lindavanduuren.co.za Open in urlscan Pro
41.185.29.168 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lindavanduuren.co.za/insight/index.html
Submission: On June 19 via manual (June 19th 2017, 2:29:45 pm UTC) from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 41.185.29.168, located in South Africa and belongs to webafrica, ZA. The main domain is lindavanduuren.co.za.

This is the only time lindavanduuren.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address		AS Autonomous System
8	41.185.29.168 41.185.29.168		36943 (webafrica) (webafrica)
8	1

8 41.185.29.168 (South Africa)

ASN36943 (webafrica, ZA)
PTR: marvin.thuso.com

lindavanduuren.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	lindavanduuren.co.za lindavanduuren.co.za	170 KB
8	1

	Domain	Requested by
8	lindavanduuren.co.za	lindavanduuren.co.za
8	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://lindavanduuren.co.za/insight/index.html
Frame ID: 21551.1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

170 kB
Transfer

170 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response lindavanduuren.co.za/insight/	3 KB 3 KB	685ms 172ms	Document text/html	41.185.29.168 webafrica
General Check archive.org Show headers Download Go to Full URL http://lindavanduuren.co.za/insight/index.html Protocol HTTP/1.1 Server 41.185.29.168 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS marvin.thuso.com Software Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 / Resource Hash `49c2bf13b80703fe1ca23cabcd70c7c9f6d795c3b1fe88a24a18e73e0cfce7d6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36 Response headers Date Mon, 19 Jun 2017 14:29:33 GMT Last-Modified Wed, 01 Feb 2017 11:57:24 GMT Server Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 ETag "9a4db5-bae-54776c0729100" Content-Type text/html Connection close Accept-Ranges bytes Content-Length 2990
GET H/1.1	200 OK	qa.png lindavanduuren.co.za/insight/images/	131 KB 131 KB	192ms 192ms	Image image/png	41.185.29.168 webafrica
General Check archive.org Show headers Download Go to Show image Full URL http://lindavanduuren.co.za/insight/images/qa.png Requested by Host: lindavanduuren.co.za URL: http://lindavanduuren.co.za/insight/index.html Protocol HTTP/1.1 Server 41.185.29.168 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS marvin.thuso.com Software Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 / Resource Hash `b58ca81792cea760741fe675a6261885a1275e72a0c30f4f56db71149dc0d8b5` Request headers Referer http://lindavanduuren.co.za/insight/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36 Response headers Date Mon, 19 Jun 2017 14:29:33 GMT Last-Modified Thu, 16 Feb 2017 14:44:26 GMT Server Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 ETag "9a4db2-20aa2-548a6d56cc680" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 133794
GET H/1.1	200 OK	a1.png lindavanduuren.co.za/insight/images/	8 KB 8 KB	357ms 186ms	Image image/png	41.185.29.168 webafrica
General Check archive.org Show headers Download Go to Show image Full URL http://lindavanduuren.co.za/insight/images/a1.png Requested by Host: lindavanduuren.co.za URL: http://lindavanduuren.co.za/insight/index.html Protocol HTTP/1.1 Server 41.185.29.168 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS marvin.thuso.com Software Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 / Resource Hash `99c833969c699469305b3ff0d319913692f8b6e851879de3121f242cebfb0395` Request headers Referer http://lindavanduuren.co.za/insight/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36 Response headers Date Mon, 19 Jun 2017 14:29:33 GMT Last-Modified Wed, 01 Feb 2017 08:14:38 GMT Server Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 ETag "9a4d9c-1f44-54773a3c59780" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 8004
GET H/1.1	200 OK	a2.png lindavanduuren.co.za/insight/images/	5 KB 5 KB	397ms 223ms	Image image/png	41.185.29.168 webafrica
General Check archive.org Show headers Download Go to Show image Full URL http://lindavanduuren.co.za/insight/images/a2.png Requested by Host: lindavanduuren.co.za URL: http://lindavanduuren.co.za/insight/index.html Protocol HTTP/1.1 Server 41.185.29.168 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS marvin.thuso.com Software Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 / Resource Hash `5690e632645306e68d7b0d03474c396efd71bda18c89e5f5c7eb273ec769cdc3` Request headers Referer http://lindavanduuren.co.za/insight/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36 Response headers Date Mon, 19 Jun 2017 14:29:33 GMT Last-Modified Wed, 01 Feb 2017 08:22:38 GMT Server Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 ETag "9a4d9d-1429-54773c061cf80" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 5161
GET H/1.1	200 OK	a3.png lindavanduuren.co.za/insight/images/	6 KB 6 KB	397ms 223ms	Image image/png	41.185.29.168 webafrica
General Check archive.org Show headers Download Go to Show image Full URL http://lindavanduuren.co.za/insight/images/a3.png Requested by Host: lindavanduuren.co.za URL: http://lindavanduuren.co.za/insight/index.html Protocol HTTP/1.1 Server 41.185.29.168 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS marvin.thuso.com Software Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 / Resource Hash `af8560e84ff5a79b8df1adff3972f6d2a08181a53505e628353ce311bee5821e` Request headers Referer http://lindavanduuren.co.za/insight/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36 Response headers Date Mon, 19 Jun 2017 14:29:33 GMT Last-Modified Wed, 01 Feb 2017 08:22:50 GMT Server Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 ETag "9a4d9e-1758-54773c118ea80" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 5976
GET H/1.1	200 OK	a4.png lindavanduuren.co.za/insight/images/	4 KB 4 KB	409ms 234ms	Image image/png	41.185.29.168 webafrica
General Check archive.org Show headers Download Go to Show image Full URL http://lindavanduuren.co.za/insight/images/a4.png Requested by Host: lindavanduuren.co.za URL: http://lindavanduuren.co.za/insight/index.html Protocol HTTP/1.1 Server 41.185.29.168 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS marvin.thuso.com Software Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 / Resource Hash `0bb84165ef55e9c6bfacd36ee92617b5e1f47b0327343b161c7f5001803bdfbd` Request headers Referer http://lindavanduuren.co.za/insight/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36 Response headers Date Mon, 19 Jun 2017 14:29:33 GMT Last-Modified Wed, 01 Feb 2017 08:22:58 GMT Server Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 ETag "9a4d9f-efd-54773c192fc80" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 3837
GET H/1.1	200 OK	a5.png lindavanduuren.co.za/insight/images/	9 KB 9 KB	715ms 193ms	Image image/png	41.185.29.168 webafrica
General Check archive.org Show headers Download Go to Show image Full URL http://lindavanduuren.co.za/insight/images/a5.png Requested by Host: lindavanduuren.co.za URL: http://lindavanduuren.co.za/insight/index.html Protocol HTTP/1.1 Server 41.185.29.168 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS marvin.thuso.com Software Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 / Resource Hash `121b8fd7828f3238e4f2f0bfa4396d4416618af9fcca34a23023a39450cd96e7` Request headers Referer http://lindavanduuren.co.za/insight/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36 Response headers Date Mon, 19 Jun 2017 14:29:34 GMT Last-Modified Wed, 01 Feb 2017 08:23:06 GMT Server Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 ETag "9a4da0-245d-54773c20d0e80" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 9309
GET H/1.1	200 OK	a6.png lindavanduuren.co.za/insight/images/	5 KB 5 KB	350ms 182ms	Image image/png	41.185.29.168 webafrica
General Check archive.org Show headers Download Go to Show image Full URL http://lindavanduuren.co.za/insight/images/a6.png Requested by Host: lindavanduuren.co.za URL: http://lindavanduuren.co.za/insight/index.html Protocol HTTP/1.1 Server 41.185.29.168 , South Africa, ASN36943 (webafrica, ZA), Reverse DNS marvin.thuso.com Software Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 / Resource Hash `678754de0de7e5dde7acf9483fe142eb1c8dd93f8a4b0b514454c30aefe6532f` Request headers Referer http://lindavanduuren.co.za/insight/index.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.104 Safari/537.36 Response headers Date Mon, 19 Jun 2017 14:29:33 GMT Last-Modified Wed, 01 Feb 2017 08:23:22 GMT Server Apache/2.4.25 (Unix) OpenSSL/1.0.1e-fips mod_bwlimited/1.4 PHP/5.6.30 ETag "9a4da1-146a-54773c3013280" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 5226

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lindavanduuren.co.za
41.185.29.168
0bb84165ef55e9c6bfacd36ee92617b5e1f47b0327343b161c7f5001803bdfbd
121b8fd7828f3238e4f2f0bfa4396d4416618af9fcca34a23023a39450cd96e7
49c2bf13b80703fe1ca23cabcd70c7c9f6d795c3b1fe88a24a18e73e0cfce7d6
5690e632645306e68d7b0d03474c396efd71bda18c89e5f5c7eb273ec769cdc3
678754de0de7e5dde7acf9483fe142eb1c8dd93f8a4b0b514454c30aefe6532f
99c833969c699469305b3ff0d319913692f8b6e851879de3121f242cebfb0395
af8560e84ff5a79b8df1adff3972f6d2a08181a53505e628353ce311bee5821e
b58ca81792cea760741fe675a6261885a1275e72a0c30f4f56db71149dc0d8b5

lindavanduuren.co.za Open in urlscan Pro 41.185.29.168 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

170 kBTransfer

170 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

lindavanduuren.co.za Open in urlscan Pro
41.185.29.168 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

170 kB
Transfer

170 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!