwYjIxN2E2OTZkNTRiMGQ1ZTM3MGU4M2EzNTIzMTQwNzJlZDQ5NGNiOGFkZjk0MDJkM2M3YWQ0ZTZmNDc5NzMxYmI2ZWJkNmEzMGExNmY0Y2E5OTZhNTE2ZWZlOTU5NmNhZTI5ZDZjNjIzYWRkMjU4NWFmZTFhMDE3MjRiYjFmY2FiYzhmYjkwMWYxOGRhNzE2ZmRhYTgwZTM4M2RlNjhkNmQzMDI4YTlmZTUzZTQ2NjNkNTQ5MTg1M2ViNzE0MTJhOGVmZjAxN2UzMWNjMWQzZTJjMWNlOGZlMjBmNTE1ZGM2YTg5ZDY3YzRkMmJkZDlhYThlMzYxZWE5MDJmODEzZDg5NTZiZGE2OTliYjZmNjYwNjBiMjRjZDNiZWViZjUyMzExZWJlODRmMjI1Mjc5YTY4ZjdjYmI3NGMxYjg5OWUxMTM4MzQ5OGFiNzBmNWQ5OWE4MjE4NmY2NjliMGFmYzc4NmV8MDBlZTBiNjJlY2FhYzg5Zg%3D%3D&cid=15%2C16&si=3&e=https%3A%2F%2Fnedbank.pay-secure.gq&LSESSIONID=eyJpIjoiNnYzcVF5aUMyckRaY3Y5dHQxWUZYUT09IiwiZSI6IlwvSlBpRk9lTGV6ZVFsbXdheDVMaWRKMTFHYkR2cmR2ZkRNVlwvV2UyTlwvXC9SVGp1N3BWZE9lOUNDTmlOb2gyRkxrZmg1MEp2VWtFNldJNkg5amJWVGFiTHFuRXBVV0hPem9kNE0xWGN0YXRcL1dybEZQUGJxdERQcUczcFZlRzdBckFwcHB5ZG1kQ0F0bTNNcGtHQU9iXC9wQT09In0%3D.f416b5866c345da9.NmNhMjcxMjcwYTI0NGU5ZDdhNDM1NDQ3ZDNhOTYyNDI5ZTUwYmI5MTljN2UwMDcxMWQ4MTQxNTg0MmZmMjk1Yg%3D%3D&t=jsonp&c=aamfdtvynrqpkucc&eu=https%3A%2F%2Fnedbank.pay-secure.gq%2Fcode.html

Requested by

Host: d3rnm236tp90vs.cloudfront.net
URL: https://d3rnm236tp90vs.cloudfront.net/623923/pqwct.js?r=0.8414701165661342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.1.159 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-1-159.fra6.r.cloudfront.net

Software

haile /

Resource Hash

90f2c03f83ac9681af5f12b9b49112e905700bd752d1d697e4457c50e769d477

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedbank.pay-secure.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Oct 2022 21:07:16 GMT
strict-transport-security: max-age=86400
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
server: haile
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: text/javascript
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
content-length: 90
x-amz-cf-id: bGOMusUWXM8cVdBG_IDz9sri-cXLXrh4sRAM8obNil18emAlz58b7Q==
pics-label: (PICS-1.1 "http://www.icra.org/pics/vocabularyv03/" l r (n 0 s 0 v 0 l 0 oa 0 ob 0 oc 0 od 0 oe 0 of 0 og 0 oh 0 c 0) "http://www.icra.org/ratingsv02.html" l r (nz 0 vz 0 lz 0 oz 0 cz 0) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secured.nedbank.co.za
URL: https://secured.nedbank.co.za/FontFont%20-%20MarkPro.307179f82a6dd2a0.otf

Domain: secured.nedbank.co.za
URL: https://secured.nedbank.co.za/FontFont%20-%20MarkPro-Medium.fc8a82ca7526157c.otf

Domain: secured.nedbank.co.za
URL: https://secured.nedbank.co.za/FFMarkWebProRegular.69386de63644c744.ttf

Domain: secured.nedbank.co.za
URL: https://secured.nedbank.co.za/FFMarkWebProMedium.d044c99156118d3f.ttf

Domain: secured.nedbank.co.za
URL: https://secured.nedbank.co.za/FFMarkWebProRegular.3594b4997f3f4009.woff

Domain: secured.nedbank.co.za
URL: https://secured.nedbank.co.za/FFMarkWebProMedium.158709a0105616cd.woff

Domain: secured.nedbank.co.za
URL: https://secured.nedbank.co.za/FFMarkWebProMedium.c206d31548bfa5b6.woff2

Domain: secured.nedbank.co.za
URL: https://secured.nedbank.co.za/FFMarkWebProRegular.fb38458d0fa9adfc.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nedbank (Banking)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nedbank.pay-secure.gq/	1969-12-31 23:59:59	Name: LSESSIONID Value: eyJpIjoiNnYzcVF5aUMyckRaY3Y5dHQxWUZYUT09IiwiZSI6IlwvSlBpRk9lTGV6ZVFsbXdheDVMaWRKMTFHYkR2cmR2ZkRNVlwvV2UyTlwvXC9SVGp1N3BWZE9lOUNDTmlOb2gyRkxrZmg1MEp2VWtFNldJNkg5amJWVGFiTHFuRXBVV0hPem9kNE0xWGN0YXRcL1dybEZQUGJxdERQcUczcFZlRzdBckFwcHB5ZG1kQ0F0bTNNcGtHQU9iXC9wQT09In0%3D.f416b5866c345da9.NmNhMjcxMjcwYTI0NGU5ZDdhNDM1NDQ3ZDNhOTYyNDI5ZTUwYmI5MTljN2UwMDcxMWQ4MTQxNTg0MmZmMjk1Yg%3D%3D
.demdex.net/	1970-01-20 11:13:44	Name: demdex Value: 12858496340756600102836507389174783861
.pay-secure.gq/	1969-12-31 23:59:59	Name: AMCVS_5B5243A15589607E7F000101%40AdobeOrg Value: 1
.pay-secure.gq/	1970-01-20 16:30:32	Name: AMCV_5B5243A15589607E7F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19288%7CMCMID%7C12854490483875071382833846108766962269%7CMCAAMLH-1667077631%7C6%7CMCAAMB-1667077631%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1666480031s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0
.pay-secure.gq/	1969-12-31 23:59:59	Name: s_cc Value: true
.appsflyer.com/	1970-01-20 16:30:32	Name: af_id Value: ea777c9f-278b-4d09-aeb7-7aa9ceba2f38-p
.pay-secure.gq/	1970-01-20 16:30:32	Name: afUserId Value: ea777c9f-278b-4d09-aeb7-7aa9ceba2f38-p
.onelink.me/	1970-01-20 16:30:32	Name: af_id Value: ea777c9f-278b-4d09-aeb7-7aa9ceba2f38-p
.pay-secure.gq/	1970-01-20 07:04:37	Name: AF_SYNC Value: 1666472831649
nedbank.pay-secure.gq/	1969-12-31 23:59:59	Name: ___so623923 Value: eyJsc2giOjIzMDQ0OTMzMDIsInJlZmVycmVyIjoiaHR0cHM6Ly9uZWRiYW5rLnBheS1zZWN1cmUuZ3EvY29kZS5odG1sIiwic2QiOm51bGwsInNkYyI6bnVsbCwiZSI6eyJuIjozLCJhIjpbeyIxNSI6dHJ1ZSwiMTYiOnRydWUsInNyIjoiIn0sIjE2Il0sInJpZCI6MC44MDA3MzgxNzEyODAzMjgxfSwiY2lzaWciOjM5NDU2Mzc0NjB9

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nedbank.pay-secure.gq/FontFont%20-%20MarkPro.307179f82a6dd2a0.otf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nedbank.pay-secure.gq/FFMarkWebProRegular.69386de63644c744.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nedbank.pay-secure.gq/FFMarkWebProRegular.3594b4997f3f4009.woff Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://assets.adobedtm.com/6422e0f550a2/567d03ce12ec/launch-1bbd76e19c63.min.js(Line 4) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://nedbank.demdex.net') does not match the recipient window's origin ('https://nedbank.pay-secure.gq').
security	error	URL: https://nedbank.demdex.net/dest5.html?d_nsid=0(Line 12) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://secured.nedbank.co.za') does not match the recipient window's origin ('https://nedbank.pay-secure.gq').
network	error	URL: https://nedbank.pay-secure.gq/FFMarkWebProRegular.fb38458d0fa9adfc.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nedbank.pay-secure.gq/icon-tailarrow-right.fabeb0b09e6324c8.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nedbank.pay-secure.gq/close-gray.255d2087c5e383f8.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nedbank.pay-secure.gq/chevron.622175d3bf669705.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nedbank.pay-secure.gq/Arrow.863bd05819ce952f.svg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://nedbank.pay-secure.gq/code.html Message: Access to font at 'https://secured.nedbank.co.za/FontFont%20-%20MarkPro.307179f82a6dd2a0.otf' from origin 'https://nedbank.pay-secure.gq' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secured.nedbank.co.za/FontFont%20-%20MarkPro.307179f82a6dd2a0.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nedbank.pay-secure.gq/code.html Message: Access to font at 'https://secured.nedbank.co.za/FontFont%20-%20MarkPro-Medium.fc8a82ca7526157c.otf' from origin 'https://nedbank.pay-secure.gq' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secured.nedbank.co.za/FontFont%20-%20MarkPro-Medium.fc8a82ca7526157c.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nedbank.pay-secure.gq/code.html Message: Access to font at 'https://secured.nedbank.co.za/FFMarkWebProRegular.69386de63644c744.ttf' from origin 'https://nedbank.pay-secure.gq' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secured.nedbank.co.za/FFMarkWebProRegular.69386de63644c744.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nedbank.pay-secure.gq/code.html Message: Access to font at 'https://secured.nedbank.co.za/FFMarkWebProMedium.d044c99156118d3f.ttf' from origin 'https://nedbank.pay-secure.gq' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secured.nedbank.co.za/FFMarkWebProMedium.d044c99156118d3f.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nedbank.pay-secure.gq/code.html Message: Access to font at 'https://secured.nedbank.co.za/FFMarkWebProMedium.158709a0105616cd.woff' from origin 'https://nedbank.pay-secure.gq' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secured.nedbank.co.za/FFMarkWebProMedium.158709a0105616cd.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nedbank.pay-secure.gq/code.html Message: Access to font at 'https://secured.nedbank.co.za/FFMarkWebProRegular.3594b4997f3f4009.woff' from origin 'https://nedbank.pay-secure.gq' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secured.nedbank.co.za/FFMarkWebProRegular.3594b4997f3f4009.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nedbank.pay-secure.gq/code.html Message: Access to font at 'https://secured.nedbank.co.za/FFMarkWebProMedium.c206d31548bfa5b6.woff2' from origin 'https://nedbank.pay-secure.gq' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secured.nedbank.co.za/FFMarkWebProMedium.c206d31548bfa5b6.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://nedbank.pay-secure.gq/code.html Message: Access to font at 'https://secured.nedbank.co.za/FFMarkWebProRegular.fb38458d0fa9adfc.woff2' from origin 'https://nedbank.pay-secure.gq' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://secured.nedbank.co.za/FFMarkWebProRegular.fb38458d0fa9adfc.woff2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.adobedtm.com
d21ctq9anmk97c.cloudfront.net
d3rnm236tp90vs.cloudfront.net
dpm.demdex.net
nedbank.d3.sc.omtrdc.net
nedbank.demdex.net
nedbank.pay-secure.gq
secured.nedbank.co.za
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.nedbank.co.za
secured.nedbank.co.za
13.36.218.177
143.204.214.41
168.142.204.15
168.142.204.82
18.203.13.19
2606:4700:3035::ac43:c9c3
2a00:1450:4001:827::200a
2a02:26f0:3500:11::215:14ca
2a02:26f0:3500:587::1e80
52.212.190.143
54.76.60.98
99.86.1.159
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
11255fcfb3fb7d6a18f1e2e9aaaa8bee0841fd565eb5ba84e8494bf84c424700
1a5a4243d5deb812322c88585c60005996d2dad53a656ed6c07595d09c877b00
1e18760ed18470f264f73c2984ea3b302a190cb29d0fe64faeb018df4860355b
1ff2a8671111fb294acbd910e0ff757971eaeb4b381206de8ebabb38e259ca15
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54
2320bae1e8e83c488651b7481eeb327d3f26992d119182952d984e5aafe01a6f
24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed
281c360431a2d1baa9c533a4b69b599a15dceeed26b52cee21ec37da4365fe9b
2e0828d80f1e2542b247915dbafaa268fcdd6f5c4ce4d6e57eccc0d37916752e
2faf9dd4f983809c9700b446478c89efb1db1fcdfa056001a2b4db359744b75a
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
39b5f1c0f6f72d7ca3c3181749b646470718a5a8eca80ce13d0b63c15edb2e7c
39c3f3a34b7b37ce5381250ecae1250377bd4a8a4afd1d5976fb7f0aac68b174
3bf07d30c5c5867acf6a3ec763086a9c3d1ea5c7e6783c1550e1309c67e59bf3
3d4e079616c1282712f54894f27baea16d199615582cd948fa8a6588a82ab622
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443642c333c1aa7677d4217d443909557a7964858b959c5ef3b438f11874c5ee
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
52bbe8e308b21ca0939cbfbdc7bc71377740e6a23fd985f4493d0c0e4c846fad
56b87521359938f63ee4dc2ddbc1cdda2e9e70de226950a1cc085d8ba6999e4c
588400a711842caa93c2dffd2996537ddab0c2fc53015492d0f8981a78439050
5890a7bf39ba2a022ba9612c0a3c8356f36acfac4e32a5bfda52c800391ee984
5c6c8d8c0e52c66587d5f15d69de975d84894fc26afc864cd7b3eebde68b426c
66cdee716767ca9e1f894ba70d7250a709ce44ae7d3eddd3c6f9f7f9faf513a3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
84e88c73d0170c577b25327769d7aa377486b27da409f75c03f3c2fc1abc2bd9
8fd778cf8be190de02f1a95bb0a3d1ba158c4041b109fa8ac002c245056e06dc
90f2c03f83ac9681af5f12b9b49112e905700bd752d1d697e4457c50e769d477
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
940463392d08bd335260dd336a9f25ba7377066c485c4591f190c5a8aa553313
9731178a65895ad7a2835bb97c7d3e1fbb030448ce0af77fad66d45559beee0d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa5e522e1a7b02b00ebe839f3719f30b46e41d23792a597ca409d16d929a206a
b56bd2aeb39c48bb1732623689421c02c93461a6024a657124450d5664bbbb56
b83d1f07b93621fb7fbe1e29daf5487ff0bd78f6607213db56dacfbd3b11307c
bbcc325054b5b9d75f208f6f93d28b69a67070a58aad5ca8dbd6c932bc2bc9a2
bd7034bbe7767aafcd452d005ea9e244853cc0e8f9abe66779a79749461e1a5a
d0a53295ccc34fcfc8099f4527ae0df86fcd910e41a75655eced1c0ba71febf5
d4c4f3bcdff08509878d55ff3e067e99aa3ee36d01a9f6dab3d5dbfb6c926c83
d88fedad79f51cae5be17cd5ee16ea706978380791b34100beade1881a5974f4
d8d1980aafe6487ebe185f03149f7dafceba1acffebce650d58a2783534dfcea
e0813e671602c2c1ac9052c2d10432377770643e239ac6a6ff7f6fd9cf002c04
e79680516f7aebb8535d875afb21b608dc955fa48f3084502858ea7513ba547c
f7baf6fab8ed8563ffcf45e566735dc4adf36fd5243d0c2ffdf472905bc7e018
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

nedbank.pay-secure.gq Open in urlscan Pro 2606:4700:3035::ac43:c9c3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

87 %HTTPS

33 %IPv6

9 Domains

13 Subdomains

13 IPs

5 Countries

2077 kBTransfer

2974 kBSize

10 Cookies

21 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nedbank.pay-secure.gq Open in urlscan Pro
2606:4700:3035::ac43:c9c3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

87 %
HTTPS

33 %
IPv6

9
Domains

13
Subdomains

13
IPs

5
Countries

2077 kB
Transfer

2974 kB
Size

10
Cookies

61 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!