urlscan.io logo urlscan.io
SecurityTrails logo

api.curro.co.za Open in urlscan Pro
41.0.204.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mailers.curro.co.za/s/t/l/633408621d62d141063bb1a5/3b7059334304526c7b0dd4b6f1896543
Effective URL: https://api.curro.co.za/Parents/public/file/832f35cf-9777-40a5-9241-d988a37ba4f2
Submission: On September 28 via api from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 1 domains to perform 1 HTTP transactions. The main IP is 41.0.204.23, located in Stellenbosch, South Africa and belongs to Vodacom-VB, ZA. The main domain is api.curro.co.za.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 22nd 2022. Valid for: a year.
This is the only time api.curro.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

High School CAB - Term 3 2022.pdf 3 MB application/pdf
MIME: PDF document, version 1.7
Size: 3 MB (3303815 bytes, 100% done)
Downloaded from: https://api.curro.co.za/Parents/public/file/832f35cf-9777-40a5-9241-d988a37ba4f2

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 41.0.204.23 36994 (Vodacom-VB)
1 1
Apex Domain
Subdomains		 Transfer
2 curro.co.za
mailers.curro.co.za
api.curro.co.za
2 KB
1 1
Domain Requested by
1 api.curro.co.za
1 mailers.curro.co.za 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
*.curro.co.za
Sectigo RSA Domain Validation Secure Server CA		 2022-02-22 -
2023-02-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api.curro.co.za/Parents/public/file/832f35cf-9777-40a5-9241-d988a37ba4f2
Frame ID: 60D68E1D6A4502EC1DB5085603422F0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 832f35cf-9777-40a5-9241-d988a37ba4f2
api.curro.co.za/Parents/public/file/
Redirect Chain
  • https://mailers.curro.co.za/s/t/l/633408621d62d141063bb1a5/3b7059334304526c7b0dd4b6f1896543
  • https://api.curro.co.za/Parents/public/file/832f35cf-9777-40a5-9241-d988a37ba4f2
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.curro.co.za/Parents/public/file/832f35cf-9777-40a5-9241-d988a37ba4f2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
41.0.204.23 Stellenbosch, South Africa, ASN36994 (Vodacom-VB, ZA),
Reverse DNS
vc-vb-41-0-204-23.ens.vodacom.co.za
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=14400
Content-Disposition
attachment; filename="High School CAB - Term 3 2022.pdf"
Content-Length
3303815
Content-Type
application/octet-stream
Date
Wed, 28 Sep 2022 09:00:58 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
751b4aade9809085-FRA
content-security-policy
script-src 'unsafe-inline' 'unsafe-eval' 'self' *.cloudfront.net *.cloudflare.com *.mailercdn.net www.google.com *.googlecode.com ajax.google.com ajax.googleapis.com cdnjs.cloudflare.com styleguide.everlytic.com updatemybrowser.org/umb.js www.gstatic.com www.google-analytics.com maps.googleapis.com *.maxcdn.com cdn.jsdelivr.net code.jquery.com cdn.rawgit.com mailers.curro.co.za cdn4.mailercdn.net; style-src 'unsafe-inline' 'self' styleguide.everlytic.com fonts.googleapis.com www.google.com ajax.googleapis.com *.cloudfront.net *.mailercdn.net www.gstatic.com mailers.curro.co.za cdn4.mailercdn.net; font-src 'self' fonts.gstatic.com styleguide.everlytic.com *.cloudfront.net *.mailercdn.net mailers.curro.co.za cdn4.mailercdn.net; connect-src 'self' www.google-analytics.com stats.g.doubleclick.net maps.googleapis.com *.everlytic.net mailers.curro.co.za cdn4.mailercdn.net
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=U5jp7bWGnIsZ_lcObG8ZCtH.d0o_Dje5YUe6VyA1Ac4-1664355658-0-AeRAWGg4oFop9aaj2H36ag8Aj7L1yjZore5PqIiQ3C1zwrlbM8IqK9FpcoyT3dbT44k3rHlZMxKn05d2CxowPunBe9bzlbwkjpE-bjWj8k26; report-to cf-csp-endpoint
content-type
text/html; charset=UTF-8
date
Wed, 28 Sep 2022 09:00:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://api.curro.co.za/Parents/public/file/832f35cf-9777-40a5-9241-d988a37ba4f2
pragma
no-cache
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=U5jp7bWGnIsZ_lcObG8ZCtH.d0o_Dje5YUe6VyA1Ac4-1664355658-0-AeRAWGg4oFop9aaj2H36ag8Aj7L1yjZore5PqIiQ3C1zwrlbM8IqK9FpcoyT3dbT44k3rHlZMxKn05d2CxowPunBe9bzlbwkjpE-bjWj8k26"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

2 Cookies

Domain/Path Name / Value
mailers.curro.co.za/ Name: EVSESSIONID
Value: vcn3r2jfbe3qjj6h07arv5vr8h
.mailers.curro.co.za/ Name: __cf_bm
Value: z3hxZcuIYxoCe4kBlui76s3gUKRAAsI5dNRrUoxEr00-1664355658-0-AeMOTme3V2EKXIag74lPu0CljpCAQvDA5VGzwkNR8ojMFmgSQOGytm4JESeoe2COEyafr10TnwpbxgZoniX67Jc=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.curro.co.za
mailers.curro.co.za
2606:4700::6812:1087
41.0.204.23