cavendishgroup.co.uk Open in urlscan Pro
104.37.183.1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.mines.gov.zw/sites/app/
Effective URL:
https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
Submission: On March 04 via manual (March 4th 2020, 1:57:23 pm UTC) from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 104.37.183.1, located in United States and belongs to NUCDN, US. The main domain is cavendishgroup.co.uk.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 27th 2020. Valid for: 3 months.

This is the only time cavendishgroup.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banca Sella (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	209.88.90.11 209.88.90.11	37204 (TELONE) (TELONE)
13	104.37.183.1 104.37.183.1	23393 (NUCDN) (NUCDN)
13	1

1 209.88.90.11 (Zimbabwe) 1 redirects

ASN37204 (TELONE, ZW)

www.mines.gov.zw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.37.183.1 (United States)

ASN23393 (NUCDN, US)

cavendishgroup.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	cavendishgroup.co.uk cavendishgroup.co.uk	77 KB
1	mines.gov.zw 1 redirects www.mines.gov.zw	317 B
13	2

	Domain	Requested by
13	cavendishgroup.co.uk	cavendishgroup.co.uk
1	www.mines.gov.zw	1 redirects
13	2

This site contains no links.

Subject Issuer	Validity	Valid
cavendishgroup.co.uk Let's Encrypt Authority X3	`2020-01-27` - `2020-04-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
Frame ID: C29400AC3A2C43895895B200672A7A1E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.mines.gov.zw/sites/app/ HTTP 301
https://cavendishgroup.co.uk/app/MyApp/Soft-app/ Page URL
https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

77 kB
Transfer

123 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.mines.gov.zw/sites/app/ HTTP 301
https://cavendishgroup.co.uk/app/MyApp/Soft-app/ Page URL
https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.mines.gov.zw/sites/app/ HTTP 301
https://cavendishgroup.co.uk/app/MyApp/Soft-app/

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
cavendishgroup.co.uk/app/MyApp/Soft-app/
Redirect Chain

http://www.mines.gov.zw/sites/app/
https://cavendishgroup.co.uk/app/MyApp/Soft-app/

61 B
348 B

146ms
28ms

Document
text/html

104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

a03476acf4f2261bbfcde957a83c879ec54c92fe2439de9fc6298a7fadb53411

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: cavendishgroup.co.uk
:scheme: https
:path: /app/MyApp/Soft-app/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-cache-status: Hit (1)
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
x-beluga-record: e1bf74088c2d0173226417496bd024503870a1be
x-beluga-response-time: 11 ms
x-beluga-status: 003
x-beluga-trace: 07e47fde-be3a-413b-a89d-6d1a325f7d7e
x-content-type-options: nosniff
content-length: 61
date: Wed, 04 Mar 2020 13:57:00 GMT

Redirect headers

Date: Wed, 04 Mar 2020 20:56:55 GMT
Server: Apache/2.4.6 (CentOS) PHP/7.0.33
X-Powered-By: PHP/7.0.33
Location: https://cavendishgroup.co.uk/app/MyApp/Soft-app/
Content-Length: 2236
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 Primary Request / Show response
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 16 KB
3 KB 27ms
27ms Document
text/html 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

72ff73ce57e732941a50dca7a5a73147ed36f13275c24fe8fb25493c4e663c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: cavendishgroup.co.uk
:scheme: https
:path: /app/MyApp/Soft-app/fatturazione/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/

Response headers

status: 200
content-encoding: gzip
content-type: text/html
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-cache-status: Hit (1)
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
x-beluga-record: 40a1cb311888a2170218e0228ddbfc67dde6fb76
x-beluga-response-time: 11 ms
x-beluga-status: 003
x-beluga-trace: 07e698c3-9475-45fa-8bac-5336346a32e3
x-content-type-options: nosniff
content-length: 3455
date: Wed, 04 Mar 2020 13:57:00 GMT

GET
H2 200 jquery-oui.css
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 28 KB
7 KB 29ms
28ms Stylesheet
text/css 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/jquery-oui.css

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

cd9d50c2ed2435774cb02b8f38f4292f40a3a54fb87a5a88b0819b6a1c1c6c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-status: 003
content-type: text/css
status: 200
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-response-time: 10 ms
x-beluga-trace: 12399570-fe5a-4343-96d4-05732bead08c
x-beluga-record: 04b3f7a3ac7f33f3d0a2411fb556117fa7132fc2
expires: Tue, 17 Mar 2020 12:38:22 GMT

GET
H2 200 art.css
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 16 KB
4 KB 29ms
29ms Stylesheet
text/css 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/art.css

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

0906538538374c933f0afe4429f0339292af66ce2e8934cf7cde4ec701bda24d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-status: 003
content-type: text/css
status: 200
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-response-time: 9 ms
x-beluga-trace: 075536bd-b485-4cd5-ac0e-161b14be96e2
x-beluga-record: b7bee133fccced433fc94b2629f8fcc70b25ff81
expires: Wed, 18 Mar 2020 12:08:52 GMT

GET
H2 200 Browser.css
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 3 KB
961 B 35ms
34ms Stylesheet
text/css 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/Browser.css

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

377bbde16c41beb713154c2c290c5e4fad31dc9ecd5872ea863461143f1aa84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-beluga-response-time: 10 ms
x-beluga-status: 003
content-length: 866
x-beluga-record: 3ae23be862c07465760a5d4d720e2a4d4cb88522
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
content-type: text/css
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-trace: 71155da5-5874-4a20-aec2-de7ac183c0ac
expires: Tue, 17 Mar 2020 12:38:22 GMT

GET
H2 200 BSEPAGAM.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 3 KB
4 KB 31ms
30ms Image
image/svg+xml 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/BSEPAGAM.svg

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

b7df3f607e2704502e16154beb52a35346a937ab5ccd276ccb288f0c5a7aad66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-status: 003
content-type: image/svg+xml
status: 200
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-response-time: 9 ms
x-beluga-trace: c41a9fde-8c8b-45e1-b56f-478d1ab3d4de
content-length: 3567
x-beluga-record: 36cfcdb0d1b2b718c17c808518cd58a15bce9af5
expires: Mon, 09 Mar 2020 11:38:14 GMT

GET
H2 200 language_it.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 752 B
847 B 35ms
34ms Image
image/svg+xml 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/language_it.svg

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

893899185a057e264b6b13635054edd3ae805c6abc2767a7ab79b361edc8f9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-status: 003
content-type: image/svg+xml
status: 200
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-response-time: 11 ms
x-beluga-trace: 769c1fd0-89a7-4873-bf46-e882ba76eb4a
content-length: 752
x-beluga-record: a3b04c308670e6aae7aa081f9a10c9aaa82b9b42
expires: Mon, 09 Mar 2020 11:38:14 GMT

GET
H2 200 ico_arrowhead_progressBar_finished.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 2 KB
2 KB 27ms
26ms Image
image/svg+xml 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ico_arrowhead_progressBar_finished.svg

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

80052e087c7689485037572a21818f76c1132d3f447b76e619a07bb6e77431d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-status: 003
content-type: image/svg+xml
status: 200
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-response-time: 8 ms
x-beluga-trace: 1a5411e9-bd89-4a05-bc26-7f0daa08210c
content-length: 2123
x-beluga-record: 91ca2df523407a3f55057f2c588a3655c152158d
expires: Mon, 09 Mar 2020 11:38:14 GMT

GET
H2 200 ico_arrowhead_progressBar_now.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 2 KB
2 KB 25ms
25ms Image
image/svg+xml 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ico_arrowhead_progressBar_now.svg

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

78968380547ed62f00c1d115f573b73fd7c928bc3c418dbc2ea0934406edf912

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-status: 003
content-type: image/svg+xml
status: 200
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-response-time: 10 ms
x-beluga-trace: a4f8a828-b52d-40d1-acee-69109202a193
content-length: 2134
x-beluga-record: 978a50ae3b1fe7d1c7ddb1ad5cda93971535b739
expires: Mon, 09 Mar 2020 11:38:14 GMT

GET
H2 200 ico_arrowhead_progressBar_next.svg
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 2 KB
2 KB 24ms
24ms Image
image/svg+xml 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ico_arrowhead_progressBar_next.svg

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

55cc680096c147031170a3f5bc174ae7c721d8ec9c4a4495c1cff47ecd2fa9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-status: 003
content-type: image/svg+xml
status: 200
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-response-time: 10 ms
x-beluga-trace: 47afddb6-5d05-4336-8105-643126ec5054
content-length: 2135
x-beluga-record: aa8e5b75e386d234c5eb6d26e4a2fbfdf4bcc42a
expires: Mon, 09 Mar 2020 11:38:14 GMT

GET
H2 200 space.gif
cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/ 43 B
147 B 23ms
23ms Image
image/gif 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/space.gif

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 04 Mar 2020 13:57:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 15 Feb 2020 14:53:07 GMT
server: NuCDN/v2.56.1-2-g213bfd2
x-beluga-status: 003
content-type: image/gif
status: 200
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: max-age=1209600
x-beluga-response-time: 9 ms
x-beluga-trace: 8cf471a1-5d1e-4879-921a-839d507a5e7f
content-length: 43
x-beluga-record: 3ba695e458b373b4539802b199fddc6e45ddb483
expires: Mon, 09 Mar 2020 11:38:14 GMT

GET
H2 404 ico_arrowhead_main.svg
cavendishgroup.co.uk/app/MyApp/images/ 25 KB
25 KB 412ms
412ms Image
text/html 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cavendishgroup.co.uk/app/MyApp/images/ico_arrowhead_main.svg

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

33654fff2b63b0920860cb456c8f09f74cabfd111d6488072c50c625a533bb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/art.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-beluga-cache-status: Miss
date: Wed, 04 Mar 2020 13:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 404
x-beluga-response-time: 377 ms
x-beluga-status: 000
x-beluga-record: be8e2bf24c90e0b2cc8331191e043eea3954fb87
server: NuCDN/v2.56.1-2-g213bfd2
content-language: en
x-generator: Drupal 7 (http://drupal.org)
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
x-beluga-trace: b24d5eb9-3d85-4c75-9cc4-bc544a545f4a
content-type: text/html; charset=utf-8
expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 404 ico_arrowhead_back.svg
cavendishgroup.co.uk/app/MyApp/images/ 25 KB
25 KB 450ms
449ms Image
text/html 104.37.183.1
NUCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cavendishgroup.co.uk/app/MyApp/images/ico_arrowhead_back.svg

Requested by

Host: cavendishgroup.co.uk
URL: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.37.183.1 , United States, ASN23393 (NUCDN, US),

Reverse DNS

Software

NuCDN/v2.56.1-2-g213bfd2 /

Resource Hash

df34d948e181eecbe4bd743c2b1f90a5bbbb8468c8d272f0f8c7abbe1b1ac361

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cavendishgroup.co.uk/app/MyApp/Soft-app/fatturazione/art.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-beluga-cache-status: Miss
date: Wed, 04 Mar 2020 13:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 404
x-beluga-response-time: 377 ms
x-beluga-status: 000
x-beluga-record: d64372609f67edf510e8afd67ebb632aff5ae66c
server: NuCDN/v2.56.1-2-g213bfd2
content-language: en
x-generator: Drupal 7 (http://drupal.org)
x-beluga-node: d79bf6c4-f046-4b8d-bb01-15feddf74485
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
x-beluga-trace: dd12b034-4713-460a-a39c-7dfe0e4d4158
content-type: text/html; charset=utf-8
expires: Sun, 19 Nov 1978 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banca Sella (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cavendishgroup.co.uk
www.mines.gov.zw
104.37.183.1
209.88.90.11
0906538538374c933f0afe4429f0339292af66ce2e8934cf7cde4ec701bda24d
33654fff2b63b0920860cb456c8f09f74cabfd111d6488072c50c625a533bb46
377bbde16c41beb713154c2c290c5e4fad31dc9ecd5872ea863461143f1aa84b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55cc680096c147031170a3f5bc174ae7c721d8ec9c4a4495c1cff47ecd2fa9ab
72ff73ce57e732941a50dca7a5a73147ed36f13275c24fe8fb25493c4e663c85
78968380547ed62f00c1d115f573b73fd7c928bc3c418dbc2ea0934406edf912
80052e087c7689485037572a21818f76c1132d3f447b76e619a07bb6e77431d3
893899185a057e264b6b13635054edd3ae805c6abc2767a7ab79b361edc8f9c8
a03476acf4f2261bbfcde957a83c879ec54c92fe2439de9fc6298a7fadb53411
b7df3f607e2704502e16154beb52a35346a937ab5ccd276ccb288f0c5a7aad66
cd9d50c2ed2435774cb02b8f38f4292f40a3a54fb87a5a88b0819b6a1c1c6c32
df34d948e181eecbe4bd743c2b1f90a5bbbb8468c8d272f0f8c7abbe1b1ac361

cavendishgroup.co.uk Open in urlscan Pro 104.37.183.1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

77 kBTransfer

123 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

cavendishgroup.co.uk Open in urlscan Pro
104.37.183.1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

77 kB
Transfer

123 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!