www.ketoniclabs.com
Open in
urlscan Pro
2606:4700:30::6812:3537
Malicious Activity!
Public Scan
Submitted URL: http://www.ketoniclabs.com/wp-admin/Ned/nedk/
Effective URL: http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/ned.php?cmd=login_submit&id=c3a6b7f6349104c6b...
Submission: On March 08 via manual from ZA
Effective URL: http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/ned.php?cmd=login_submit&id=c3a6b7f6349104c6b...
Submission: On March 08 via manual from ZA
Summary
This website contacted 5 IPs
in 3 countries
across 5 domains to perform 46 HTTP transactions.
The main IP is 2606:4700:30::6812:3537, located in
United States and
belongs to CLOUDFLARENET - Cloudflare, Inc., US.
The main domain is www.ketoniclabs.com.
This is the only time www.ketoniclabs.com was scanned on urlscan.io!
This is the only time www.ketoniclabs.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nedbank (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 4 | 2606:4700:30:... 2606:4700:30::6812:3537 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 3 3 | 2606:4700:30:... 2606:4700:30::6812:3437 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 41 | 168.142.204.33 168.142.204.33 | 3741 (IS) (IS) | |
| 1 1 | 2606:4700:30:... 2606:4700:30::6818:78f2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 2 | 2606:4700:30:... 2606:4700:30::681b:a1e9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 1 | 2606:4700:30:... 2606:4700:30::681b:a0e9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 | 176.34.177.85 176.34.177.85 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 46 | 5 |
4
2606:4700:30::6812:3537
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| www.ketoniclabs.com | |
| ketoniclabs.com |
3
2606:4700:30::6812:3437
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| www.ketoniclabs.com | |
| ketoniclabs.com |
2
2606:4700:30::681b:a1e9
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| healthreviews.pro |
1
2606:4700:30::681b:a0e9
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| healthreviews.pro |
1
176.34.177.85
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-177-85.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-177-85.eu-west-1.compute.amazonaws.com
| www.splash-screen.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 41 |
nedsecure.co.za
netbank.nedsecure.co.za |
261 KB |
| 7 |
ketoniclabs.com
5 redirects
www.ketoniclabs.com ketoniclabs.com |
68 KB |
| 3 |
healthreviews.pro
2 redirects
healthreviews.pro |
644 B |
| 1 |
splash-screen.net
www.splash-screen.net |
897 B |
| 1 |
1trk.pro
1 redirects
1trk.pro |
964 B |
| 46 | 5 |
| Domain | Requested by | |
|---|---|---|
| 41 | netbank.nedsecure.co.za |
www.ketoniclabs.com
netbank.nedsecure.co.za |
| 5 | www.ketoniclabs.com | 4 redirects |
| 3 | healthreviews.pro |
2 redirects
ketoniclabs.com
|
| 2 | ketoniclabs.com |
1 redirects
www.ketoniclabs.com
|
| 1 | www.splash-screen.net |
www.ketoniclabs.com
|
| 1 | 1trk.pro | 1 redirects |
| 46 | 6 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| netbank.nedsecure.co.za |
| www.nedbank.co.za |
| www.netbankdemo.co.za |
| nedbankonlinetrading.nedsecure.co.za |
| secured.nedbank.co.za |
| fees.nedbank.co.za |
| www.entrust.net |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| netbank.nedsecure.co.za Entrust Certification Authority - L1M |
2018-10-22 - 2020-10-22 |
2 years | crt.sh |
| sni145522.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-03-05 - 2019-09-11 |
6 months | crt.sh |
This page contains 5 frames:
Primary Page:
http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/ned.php?cmd=login_submit&id=c3a6b7f6349104c6b8aa5ed59a9b36f7c3a6b7f6349104c6b8aa5ed59a9b36f7&session=c3a6b7f6349104c6b8aa5ed59a9b36f7c3a6b7f6349104c6b8aa5ed59a9b36f7
Frame ID: 8B52D6B139BEA948E6FB06FAA45F9F9F
Requests: 41 HTTP requests in this frame
Frame:
https://netbank.nedsecure.co.za/Browser/Common/blank.htm
Frame ID: 6D7DC40AEB8322AEB128B29CAD29F2B2
Requests: 1 HTTP requests in this frame
Frame:
https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/ForgetPasswordInfo.htm
Frame ID: 05F2FC4C231B0F00A4BBA5D71AAD062E
Requests: 1 HTTP requests in this frame
Frame:
https://healthreviews.pro/cla-slq-entertainment/
Frame ID: 98A2B6C8D05B202F87B3917332308028
Requests: 2 HTTP requests in this frame
Frame:
https://netbank.nedsecure.co.za/Browser/Common/blank.htm
Frame ID: 2302FD010635446ACE00518E365CDB92
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://www.ketoniclabs.com/wp-admin/Ned/nedk/
HTTP 302
http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2?cmd=login=account-service... HTTP 301
http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/?cmd=login=account-servic... HTTP 302
http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/ned.php?cmd=login_submit&... Page URL
Detected technologies
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /cloudflare/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
- script /jquery-ui.*\.js/i
jQuery UI
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery-ui.*\.js/i
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
URL: https://netbank.nedsecure.co.za/
Title: Home
Title: Home
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal/tools-and-guidance/bank-anytime-anywhere/Security.html
Title: Online Security
Title: Online Security
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/website/content/forms/Formsdetails.asp?FormsId=661
Title: Apply
Title: Apply
Search URL Search Domain Scan URL
URL: http://www.netbankdemo.co.za/
Title: NetBank Demo
Title: NetBank Demo
Search URL Search Domain Scan URL
URL: http://www.netbankdemo.co.za/NetbankRel12011/Netbank%20UserGuide/main_menu.html
Title: NetBank User Guide
Title: NetBank User Guide
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal/tools-and-guidance/bank-anytime-anywhere/Internet-banking.html
Title: More About NetBank
Title: More About NetBank
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/content/forms/af/nedbank/TalkToUs.html
Title: Talk to Us
Title: Talk to Us
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal/tools-and-guidance/tools/personal-financial-management.html
Title: Personal Money Manager
Title: Personal Money Manager
Search URL Search Domain Scan URL
URL: https://nedbankonlinetrading.nedsecure.co.za/Home.aspx
Title: Online Share Trading
Title: Online Share Trading
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/content/dam/nedbank/site-assets/Terms/TCSelfServiceBanking2013.pdf
Title: Terms & Conditions
Title: Terms & Conditions
Search URL Search Domain Scan URL
URL: http://www.netbankdemo.co.za/NetbankRel12011/DOCS/internet%20banking%202011FAQs.pdf
Title: FAQ
Title: FAQ
Search URL Search Domain Scan URL
URL: https://www.nedbank.co.za/content/nedbank/desktop/gt/en/personal/tools-and-guidance/bank-anytime-anywhere/trusteer-rapport-security.html
Title: Trusteer Rapport Security
Title: Trusteer Rapport Security
Search URL Search Domain Scan URL
URL: https://secured.nedbank.co.za/
Title:
Title:
Search URL Search Domain Scan URL
URL: http://fees.nedbank.co.za/pricing-guide-2018/home
Title: Fees
Title: Fees
Search URL Search Domain Scan URL
URL: https://www.entrust.net/customer/profile.cfm?domain=netbank.nedsecure.co.za
Title:
Title:
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/
Title: Home
Title: Home
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/legal/index.asp
Title: Legal Requirements
Title: Legal Requirements
Search URL Search Domain Scan URL
URL: http://www.nedbank.co.za/website/content/home/glossary.asp
Title: Glossary
Title: Glossary
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.ketoniclabs.com/wp-admin/Ned/nedk/
HTTP 302
http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2?cmd=login=account-service.com/account/service HTTP 301
http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/?cmd=login=account-service.com/account/service HTTP 302
http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/ned.php?cmd=login_submit&id=c3a6b7f6349104c6b8aa5ed59a9b36f7c3a6b7f6349104c6b8aa5ed59a9b36f7&session=c3a6b7f6349104c6b8aa5ed59a9b36f7c3a6b7f6349104c6b8aa5ed59a9b36f7 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 38- http://www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/html/Welcome.htm HTTP 301
- http://ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/html/Welcome.htm HTTP 301
- http://ketoniclabs.com/
- http://1trk.pro/?flux_fts=xpotpotxoilxcqcxxiexpotopqzqqtcpcixxa22610 HTTP 307
- https://healthreviews.pro/cla-slq-entertainment HTTP 301
- http://healthreviews.pro/cla-slq-entertainment/ HTTP 301
- https://healthreviews.pro/cla-slq-entertainment/
46 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
ned.php
www.ketoniclabs.com/wp-admin/Ned/nedk/f5eee2ee3c4d3e1be767e5e413eb1ad2/ Redirect Chain
|
356 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
info.css
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui-1.8.16.custom.css
netbank.nedsecure.co.za/App_Themes/NedbankTheme/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Nedbank.css
netbank.nedsecure.co.za/App_Themes/NedbankTheme/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/jQuery/ |
78 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
JQuery.js
netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/ |
70 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui.min.js
netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/ |
197 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
USSDDialog2016.js
netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/ |
27 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
USSDPolling2016.js
netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/ |
68 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Indemnityflow.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
MyFinancialLife.js
netbank.nedsecure.co.za/Browser/Common/Scripts/MyFinancialLife/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
RTCCutoff.js
netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
DarkHours.js
netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BankAccountProducts.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ApplyOnline/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow_down.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
56 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
arrow.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
56 B 350 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankLogoNew.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
menu_shadow_left.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
405 B 702 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ResetPassword.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ResetPassword/ |
11 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Login_Top.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
230 B 525 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Promo_Left.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
195 B 490 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lock.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
587 B 883 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logonButton.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
SubmitButton.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
CancelButton.png
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Promo_Right.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
197 B 492 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Login_Bottom.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
233 B 528 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Promo_Top.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
244 B 539 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
banner_1.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
keyboard.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Promo_Bottom.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
247 B 542 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
alertIcon.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
754 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
EntrustLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
PSALogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
448 B 744 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AskOnceLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NedbankFooterLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
blank.htm
netbank.nedsecure.co.za/Browser/Common/ Frame 6D7D |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ForgetPasswordInfo.htm
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/html/ Frame 05F2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
/
ketoniclabs.com/ Frame 98A2 Redirect Chain
|
479 B 879 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui-bg_flat_75_ffffff_40x100.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ |
178 B 474 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui-bg_highlight-soft_75_005641_1x100.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ |
133 B 429 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ui-icons_222222_256x240.png
netbank.nedsecure.co.za/App_Themes/NedbankTheme/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
blank.htm
netbank.nedsecure.co.za/Browser/Common/ Frame 2302 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
healthreviews.pro/cla-slq-entertainment/ Frame 98A2 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rapi.js
www.splash-screen.net/71524/ |
262 B 897 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/blank.htm
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nedbank (Banking)137 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| event object| onselectstart object| onselectionchange function| queueMicrotask function| openclose object| rn_img1on object| rn_img1off object| rn_img2on object| rn_img2off function| showtip function| hidetip function| transfer_on_confirm function| GetPage function| MaxFrameHeight function| OnLoad function| rHarvest function| $ function| jQuery function| BigInteger object| M function| DP_jQuery_1552062667662 object| USSDDialog object| USSDDialog1 function| SetNonceValue object| USSD object| USSD1 object| INdemnity object| IndemnityDialog object| MFL object| MFLDialog object| RTC object| RTCDialog object| Dark object| DarkHourDialog object| BankProduct object| BankProductDialog string| ApplicationPath string| GlobalBrand object| $this object| AJAXPageDisable function| LoadScript function| CreateNamespace object| jsCommon function| ProcessResetPasswordAjaxUSSD string| controlPrefix object| divErrorMsg function| AjaxErrorRetrievingResetPasswordUSSD function| EnableNewAndConfirmPassword object| Nedbank string| sizeOfUpperFrame undefined| warningWin object| UndoValidateChanges object| ValidateCtrlParms object| ValidateCtrlIds object| ValidateTableParms object| ValidateTableIds object| BrowserDetect string| versionNum function| ContentInit function| ContentResize object| framesCommon object| logonForm boolean| hasSubmitStarted undefined| LoadTime undefined| SubmitTime function| PageGetSubmitTime function| PageGetLoadTime function| ValidateAndReset function| ValidateAndResetSubmit function| ProcessResetPasswordSubmitAjax function| AjaxErrorRetrievingResetPasswordSubmit function| CancelResetPassword function| ProcessResetPasswordAjax function| AjaxErrorRetrievingResetPassword function| DP_jQuery_1552062667824 string| pageHelp object| form boolean| _isFutureDatedPayment function| Accept function| getnextUrl function| SubmitOnceOffSinglePayment function| GetPaymentDate function| CalculateAndSetReoccurrenceData function| IsFutureDatedPayment function| CalculateOccurences function| GetDailyOccurrences function| GetWeeklyOccurrences function| GetMonthlyOccurrences function| CalculateNextPaymentDate function| GetNextPaymentDateDaily function| GetNextPaymentDateWeekly function| GetSubFrequencyValue function| GetNextPaymentDateMonthly function| GetSubFrequency function| GetTodayDate function| CreateDateObject function| CalculateEndDate function| GetEndDateMonthly function| GetEndDateWeekly function| GetEndDateDaily function| GetBankApprovedBeneficiaryDropDown function| GetAccountTypeDropDown function| GetFromAccountDropDown function| GetNotificationTypeDropDown function| GetFirstLetterBeneficiaryDropDown function| GetCreditCardBankListDropdown function| GetBankListDropDown function| GetBranchNameDropDown function| GetFirstLetterBranchNameDropDown function| GetBeneficiaryId function| GetNotificationDetail function| Print function| Cancel function| AcceptBoxClicked function| ajaxNoticeInfo function| ShowMenu function| SubmitToVerifyPage function| ValidateAndSubmit function| ValidatePassword function| ComparePasswords function| EnterCatch number| NonceValue string| IncorrectSecretLength1 string| InvalidSymbolInPassword1 string| MinimumRestriction1 string| InvalidConfirmPassword1 string| BlankConfirmPassword1 string| ResponseProfile string| ResponsePin object| EmptyFormOnSubmitEvents function| Events object| validate_obj object| focusInput function| rotate function| rotateSwitch number| play object| $active1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .healthreviews.pro/ | Name: __cfduid Value: dc51d62104ba03d1bf16d4041281d29371552062687 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1trk.pro
healthreviews.pro
ketoniclabs.com
netbank.nedsecure.co.za
www.ketoniclabs.com
www.splash-screen.net
netbank.nedsecure.co.za
168.142.204.33
176.34.177.85
2606:4700:30::6812:3437
2606:4700:30::6812:3537
2606:4700:30::6818:78f2
2606:4700:30::681b:a0e9
2606:4700:30::681b:a1e9
01b9e3d492b3d1db028325365a9b5b11e830d6a8529be61b2d0f753493d401cf
04a07a2d47ac28097936104995b996bd289c14e99783ecc2e9f880a36b5f877f
1e5684f00ff66a12e9da468f21c59d240094d842f2a941c10adc9b8bf98b176c
1ff0eeb21779fdb3fa2519e017c13db776d5c53337b96d74b9431ba897414046
20c56d40202691b2cb6f347a2a3515c63ec6c2bb97a477e604c3836a6f3ecbf1
39ab7ccd9f4e82579da78a9241265df288d8eb65dbbd7cf48aed2d0129887df5
3a18ff487b9fcc4b10efb7bad289ff8cdf545159637b30ff3fe2bf15606d8f77
3da91d9500d71d6a5e2e60144ed51a9e1eee1cd7063deb142e712bee7eef3bf5
43a9904189012ecb780451f877b2a8c158522acaadacdb8c56549eeb6ffbcebf
442e3c47a8fe7952f0acffdfcfbdb7bd7aaaedf62f2b1aa4650195aca8eafcbd
443ffea27d512002cf9c6cf790db768319ccb4166114522d7851586db9d12b37
45f1184ff5eac46f031add376f07140c17933e7d443f941013a672dec971e979
5bbdb2f06f5f2aa872e00a0d6fcd16c409c2cfab770b5d18245fca9beec91fc4
5d6c838e884407d498f2972291b87ce84ed5095d6d3c7696182ec83a674f865e
5f5077cb7cdffe7e22862fbe4b9594099092cf655df8d7df889fcb0a2d8e0fe8
6cf3f6c6a740c8eb99295946b2f5b6164ee09546b7b699e2937ed54b298dfa32
6d677c61f637349c0276377b14971926c11e24786d26c8ed808849d0698dcdee
6f6cbd97fefa5dbc83b4cb4ca51e644f87a9d05f8fd7e4e73c8669ceec1fe917
6f771bafb223510f295291792fffc27faba3338e5ea62ec700bb60f7af3be8f0
71b1e6fa4eacd771334533831e6b1c176ebc05b66661c9bdb01022ac4be0d7bb
7c8736463bf40b36031f0025b1c2a64a2856beb77758137355a1c873950e58c5
7ffc63987f91ebf7d27b5789c91907d6bca04278b158c0f30d9d742c4e9782cd
87e9bbbc46dd91eeffa515b2401303a855928189acc6c8baf65f0c7d06f6c4d6
89fdecac64019eebad7cd1121c2c83c528808f1c7fcf3832a50c7743d641ed86
9296726d409bae23e760579ce4d2f092d3940f365ecf9f02a724dee059c9f050
a2ccfdc001858222885a9df39200840ac7a3f479ba889727d32a10398db7918a
a63fd9e18d3dbf8a5e90f695bcf8d33ef712ca44ff1b9486cb6195aabb1e0331
a82e568a648cb5517e0b5c18fb09f7c5c9db0728d6cd3293393fb908fb88bc70
b6d564c22df601ee79a04d8f4c90319ba14fd99fef56580af4a25918aca6b07a
bf100bfbc2dd803f103900a8751e466111c223630e3af9993fd1012bbe2813cc
d09c43907e99f3323be424e4d83e7ddd3072b3596580a56adb50fcbb57fc5ddf
d2919555fdb4f3645266b00678a2a7a8f3a5d4047b652781c16b88fd2bbc1129
d809db86b29fdd1bcc963f05a9031fb16cddd8d809a4a28b3ff162a4c801ecc2
d93d5de642569242af13f59efe0fb4fc7bfaae83b01eb84966183c15fffc8f1d
de7f53c8184a04810a790a15853dd914c224bdc3e0c8e3aaa60d9725eaf90b73
df5748e607e020b5bb09d92ba17f78d1e0cd09971b3914eef217630081b9c195
e62c0b776499966ea573a244c18721ac7c15899e4dcfa920d6907156562754b9
ed8a49539c2ab401f972799e4bf8335ab8a61d61491223e309cab74ee04f5c3c
f0e2239da7b8d3fc80082552032446a3a6d853f6a095b7f8e12c91fd0f6ec859
f59b7978885e1ce59874d8b42ecdeeaf96eaecbe4eaa3299748805ec6c8cc5bb
f750d92809d696eb13ca24509b99ec79fbcd4854b2b8ddfd85eec23e2c108a8f
fbed31fe516c5f3e20d8df909160988e65a7199781e1cf5a43b9d278629b704d