Report - 8d16a0eb4a.nxcli.io/cpres/jas/index.htm

Report Overview

Visited public
2024-03-13 16:46:23
Tags
nedbank financial phishing
URL
8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Finishing URL
8d16a0eb4a.nxcli.io/cpres/jas/index.htm
IP / ASN
185.145.13.94
#202521 Liquid Web B.V.
Title
Online Banking
Phishing - Nedbank

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
8d16a0eb4a.nxcli.io	unknown	2017-12-05	2024-01-07 15:07:20	2024-03-13 16:16:30	15 kB	1.4 MB	185.145.13.94
secured.nedbank.co.za	unknown	1996-06-08	2019-04-03 12:44:26	2024-02-14 00:14:36	434 B	2.2 kB	168.142.204.82

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-13	medium	8d16a0eb4a.nxcli.io/cpres/jas/index.htm	NedBank Limited

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (29)

URL IP Response Size

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/logo.PNG

185.145.13.94

200 OK

51 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/logo.PNG
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
PNG image data, 57 x 58, 8-bit/color RGBA, non-interlaced
Size
51 kB (51356 bytes)
Hash
b593b661140ec418f761a7aacee763fc
ab4594a13e39bee98e043a4c14b1e852e9538ec4
387eb324b928bd34df5a8e5ec66bd548c64598c979c16a4bd100269d46940c0d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/logo.PNG HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: image/png
content-length: 51356
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: "c89c-5f91334052300"
x-cache-nxaccel: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/entrust_site_seal_ssl.png

185.145.13.94

200 OK

19 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/entrust_site_seal_ssl.png
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
PNG image data, 350 x 350, 8-bit colormap, non-interlaced
Size
19 kB (18758 bytes)
Hash
e47461fd49a0426768698ade98b259e2
501132059c531265f3898e5b6d8646ac3886cfbb
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/entrust_site_seal_ssl.png HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: image/png
content-length: 18758
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: "4946-5f91334052300"
x-cache-nxaccel: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/outline-cheque.fe9bf6957964461d3cd2.svg

185.145.13.94

404 Not Found

53 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/outline-cheque.fe9bf6957964461d3cd2.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (18299)
Size
53 kB (52629 bytes)
Hash
a26e79d7f355811e8bd0537516940827
252675e8bd2cf3375df749501f4f55a8ee9f3292
cbd0fce93d8dc06c3c3f79c8a18a8fe514b9d9ca51d571a085a6b9a2e63f2ab9

HTTP Headers

GET /cpres/jas/outline-cheque.fe9bf6957964461d3cd2.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/icon-chat-thin.e1e44890317f84171fc1.svg

185.145.13.94

404 Not Found

78 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/icon-chat-thin.e1e44890317f84171fc1.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (18299)
Size
78 kB (77954 bytes)
Hash
a10d4ccaafeddf1356b150cc4bab2d1f
78fec8cf31ffcbad629e01843895d2b754a77803
1b51b7b419d7c8ff977e0302e441bf656af0ad639116fecb8903576e4d954ae6

HTTP Headers

GET /cpres/jas/icon-chat-thin.e1e44890317f84171fc1.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/Arrow.941e2f83c935ad00fedf.svg

185.145.13.94

404 Not Found

52 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/Arrow.941e2f83c935ad00fedf.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (18299)
Size
52 kB (51530 bytes)
Hash
a45022d0bfef9c4652811abdf7556bcd
960e3f92a0adc4ec8cdc6036201f765db6c799b4
f9cfc5e3bc671950f727142b390c3411ce0de1b3c0178205cb54edec1b268206

HTTP Headers

GET /cpres/jas/Arrow.941e2f83c935ad00fedf.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/GooglePlay.svg

185.145.13.94

200 OK

5.0 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/GooglePlay.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
SVG Scalable Vector Graphics image
Size
5.0 kB (5017 bytes)
Hash
56b446863643039c5c386e785054f8f8
8509aa1bbc637474b87bb386d4d23f2a73283cd9
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/GooglePlay.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: W/"590b-5f91334052300"
x-cache-nxaccel: HIT
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-secure.svg

185.145.13.94

200 OK

2.2 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-secure.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
SVG Scalable Vector Graphics image
Size
2.2 kB (2187 bytes)
Hash
2ac190a1585df4726aaab558465a3677
4724c9e5a01d8a67502afa1f3aee0a799c5e674f
5c6c8d8c0e52c66587d5f15d69de975d84894fc26afc864cd7b3eebde68b426c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-secure.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: W/"1593-5f91334052300"
x-nocache: 1
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css

185.145.13.94

200 OK

40 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
ASCII text, with very long lines (65352)
Size
40 kB (39562 bytes)
Hash
d5b49dcb8e20c1961756d53388b9b323
185f51d4cb17441438ed57d00b9a82dcaba8e0af
d4787b527aa74a6ab272ba84372a8b1dd7fb76f3e64dec16db6f3d3abaf3501f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: W/"3b521-5f91334052300"
x-cache-nxaccel: HIT
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.ttf

185.145.13.94

404 Not Found

32 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.ttf
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (18299)
Size
32 kB (32359 bytes)
Hash
818e160de6af121d0d5ccdf6bb4c6fd6
c8e79898b773f39e0781bd55c8b788ef88251e03
ec02940142bcaae703e8cfc5c7cb58bc2c1e53062cfcb4b595a32af8f6a6f63f

HTTP Headers

GET /assets/fonts/fonts/FFMarkWebProMedium.ttf HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-fast.svg

185.145.13.94

200 OK

13 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-fast.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
SVG Scalable Vector Graphics image
Size
13 kB (13262 bytes)
Hash
81a16172e4f2f3144e41fb7b161479ce
e402f0b8ba2d98fb397e153ab2f479d323ba0c96
e79680516f7aebb8535d875afb21b608dc955fa48f3084502858ea7513ba547c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-fast.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: W/"14a6-5f91334052300"
x-nocache: 1
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.eot

185.145.13.94

404 Not Found

59 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.eot
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (18299)
Size
59 kB (59333 bytes)
Hash
8059ed9bb27b20ad231924cdec462f49
06ec21892bfe43628b71f03eaab0bdf48d180200
38c43d5dfa6573cf92155c3a78d74fc78617b66f35544a338adbc077bcb2dc77

HTTP Headers

GET /assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.eot HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/contact-blank-green.0dde8e4b338f10363bc5.svg

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/contact-blank-green.0dde8e4b338f10363bc5.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66536 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cpres/jas/contact-blank-green.0dde8e4b338f10363bc5.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.woff2

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.woff2
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66390 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/fonts/FFMarkWebProRegular.woff2 HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

secured.nedbank.co.za/nedbank.ico

168.142.204.82

200 OK

1.4 kB

URL GET HTTP/1.1
secured.nedbank.co.za/nedbank.ico
IP
168.142.204.82:443
ASN
#3741 IS

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerEntrust, Inc.
Subjectsecured.nedbank.co.za
Fingerprint3D:D5:F2:64:C9:AA:FA:3E:3C:05:2E:AD:FC:67:96:A6:6E:05:4D:A4
ValidityFri, 01 Sep 2023 07:07:19 GMT - Tue, 01 Oct 2024 07:07:18 GMT

File type
MS Windows icon resource - 1 icon, 18x18, 32 bits/pixel
Size
1.4 kB (1430 bytes)
Hash
68773d46f68cd092f7aac1b70d211e01
bbe705f043f03d491232a63d29e5b8b6befb031e
4fbd7df4e4d5012b82c14234382d58275c3fe42c98162c05bbb4bc98c79ef9f5

HTTP Headers

GET /nedbank.ico HTTP/1.1
Host: secured.nedbank.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: image/x-icon
Expires: Wed, 05 Jul 2017 00:00:00 GMT,0
Last-Modified: Mon, 19 Feb 2024 07:31:56 GMT
Accept-Ranges: bytes
ETag: "0be2cb7563da1:0"
Content-Security-Policy: default-src * 'self' data: 'unsafe-inline' 'unsafe-eval' * blob:; frame-src 'self' *.nedbank.co.za https://d21ctq9anmk97c.cloudfront.net      https://d3rnm236tp90vs.cloudfront.net https://d140zf541n5jhi.cloudfront.net *.advanced-web-analytics.com https://nedbank.demdex.net blob:
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Date: Wed, 13 Mar 2024 16:45:57 GMT
Content-Length: 1430

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/NedbankExperience.svg

185.145.13.94

200 OK

12 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/NedbankExperience.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
SVG Scalable Vector Graphics image
Size
12 kB (12340 bytes)
Hash
3c30ea4f3370147c14d614b4e82323b1
f212ae8d2f0d655a1aed7ca8b43c13ba96aa159e
3bf07d30c5c5867acf6a3ec763086a9c3d1ea5c7e6783c1550e1309c67e59bf3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/NedbankExperience.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: W/"3034-5f91334052300"
x-cache-nxaccel: HIT
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-easy.svg

185.145.13.94

200 OK

4.1 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-easy.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
SVG Scalable Vector Graphics image
Size
4.1 kB (4147 bytes)
Hash
2fc9f08e613579093f4d71ffd43a51bf
7fac40ac3bea5f6f30ee4ac2b848e632d9d9b1f7
aef77e4450f134fe19b5cddc70b04832ed821308a2a864f05402b82915e3c0c0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/login-easy.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: W/"1033-5f91334052300"
x-nocache: 1
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Bold.otf

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Bold.otf
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66450 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Bold.otf HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.woff

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.woff
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66360 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/fonts/FFMarkWebProMedium.woff HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.otf

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.otf
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66375 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/FF%20Mark/FontFont%20-%20MarkPro.otf HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Medium.otf

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Medium.otf
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66480 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/FF%20Mark/FontFont%20-%20MarkPro-Medium.otf HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/close-gray.840a1d9e5d4f2693cbdf.svg

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/close-gray.840a1d9e5d4f2693cbdf.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66401 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cpres/jas/close-gray.840a1d9e5d4f2693cbdf.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.ttf

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.ttf
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66360 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/fonts/FFMarkWebProRegular.ttf HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/AppStoreBadge.svg

185.145.13.94

200 OK

12 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/AppStoreBadge.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type
SVG Scalable Vector Graphics image
Size
12 kB (12224 bytes)
Hash
1cfd5dba4a9210bcf77f5dbe48ec2e66
b18020f162dece51251489be269db7629a223fcd
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Nedbank

HTTP Headers

GET /cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/AppStoreBadge.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:55:56 GMT
etag: W/"2fc0-5f91334052300"
x-cache-nxaccel: HIT
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/location-blank-green.a212a0d3423c5f200809.svg

185.145.13.94

404 Not Found

67 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/location-blank-green.a212a0d3423c5f200809.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
67 kB (66551 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cpres/jas/location-blank-green.a212a0d3423c5f200809.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.eot

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.eot
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66345 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/fonts/FFMarkWebProMedium.eot HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/index.htm

185.145.13.94

200 OK

128 kB

URL User Request GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/index.htm
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
128 kB (127933 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	NedBank Limited

HTTP Headers

GET /cpres/jas/index.htm HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 13 Mar 2024 16:45:56 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2024 05:53:05 GMT
etag: W/"1f3bd-6137045963240"
x-cache-nxaccel: BYPASS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/cpres/jas/NedbankIcon.7492cce283df004f1ef8.svg

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/cpres/jas/NedbankIcon.7492cce283df004f1ef8.svg
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66416 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cpres/jas/NedbankIcon.7492cce283df004f1ef8.svg HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.woff

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProRegular.woff
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66375 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/fonts/FFMarkWebProRegular.woff HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.woff2

185.145.13.94

404 Not Found

66 kB

URL GET HTTP/2
8d16a0eb4a.nxcli.io/assets/fonts/fonts/FFMarkWebProMedium.woff2
IP
185.145.13.94:443
ASN
#202521 Liquid Web B.V.

Requested by
https://8d16a0eb4a.nxcli.io/cpres/jas/index.htm
Certificate
IssuerLet's Encrypt
Subject8d16a0eb4a.nxcli.io
Fingerprint10:5A:5B:A8:18:56:83:95:43:9B:39:CD:30:67:A6:71:93:9B:AF:F9
ValidityFri, 08 Mar 2024 07:11:42 GMT - Thu, 06 Jun 2024 07:11:41 GMT

File type

Size
66 kB (66375 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/fonts/fonts/FFMarkWebProMedium.woff2 HTTP/1.1
Host: 8d16a0eb4a.nxcli.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8d16a0eb4a.nxcli.io/cpres/jas/LWxlZnQgPiAuYXJyb3csW3Vp_files/styles.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Wed, 13 Mar 2024 16:45:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-robots-tag: none
x-powered-by: Craft CMS
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (29)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections