saico-223.ml
Open in
urlscan Pro
51.158.191.165
Malicious Activity!
Public Scan
Effective URL: http://saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33/ned.php?cmd=login_submit&id=9034568660c6db0b10d4702...
Submission: On April 22 via manual from ZA
Summary
This is the only time saico-223.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 5 | 51.158.191.165 51.158.191.165 | 12876 (AS12876) (AS12876) | |
38 | 2 |
ASN12876 (AS12876, FR)
PTR: 165-191-158-51.rev.cloud.scaleway.com
saico-223.ml |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
saico-223.ml
3 redirects
saico-223.ml |
361 KB |
0 |
nedsecure.co.za
Failed
netbank.nedsecure.co.za Failed |
|
38 | 2 |
Domain | Requested by | |
---|---|---|
5 | saico-223.ml |
3 redirects
saico-223.ml
|
0 | netbank.nedsecure.co.za Failed |
saico-223.ml
|
38 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33/ned.php?cmd=login_submit&id=9034568660c6db0b10d4702deff3c3149034568660c6db0b10d4702deff3c314&session=9034568660c6db0b10d4702deff3c3149034568660c6db0b10d4702deff3c314
Frame ID: 6B2C85C39520D7C4B8436ADEC56B8C46
Requests: 38 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://saico-223.ml/sdf/NedBank/
HTTP 302
http://saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33?cmd=login=account-service.com/a... HTTP 301
http://saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33/?cmd=login=account-service.com/... HTTP 302
http://saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33/ned.php?cmd=login_submit&id=903... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://saico-223.ml/sdf/NedBank/
HTTP 302
http://saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33?cmd=login=account-service.com/account/service HTTP 301
http://saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33/?cmd=login=account-service.com/account/service HTTP 302
http://saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33/ned.php?cmd=login_submit&id=9034568660c6db0b10d4702deff3c3149034568660c6db0b10d4702deff3c314&session=9034568660c6db0b10d4702deff3c3149034568660c6db0b10d4702deff3c314 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
ned.php
saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33/ Redirect Chain
|
357 KB 357 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style1.css
saico-223.ml/sdf/NedBank/bcfc0c883c3f6c3914a61a2aaf73df33/css/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
info.css
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.css
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-ui-1.8.16.custom.css
netbank.nedsecure.co.za/App_Themes/NedbankTheme/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Nedbank.css
netbank.nedsecure.co.za/App_Themes/NedbankTheme/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.min.js
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/jQuery/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
JQuery.js
netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-ui.min.js
netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
USSDDialog2016.js
netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
USSDPolling2016.js
netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Indemnityflow.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
MyFinancialLife.js
netbank.nedsecure.co.za/Browser/Common/Scripts/MyFinancialLife/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
RTCCutoff.js
netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
DarkHours.js
netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
BankAccountProducts.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ApplyOnline/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
arrow_down.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
arrow.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
NedbankLogoNew.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
menu_shadow_left.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
ResetPassword.js
netbank.nedsecure.co.za/Browser/Common/Scripts/ResetPassword/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Login_Top.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Promo_Left.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
lock.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
logonButton.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
SubmitButton.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
CancelButton.png
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Promo_Right.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Login_Bottom.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Promo_Top.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
banner_1.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
keyboard.jpg
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
Promo_Bottom.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
alertIcon.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
EntrustLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
PSALogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
AskOnceLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
NedbankFooterLogo.gif
netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/info.css?version=3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/branding/main.css?version=3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/jquery-ui-1.8.16.custom.css?version=3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/App_Themes/NedbankTheme/Nedbank.css?version=3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/jQuery/jquery.min.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/JQuery.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/SDK/Scripts/Common/jquery-ui.min.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/USSDDialog2016.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/Scripts/USSDAuth/USSDPolling2016.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/Scripts/Indemnityflow.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/Scripts/MyFinancialLife/MyFinancialLife.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/RTCCutoff.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/Scripts/Payments/DarkHours.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/Scripts/ApplyOnline/BankAccountProducts.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/arrow_down.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/arrow.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/NedbankLogoNew.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/menu_shadow_left.jpg
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Common/Scripts/ResetPassword/ResetPassword.js?3.7.0023.0
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Login_Top.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Left.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/lock.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/logonButton.jpg
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/SubmitButton.jpg
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/CancelButton.png
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Right.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Login_Bottom.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Top.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/banner_1.jpg
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/keyboard.jpg
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/Promo_Bottom.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/alertIcon.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/EntrustLogo.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/PSALogo.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/AskOnceLogo.gif
- Domain
- netbank.nedsecure.co.za
- URL
- https://netbank.nedsecure.co.za/Browser/Brands/Nedbank/Logon/images/NedbankFooterLogo.gif
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| event object| onselectstart object| onselectionchange function| queueMicrotask function| openclose object| rn_img1on object| rn_img1off object| rn_img2on object| rn_img2off function| showtip function| hidetip function| transfer_on_confirm function| GetPage function| MaxFrameHeight0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
netbank.nedsecure.co.za
saico-223.ml
netbank.nedsecure.co.za
51.158.191.165
ad8b5c8d56cfc152da83a2f10a01430885cc89a8aaf29316f38ffb16d33fca4a
f1b8d65ce07c5f4f8b5f1387ee86b14e6212bc49d92b5b163572a3d6b4f16fd2