![](/screenshots/51c355f9-9245-465b-b6c9-2b473ad8db0f.png)
capitexloans.com
Open in
urlscan Pro
2606:4700:3031::ac43:c68b
Malicious Activity!
Public Scan
Submission: On August 31 via manual from ZA
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2021. Valid for: a year.
This is the only time capitexloans.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Nedbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
47 | 2606:4700:303... 2606:4700:3031::ac43:c68b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:80e::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:ba48 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 54.154.124.189 54.154.124.189 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 13.36.218.177 13.36.218.177 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 34.249.113.116 34.249.113.116 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.212.190.143 52.212.190.143 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.215.80.181 52.215.80.181 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.214.255.32 52.214.255.32 | 16509 (AMAZON-02) (AMAZON-02) | |
63 | 11 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN20940 (AKAMAI-ASN1, NL)
websdk.appsflyer.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-124-189.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
nedbank.d3.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-113-116.eu-west-1.compute.amazonaws.com
wa.onelink.me |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-190-143.eu-west-1.compute.amazonaws.com
wa.appsflyer.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-80-181.eu-west-1.compute.amazonaws.com
www.splash-screen.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-255-32.eu-west-1.compute.amazonaws.com
docs.nedbank.co.za |
Apex Domain Subdomains |
Transfer | |
---|---|---|
47 |
capitexloans.com
capitexloans.com |
6 MB |
3 |
onelink.me
wa.onelink.me |
1 KB |
3 |
appsflyer.com
websdk.appsflyer.com wa.appsflyer.com |
11 KB |
2 |
omtrdc.net
nedbank.d3.sc.omtrdc.net |
561 B |
2 |
adobedtm.com
assets.adobedtm.com |
14 KB |
1 |
nedbank.co.za
docs.nedbank.co.za |
183 B |
1 |
splash-screen.net
www.splash-screen.net |
718 B |
1 |
demdex.net
dpm.demdex.net |
1 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
40 KB |
0 |
nedsecure.co.za
Failed
api.nedsecure.co.za Failed |
|
63 | 10 |
Domain | Requested by | |
---|---|---|
47 | capitexloans.com |
capitexloans.com
|
3 | wa.onelink.me |
websdk.appsflyer.com
capitexloans.com |
2 | wa.appsflyer.com |
capitexloans.com
|
2 | nedbank.d3.sc.omtrdc.net |
capitexloans.com
|
2 | assets.adobedtm.com |
capitexloans.com
|
1 | docs.nedbank.co.za |
capitexloans.com
|
1 | www.splash-screen.net |
capitexloans.com
|
1 | dpm.demdex.net |
capitexloans.com
|
1 | websdk.appsflyer.com |
capitexloans.com
|
1 | www.googletagmanager.com |
capitexloans.com
|
0 | api.nedsecure.co.za Failed |
capitexloans.com
|
63 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
secured.nedbank.co.za |
www.entrust.net |
www.nedbank.co.za |
onlinesharetrading.nedbank.co.za |
play.google.com |
itunes.apple.com |
appgallery5.huawei.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-08-14 - 2022-08-13 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-03 - 2021-12-07 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
*.d3.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-02-28 - 2022-03-04 |
2 years | crt.sh |
*.onelink.me Amazon |
2021-04-05 - 2022-05-04 |
a year | crt.sh |
*.appsflyersdk.com Amazon |
2021-06-10 - 2022-07-09 |
a year | crt.sh |
*.splash-screen.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-04 - 2022-03-09 |
a year | crt.sh |
*.o3n.io R3 |
2021-07-02 - 2021-09-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://capitexloans.com/user/bank/secured.nedbank.co.za/login.php
Frame ID: CC59029E8F4F947F49CD5A361A3CE1F9
Requests: 62 HTTP requests in this frame
Screenshot
![](/screenshots/51c355f9-9245-465b-b6c9-2b473ad8db0f.png)
Page Title
Online BankingDetected technologies
Detected patterns
- url /\.php(?:$|\?)/i
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Learn more →
Search URL Search Domain Scan URL
Title: Fraud awareness
Search URL Search Domain Scan URL
Title: Verify payments
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Online share trading
Search URL Search Domain Scan URL
Title: terms and conditions.
Search URL Search Domain Scan URL
Title: Nedbank Money app
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.php
capitexloans.com/user/bank/secured.nedbank.co.za/ |
186 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
saved_resource
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
33 KB 33 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
rapi.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
265 B 796 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
launch-1bbd76e19c63.min.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
166 KB 46 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
33.c6bba1668b98ef03dd3d.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
4 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
4.468d70443b282aaa67de.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
476 KB 60 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
69.b3786d34998d67ac38e0.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
4 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
40.c862b6ff0ddf331d580f.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
8 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
7.55542520714a5dc5b08e.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
25 KB 7 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
76.0c2b6fa13b320326c734.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
308 KB 36 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
common.2d2fd8b7fec68466f46c.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
43 KB 12 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
43.aefccfbebcbd1fa2f67b.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
119 KB 19 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
42.68de6ee2368560fe5d4a.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
127 KB 20 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
AppMeasurement.min.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
33 KB 13 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
AppMeasurement_Module_ActivityMap.min.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
3 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
styles.99f7f0af76a543f7b90c.css
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
239 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
Error_Orange.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
933 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
NedbankExperience.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
12 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
login-fast.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
login-easy.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
login-secure.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
entrust_site_seal_ssl.png
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
GooglePlay.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
22 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
AppStoreBadge.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
12 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
HuaweiStoreBadge.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
22 KB 8 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
runtime.c40a328c46c6f167663b.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
4 KB 3 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
polyfills.3bc2cc954746bacf90dd.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
169 KB 54 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
scripts.13f29d197eb1894bee37.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
788 KB 212 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
main.83436c151f519ed7116e.js.download
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
19 MB 5 MB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
101 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
websdk.appsflyer.com/ |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
216 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
NedbankIcon.7492cce283df004f1ef8.svg
capitexloans.com/user/bank/secured.nedbank.co.za/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
icon-chat-thin.e1e44890317f84171fc1.svg
capitexloans.com/user/bank/secured.nedbank.co.za/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
location-blank-green.a212a0d3423c5f200809.svg
capitexloans.com/user/bank/secured.nedbank.co.za/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
contact-blank-green.0dde8e4b338f10363bc5.svg
capitexloans.com/user/bank/secured.nedbank.co.za/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
Arrow.941e2f83c935ad00fedf.svg
capitexloans.com/user/bank/secured.nedbank.co.za/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
outline-cheque.fe9bf6957964461d3cd2.svg
capitexloans.com/user/bank/secured.nedbank.co.za/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
Eye-Show.e3e7de1845a334a1db06.svg
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
close-gray.840a1d9e5d4f2693cbdf.svg
capitexloans.com/user/bank/secured.nedbank.co.za/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
nedbank.d3.sc.omtrdc.net/ |
2 B 316 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
13 B 318 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FFMarkWebProRegular.734ec8bb2cae535b25e2.ttf
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FFMarkWebProMedium.372af743edc702191fa3.ttf
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
wa.appsflyer.com/ |
80 B 527 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rapi.js
www.splash-screen.net/71524/ |
265 B 718 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
51 B 503 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FFMarkWebProMedium.4f815f53bf394a53bca5.woff
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FFMarkWebProRegular.b11ee9d5cc2d0d30c9d9.woff
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FFMarkWebProRegular.56bf69b60979b6a003ec.woff2
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
FFMarkWebProMedium.b5e3a5ab2b897ea3877f.woff2
capitexloans.com/user/bank/secured.nedbank.co.za/Online%20Banking_files/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
salut
api.nedsecure.co.za/nedbank/nedbankid/v4/users/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
salut
api.nedsecure.co.za/nedbank/nedbankid/v4/users/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
docs.nedbank.co.za/cdn/8csygl83kdx15rwo1g4brmf0d/ |
43 B 183 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5626b0ca6af2ccf1f0d2.worker.js
capitexloans.com/user/bank/secured.nedbank.co.za/ |
2 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
onelink
wa.onelink.me/v1/ |
51 B 503 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s53063058610870
nedbank.d3.sc.omtrdc.net/b/ss/nedbankonlinebankingprd/1/JS-2.22.0-LBSQ/ |
43 B 245 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
events
wa.appsflyer.com/ |
80 B 527 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.nedsecure.co.za
- URL
- https://api.nedsecure.co.za/nedbank/nedbankid/v4/users/salut
- Domain
- api.nedsecure.co.za
- URL
- https://api.nedsecure.co.za/nedbank/nedbankid/v4/users/salut
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Nedbank (Banking)194 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| AppsFlyerSdkObject function| AF object| webpackJsonp object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| global function| inIframe object| tokenValue object| google_tag_manager object| dataLayer function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| AF_SDK object| __core-js_shared__ object| core function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| IntlPolyfill string| trusteerLink function| trusteerCheck object| Base64 object| pako function| Color function| Chart function| $ function| jQuery object| __zone_symbol__loadfalse function| panzoom function| Swiper object| __zone_symbol__unloadfalse function| SockJS function| md5 string| txt function| AvayaCoBrowseClientServices object| digitalData function| saveAs object| pdfMake function| MarkerClusterer boolean| _pdfjsCompatibilityChecked object| regeneratorRuntime object| cptable string| r object| m function| gtag object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| s_i_nedbankonlinebankingprd function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.capitexloans.com/ | Name: AF_SYNC Value: 1630426275353 |
|
.capitexloans.com/ | Name: afUserId Value: 95b7eda9-6a48-4ab1-8217-3fe49561fd7b-p |
|
.capitexloans.com/ | Name: s_cc Value: true |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.nedsecure.co.za
assets.adobedtm.com
capitexloans.com
docs.nedbank.co.za
dpm.demdex.net
nedbank.d3.sc.omtrdc.net
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
www.googletagmanager.com
www.splash-screen.net
api.nedsecure.co.za
13.36.218.177
2606:4700:3031::ac43:c68b
2a00:1450:4001:80e::2008
2a02:26f0:6c00:28a::1e80
2a02:26f0:6c00::210:ba48
34.249.113.116
52.212.190.143
52.214.255.32
52.215.80.181
54.154.124.189
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
023bff99a1830f16015448d8f9f5cf2e87cd4966f724b2453ba45d761dcc9452
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
06d7694a5321e06bae6636c2b580b58a7791a9859dbe49401b694ea8f9eb2be5
1ff2a8671111fb294acbd910e0ff757971eaeb4b381206de8ebabb38e259ca15
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54
24af98f5927069908c81e519b1082493492411999b322d3297a0be59baed39ed
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3bf07d30c5c5867acf6a3ec763086a9c3d1ea5c7e6783c1550e1309c67e59bf3
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3e6ab51b7fea9b96c954fbad7295549212a4501f2b7d6ea8cfb4d769188c9c7b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444a880068ddea69bf430e8f31c35b6110cf5267d43d11e04a3706b35624bfc3
482e69cba29a9da570e03f2f5cb4622c55d9dfad6a0d259c4544687ab9a807f1
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
551c40b4302fb7eb1a72828a1d7a8f5e601bfef9cc41d47e1a236621ef613948
5c6c8d8c0e52c66587d5f15d69de975d84894fc26afc864cd7b3eebde68b426c
61a48df966342184b9e56cec3a830dd96db8a7b9c2acfcf633b5840fc58600e6
654715f4f66086945e69529860437544fe1e0e5600b66183b08563accbb46c2d
7551b30212e019b6eab6d37dced50c505856e13eaa50166a272739621ad9c0c4
7c9e5a30fa855bce862506d44d6290908b0a7f8f8f594421bf978246f57c46c3
7ceef7255a57fbb31049abef6248543f1c3683663f3031400aa8d632268fb8fa
816ca64c1c6fb70e45e39917bcdfc4f36ca8b44f0cd795326518876bf8c60f3e
8bb3c0b36baf6fbb4fb8df2f782cca48261d07bad91bf735988c5fbcbf0c3493
9731178a65895ad7a2835bb97c7d3e1fbb030448ce0af77fad66d45559beee0d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ad8e4171095b1e7f96228ce1fc8ad5b14f9e497cbc0378dd0cf315d53ce4bdd3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b2c3b4c5ad1443bc57297b9757f0c9ab1edcac63189593af05ea77ea548ccccb
b5c857be86734603971b5d3829e51474df4b04766afb66f7ab80aca841fb95a7
be3da83cefe4c17df0e28e30dead9b626c53fb9630a8d7fac75e4958a1c5ba6c
bf63c8890a560c03012c153f1fe95edfd964e20b28900b3bcc2af9b0a00e1b0d
c67dff32304c5dd97ef9c1e8de483220c0f04a569665dcac7dbf3729a456d48d
c830adb39beb1bc097f8fd73f38a2db6f78703b3d1d774a823d7a45dcc312f66
d402df3f9e4090c7f02b39ae3296125c7f709fcd9d20e34dc23806bce0b373c0
d65d3eb1de251f121bf6c80585b4fb5bc597242323e039a3b3a1cb7ce14ad67e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e7648893aafd1c7138334b6c58f28bc06104cc54ed08d1d23e7f316a6a0092a2
e79680516f7aebb8535d875afb21b608dc955fa48f3084502858ea7513ba547c
f76550b0f5aee05989c369fa7a530b2909a7dc64134f785037c9026c5be30924