www.auhf.co.za Open in urlscan Pro
197.221.12.237 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
Submission Tags: falconsandbox
Submission: On November 24 via api (November 24th 2020, 1:34:32 pm UTC) from US

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 3 HTTP transactions. The main IP is 197.221.12.237, located in South Africa and belongs to xneelo, ZA. The main domain is www.auhf.co.za.

This is the only time www.auhf.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	197.221.12.237 197.221.12.237	37153 (xneelo) (xneelo)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	13.32.219.50 13.32.219.50	16509 (AMAZON-02) (AMAZON-02)
3	4

1 197.221.12.237 (South Africa)

ASN37153 (xneelo, ZA)
PTR: dedi137.cpt3.host-h.net

www.auhf.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.219.50 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-219-50.cdg50.r.cloudfront.net

serving.photos.photobox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	photobox.com serving.photos.photobox.com	2 KB
1	imgur.com i.imgur.com	4 KB
1	auhf.co.za www.auhf.co.za	18 KB
3	3

	Domain	Requested by
1	serving.photos.photobox.com	www.auhf.co.za
1	i.imgur.com	www.auhf.co.za
1	www.auhf.co.za
3	3

This site contains no links.

Subject Issuer	Validity	Valid
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
photos.photobox.com Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
Frame ID: 62E4E6228986C16C76446C0601FE9F45
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

24 kB
Transfer

78 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request FILE.html Show response
www.auhf.co.za/wordpress/assets/2020/11/ 62 KB
18 KB 797ms
373ms Document
text/html 197.221.12.237
xneelo

General

Check archive.org

Show headers Download Go to

Full URL: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
Protocol: HTTP/1.1
Server: 197.221.12.237 , South Africa, ASN37153 (xneelo, ZA),
Reverse DNS: dedi137.cpt3.host-h.net
Software: Apache / W3 Total Cache/0.15.0
Resource Hash: 5a6a971ba73e217122085193950b3802d791b551d96476749ff36bc5fa61fc88

Request headers

Host: www.auhf.co.za
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 24 Nov 2020 13:34:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 24 Nov 2020 11:52:27 GMT
ETag: "f9a3-5b4d8f1d8b4c0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=3600, public
Expires: Tue, 24 Nov 2020 14:34:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Referrer-Policy
Pragma: public
X-Powered-By: W3 Total Cache/0.15.0
Content-Length: 18096
Keep-Alive: timeout=5, max=100
Content-Type: text/html

GET
H2 200 gkEW9ae.jpg
i.imgur.com/ 3 KB
4 KB 69ms
23ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/gkEW9ae.jpg

Requested by

Host: www.auhf.co.za
URL: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bafd9c00a46933a7882d2e75646a97433a1a10fa36ba859b277df33691567447

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 13:34:14 GMT
x-content-type-options: nosniff
age: 16985
x-cache: HIT, HIT
content-length: 3347
x-served-by: cache-bwi5150-BWI, cache-fra19124-FRA
last-modified: Tue, 24 Nov 2020 08:51:09 GMT
server: cat factory 1.0
x-timer: S1606224855.575114,VS0,VE1
etag: "1a18074b1d14b81456dd56d699e2e03d"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e31ac3af711b08a8fb18af24bb766e19acfe1e85adbbca57f2f5e5fe0973052

Request headers

Referer: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c94bdbe4d0b3c947b282151c526b0d5f6ac5d91b3ca1cde400ce90d93db7fa3

Request headers

Referer: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91eba697a22729823173b4e202771a2672610d42b797d554c7e50e7044cac97a

Request headers

Referer: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6071162488ad8d7c2ddf0308eb1b82a3c75ce6c72e407a1c524614818118731ce07b2e96.jpg
serving.photos.photobox.com/ 2 KB
2 KB 214ms
103ms Image
image/jpeg 13.32.219.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.photos.photobox.com/6071162488ad8d7c2ddf0308eb1b82a3c75ce6c72e407a1c524614818118731ce07b2e96.jpg
Requested by: Host: www.auhf.co.za
URL: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.219.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-219-50.cdg50.r.cloudfront.net
Software: akka-http/10.1.11 /
Resource Hash: 665804fa2b6b1a2cc1eb098ccc2ff21333c0ee48afd60ddde285ff46f129086c

Request headers

Referer: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 13:34:14 GMT
via: 1.1 97b63effdcb60825f821df922441529d.cloudfront.net (CloudFront)
server: akka-http/10.1.11
x-amz-cf-pop: CDG50-C2
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=86400, s-maxage=0
content-length: 1771
x-amz-cf-id: nIskjFS0vRZCot3buux43sMe8DfVUxIxxNt6X6fKrwSgSbd6rZDW-Q==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bcb8f798709dbd207759c77066b960058c02655f0e0dfeebe81473355b89990

Request headers

Referer: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8def1ff275738212ecdaf232828b8393bb34e5434600d4a380bb7704f0da390c

Request headers

Referer: http://www.auhf.co.za/wordpress/assets/2020/11/FILE.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.imgur.com
serving.photos.photobox.com
www.auhf.co.za
13.32.219.50
151.101.12.193
197.221.12.237
0e31ac3af711b08a8fb18af24bb766e19acfe1e85adbbca57f2f5e5fe0973052
4c94bdbe4d0b3c947b282151c526b0d5f6ac5d91b3ca1cde400ce90d93db7fa3
5a6a971ba73e217122085193950b3802d791b551d96476749ff36bc5fa61fc88
665804fa2b6b1a2cc1eb098ccc2ff21333c0ee48afd60ddde285ff46f129086c
6bcb8f798709dbd207759c77066b960058c02655f0e0dfeebe81473355b89990
8def1ff275738212ecdaf232828b8393bb34e5434600d4a380bb7704f0da390c
91eba697a22729823173b4e202771a2672610d42b797d554c7e50e7044cac97a
bafd9c00a46933a7882d2e75646a97433a1a10fa36ba859b277df33691567447

www.auhf.co.za Open in urlscan Pro 197.221.12.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

24 kBTransfer

78 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

www.auhf.co.za Open in urlscan Pro
197.221.12.237 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

24 kB
Transfer

78 kB
Size

0
Cookies

3 HTTP transactions
5 data transactions