kanimamboms.co.za - urlscan.io

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 154.0.168.134, located in South Africa and belongs to Afrihost, ZA. The main domain is kanimamboms.co.za.

This is the only time kanimamboms.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Excel / PDF download (Online) Adobe (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2 4	154.0.168.134 154.0.168.134	37611 (Afrihost) (Afrihost)
1	92.123.94.15 92.123.94.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2400:cb00:204... 2400:cb00:2048:1::6818:43f	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1 2	66.235.148.129 66.235.148.129	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
5	5

4 154.0.168.134 (South Africa) 2 redirects

ASN37611 (Afrihost, ZA)
PTR: obiwan.aserv.co.za

kanimamboms.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.94.15 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a92-123-94-15.deploy.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6818:43f (United States) 1 redirects

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

www.guidingtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.guidingtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.235.148.129 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d1.sc.omtrdc.net

stats.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	kanimamboms.co.za 2 redirects kanimamboms.co.za	102 KB
2	adobe.com 1 redirects stats.adobe.com	1 KB
2	guidingtech.com 1 redirects www.guidingtech.com cdn.guidingtech.com	12 KB
1	typekit.net use.typekit.net	7 KB
5	4

	Domain	Requested by
4	kanimamboms.co.za	2 redirects kanimamboms.co.za
2	stats.adobe.com	1 redirects kanimamboms.co.za
1	cdn.guidingtech.com	kanimamboms.co.za
1	www.guidingtech.com	1 redirects
1	use.typekit.net	kanimamboms.co.za
5	5

This site contains no links.

Subject Issuer	Validity	Valid
typekit.net Symantec Class 3 Secure Server CA - G4	`2017-03-20` - `2018-06-19`	a year	crt.sh
ssl386992.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-09-27` - `2018-04-05`	6 months	crt.sh

This page contains 1 frames:

Primary Page: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
Frame ID: 25879.1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kanimamboms.co.za/j1/a3/Index.php HTTP 302
http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a HTTP 301
http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

40 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

119 kB
Transfer

303 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kanimamboms.co.za/j1/a3/Index.php HTTP 302
http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a HTTP 301
http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.guidingtech.com/assets/postimages/2014/02/logo-adobe-pdf.jpg HTTP 307
https://www.guidingtech.com/assets/postimages/2014/02/logo-adobe-pdf.jpg HTTP 301
https://cdn.guidingtech.com/media/assets/WordPress-Import/2014/02/logo-adobe-pdf.jpg

Request Chain 3

http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s38367658783354?AQB=1&ndh=1&t=27%2F9%2F2017%2016%3A39%3A14%205%200&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g=http%3A%2F%2Fkanimamboms.co.za%2Fj1%2Fa3%2Fcdda343fec7cfd4896b6b1fa609dfc6a%2F&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AOnLoad_ims_SignInForm&v13=SignInForm&v30=adobedotcom_TOU_client2&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1 HTTP 302
http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s38367658783354?AQB=1&pccr=true&vidn=2CF9B0990531373A-600001024000940A&&ndh=1&t=27%2F9%2F2017%2016%3A39%3A14%205%200&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g=http%3A%2F%2Fkanimamboms.co.za%2Fj1%2Fa3%2Fcdda343fec7cfd4896b6b1fa609dfc6a%2F&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AOnLoad_ims_SignInForm&v13=SignInForm&v30=adobedotcom_TOU_client2&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1

5 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
Redirect Chain

http://kanimamboms.co.za/j1/a3/Index.php
http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a
http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/

263 KB
101 KB

598ms
598ms

Document
text/html

154.0.168.134
Afrihost

General

Check archive.org

Show headers Download Go to

Full URL

http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/

Protocol

HTTP/1.1

Server

154.0.168.134 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

obiwan.aserv.co.za

Software

nginx /

Resource Hash

a6505489a012ee1db5cfa088b0896e3e57c2cb4741328c7cd3668f2f6881f4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: kanimamboms.co.za
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Pragma: public
Date: Fri, 27 Oct 2017 16:39:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 27 Oct 2017 16:39:12 GMT
Server: nginx
ETag: W/"72919e-41c98-55c89edc342a8"
X-Cache-Status: MISS
Vary: Accept-Encoding Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=1 public
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Fri, 27 Oct 2017 16:39:14 GMT

Redirect headers

Pragma: public
Date: Fri, 27 Oct 2017 16:39:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Cache-Status: MISS
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Location: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
Cache-Control: max-age=1 public
Connection: keep-alive
Content-Length: 272
X-XSS-Protection: 1; mode=block
Expires: Fri, 27 Oct 2017 16:39:14 GMT

GET
H2 200 ath5djs.js Show response
use.typekit.net/ 17 KB
7 KB 22ms
10ms Script
text/javascript 92.123.94.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ath5djs.js

Requested by

Host: kanimamboms.co.za
URL: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a92-123-94-15.deploy.akamaitechnologies.com

Software

nginx /

Resource Hash

aff6ac450a8e86f7bd779e8ff090dd3b270afc3dcde456561ffa6b1fd13c19e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

:path: /ath5djs.js
pragma: no-cache
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: */*
cache-control: no-cache
:authority: use.typekit.net
referer: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
:scheme: https
:method: GET
Referer: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200 200 OK
date: Fri, 27 Oct 2017 16:39:14 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7033

GET
H2

200

logo-adobe-pdf.jpg
cdn.guidingtech.com/media/assets/WordPress-Import/2014/02/
Redirect Chain

http://www.guidingtech.com/assets/postimages/2014/02/logo-adobe-pdf.jpg
https://www.guidingtech.com/assets/postimages/2014/02/logo-adobe-pdf.jpg
https://cdn.guidingtech.com/media/assets/WordPress-Import/2014/02/logo-adobe-pdf.jpg

11 KB
11 KB

18ms
11ms

Image
image/jpeg

2400:cb00:2048:1::6818:43f
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.guidingtech.com/media/assets/WordPress-Import/2014/02/logo-adobe-pdf.jpg
Requested by: Host: kanimamboms.co.za
URL: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:43f , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 85e1682716795b2048d4f397901cf6612d63a713e7ef0e8a98f3192bef88721f

Request headers

:path: /media/assets/WordPress-Import/2014/02/logo-adobe-pdf.jpg
pragma: no-cache
cookie: __cfduid=d3f5a813ee61599a871d4c4339ecabf1d1509122354
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: cdn.guidingtech.com
referer: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
:scheme: https
:method: GET
Referer: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

date: Fri, 27 Oct 2017 16:39:15 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2017 13:37:09 GMT
server: cloudflare-nginx
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 3b47171eec2c27b0-FRA
content-length: 11320
expires: Sun, 26 Nov 2017 16:39:15 GMT

Redirect headers

date: Fri, 27 Oct 2017 16:39:15 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Craft CMS
status: 301
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare-nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://cdn.guidingtech.com/media/assets/WordPress-Import/2014/02/logo-adobe-pdf.jpg
cache-control: no-store, no-cache, must-revalidate
set-cookie: __cfduid=d3f5a813ee61599a871d4c4339ecabf1d1509122354; expires=Sat, 27-Oct-18 16:39:14 GMT; path=/; domain=.guidingtech.com; HttpOnly
cf-ray: 3b47171cba4127b0-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f7ca77a8ac88efd0254763ffd1e11bb301f729c71988b7abb7f2e32d58126dc

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1

200
OK

Cookie set s38367658783354
stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/
Redirect Chain

http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s38367658783354?AQB=1&ndh=1&t=27%2F9%2F2017%2016%3A39%3A14%205%200&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g...
http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s38367658783354?AQB=1&pccr=true&vidn=2CF9B0990531373A-600001024000940A&&ndh=1&t=27%2F9%2F2017%2016%3A39%3A14%205%200&ce=UTF-8&ns=ad...

43 B
43 B

23ms
23ms

Image
image/gif

66.235.148.129
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s38367658783354?AQB=1&pccr=true&vidn=2CF9B0990531373A-600001024000940A&&ndh=1&t=27%2F9%2F2017%2016%3A39%3A14%205%200&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g=http%3A%2F%2Fkanimamboms.co.za%2Fj1%2Fa3%2Fcdda343fec7cfd4896b6b1fa609dfc6a%2F&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AOnLoad_ims_SignInForm&v13=SignInForm&v30=adobedotcom_TOU_client2&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1
Requested by: Host: kanimamboms.co.za
URL: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
Protocol: HTTP/1.1
Server: 66.235.148.129 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS: *.d1.sc.omtrdc.net
Software: Omniture DC /
Resource Hash: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: stats.adobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
Cookie: s_vi=[CS]v1|2CF9B0990531373A-600001024000940A[CE]
Connection: keep-alive
Cache-Control: no-cache
Referer: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 16:39:14 GMT
X-C: ms-5.6.0
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Sat, 28 Oct 2017 16:39:14 GMT
Server: Omniture DC
xserver: www185
ETag: "59F36132-BD8B-49BC27EF"
Vary: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Set-Cookie: s_vi=[CS]v1|2CF9B0990531373A-600001024000940A[CE]; Expires=Sun, 27 Oct 2019 16:39:14 GMT; Domain=adobe.com; Path=/
Keep-Alive: timeout=15
Expires: Thu, 26 Oct 2017 16:39:14 GMT

Redirect headers

Date: Fri, 27 Oct 2017 16:39:14 GMT
X-C: ms-5.6.0
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 0
Pragma: no-cache
Last-Modified: Sat, 28 Oct 2017 16:39:14 GMT
Server: Omniture DC/2.0.0
xserver: www18
Location: http://stats.adobe.com/b/ss/adbimsqa,adbadobenonacdcqa/1/JS-1.2.3/s38367658783354?AQB=1&pccr=true&vidn=2CF9B0990531373A-600001024000940A&&ndh=1&t=27%2F9%2F2017%2016%3A39%3A14%205%200&ce=UTF-8&ns=adobecorp&pageName=Account%3AOnLoad_ims_SignInForm&g=http%3A%2F%2Fkanimamboms.co.za%2Fj1%2Fa3%2Fcdda343fec7cfd4896b6b1fa609dfc6a%2F&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AOnLoad_ims_SignInForm&v13=SignInForm&v30=adobedotcom_TOU_client2&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Set-Cookie: s_vi=[CS]v1|2CF9B0990531373A-600001024000940A[CE]; Expires=Sun, 27 Oct 2019 16:39:14 GMT; Domain=adobe.com; Path=/
Keep-Alive: timeout=15
Expires: Thu, 26 Oct 2017 16:39:14 GMT

GET
H/1.1 404
Not Found squarespinner_2x.gif
kanimamboms.co.za/renga-idprovider/resources/web_v2/img/ 375 B
0 201ms
201ms Image
text/html 154.0.168.134
Afrihost

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://kanimamboms.co.za/renga-idprovider/resources/web_v2/img/squarespinner_2x.gif

Requested by

Host: kanimamboms.co.za
URL: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/

Protocol

HTTP/1.1

Server

154.0.168.134 , South Africa, ASN37611 (Afrihost, ZA),

Reverse DNS

obiwan.aserv.co.za

Software

nginx /

Resource Hash

4403546cef517cb464c7cfa43e4c6170e0e16e35a5879e3aff4bd1b3bd41a6ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: kanimamboms.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://kanimamboms.co.za/j1/a3/cdda343fec7cfd4896b6b1fa609dfc6a/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/62.0.3202.62 Safari/537.36

Response headers

Date: Fri, 27 Oct 2017 16:39:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Excel / PDF download (Online) Adobe (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://use.typekit.net/ath5djs.js(Line 33) Message: Typekit: the domain "kanimamboms.co.za" isn't in the list of published domains for kit "ath5djs".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.guidingtech.com
kanimamboms.co.za
stats.adobe.com
use.typekit.net
www.guidingtech.com
154.0.168.134
2400:cb00:2048:1::6818:43f
66.235.148.129
92.123.94.15
0f7ca77a8ac88efd0254763ffd1e11bb301f729c71988b7abb7f2e32d58126dc
4403546cef517cb464c7cfa43e4c6170e0e16e35a5879e3aff4bd1b3bd41a6ea
85e1682716795b2048d4f397901cf6612d63a713e7ef0e8a98f3192bef88721f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a6505489a012ee1db5cfa088b0896e3e57c2cb4741328c7cd3668f2f6881f4b9
aff6ac450a8e86f7bd779e8ff090dd3b270afc3dcde456561ffa6b1fd13c19e2

kanimamboms.co.za Open in urlscan Pro 154.0.168.134 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

40 %HTTPS

25 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

119 kBTransfer

303 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

kanimamboms.co.za Open in urlscan Pro
154.0.168.134 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

40 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

119 kB
Transfer

303 kB
Size

0
Cookies

5 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!