urlscan.io logo urlscan.io
SecurityTrails logo

h2ogroup.za.com Open in urlscan Pro
196.41.127.31  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bitly.com/2HDBmoK
Effective URL: https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap9...
Submission: On November 27 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 196.41.127.31, located in South Africa and belongs to Cybersmart, ZA. The main domain is h2ogroup.za.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 19th 2020. Valid for: 3 months.
This is the only time h2ogroup.za.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.14 396982 (GOOGLE-PR...)
2 196.41.127.31 36874 (Cybersmart)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
7 4
Apex Domain
Subdomains		 Transfer
4 cloudflare.com
cdnjs.cloudflare.com
115 KB
2 za.com
h2ogroup.za.com
743 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 bitly.com
bitly.com
348 B
7 4
Domain Requested by
4 cdnjs.cloudflare.com h2ogroup.za.com
cdnjs.cloudflare.com
2 h2ogroup.za.com h2ogroup.za.com
1 fonts.gstatic.com h2ogroup.za.com
1 bitly.com 1 redirects
7 4

This site contains links to these domains. Also see Links.

Domain
pppixel.pro
Subject Issuer Validity Valid
h2ogroup.za.com
cPanel, Inc. Certification Authority		 2020-10-19 -
2021-01-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown
Frame ID: 37D5B9F432E405F8C9E3045CD8D43590
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bitly.com/2HDBmoK HTTP 301
    https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?... Page URL
  2. https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

873 kB
Transfer

1478 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bitly.com/2HDBmoK HTTP 301
    https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?toward=11baau1n00vb&except=region&clothes=fun Page URL
  2. https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bitly.com/2HDBmoK HTTP 301
  • https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?toward=11baau1n00vb&except=region&clothes=fun

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
assetmanage.php
h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/
Redirect Chain
  • https://bitly.com/2HDBmoK
  • https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?toward=11baau1n00vb&except=region&clothes=fun
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?toward=11baau1n00vb&except=region&clothes=fun
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.41.127.31 , South Africa, ASN36874 (Cybersmart, ZA),
Reverse DNS
cpanel18.mywebserver.co.za
Software
Apache /
Resource Hash
d030dd72fc73e38aeb03d4149a2327c6b2b85be2ac5ca0d636cca96f3619cc9b

Request headers

Host
h2ogroup.za.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 05:07:37 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

server
nginx
date
Fri, 27 Nov 2020 05:07:37 GMT
content-type
text/html; charset=utf-8
content-length
240
cache-control
private, max-age=90
content-security-policy
referrer always;
location
https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?toward=11baau1n00vb&except=region&clothes=fun
referrer-policy
unsafe-url
set-cookie
_bit=kar57B-8fc92b25ed02e139c4-00a; Domain=bitly.com; Expires=Wed, 26 May 2021 05:07:37 GMT
strict-transport-security
max-age=31536000
via
1.1 google
alt-svc
clear
Primary Request assetmanage.php
h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/ 		739 KB
740 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown
Requested by
Host: h2ogroup.za.com
URL: https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?toward=11baau1n00vb&except=region&clothes=fun
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.41.127.31 , South Africa, ASN36874 (Cybersmart, ZA),
Reverse DNS
cpanel18.mywebserver.co.za
Software
Apache /
Resource Hash
192fd75d041254b32a6210b6702a06707065551df683ca9dfb3d410a7563449d

Request headers

Host
h2ogroup.za.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?toward=11baau1n00vb&except=region&clothes=fun
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?toward=11baau1n00vb&except=region&clothes=fun

Response headers

Date
Fri, 27 Nov 2020 05:07:40 GMT
Server
Apache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Requested by
Host: h2ogroup.za.com
URL: https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 05:07:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
583766
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
8281
cf-request-id
06a9b2af330000d6d1fe0f8000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
etag
"5eb03e60-b752"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G8pyeXS4U4lJB4%2FJ4ekHlbdaJ47CAnwU8XS%2BwSKe%2BJLi48Y81m1K6tQw%2FM%2BayncOmx%2B6FFmtRe8I%2B%2FQ29zz6BacBDWEpCijMW0Fgg28yLFDoPJLJADE3M0DaNNFuE6Ccdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f8953c519ced6d1-FRA
expires
Wed, 17 Nov 2021 05:07:43 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: h2ogroup.za.com
URL: https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 05:07:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
583779
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
27748
cf-request-id
06a9b2af340000d6d107053000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m3rvGsaGm33RMj7KafIS0Co3g7rCVTO8wRYkjBDZPQkIl5XiUFDrsaO1N8YiM%2FN%2Bs1v0uCGvHo9zhhufh8znD0LTlFdJZtja92ijk0RifjkoRYjwpEtK2gPUecnWjfbH1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f8953c519d1d6d1-FRA
expires
Wed, 17 Nov 2021 05:07:43 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7e2be320b690ff4ac5e053c9b914137c959c769c4ddd08bc1837bec405edb2f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		282 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25dd7928472246012ad97f82843212f99bf39c68b39efcee59643f6e3bfa1639

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5567c5a47f8bbd27707bd2cffdb1679c292a07ccf09a8578e1b9eba7ab481cf3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Origin
https://h2ogroup.za.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 05:07:44 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
192651
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
64144
cf-request-id
06a9b2b4bc0000dfb7a4a45000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
etag
"5eb03e60-fa90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=giEEiyIqesg66FZYyRBqKdZclNpd9KSHZdscxGwZQaAAdXjdnZSuTa%2B65mmg3ymuUsQ80opq2K0pykpUzx6rIF0tY%2FosiOxb8XpE7n2Q6YF0qpnfuiIWNFHN%2BaTJuzLn1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f8953cdfdc8dfb7-FRA
expires
Wed, 17 Nov 2021 05:07:44 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a39a543c8b307d44acc44b824dfd82142df1bc324415f82a25a65f79564633
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Origin
https://h2ogroup.za.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.2.0/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 05:07:44 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
200036
x-via
cfworker/kv
cross-origin-resource-policy
cross-origin
content-length
14888
cf-request-id
06a9b2b4bc0000dfb7803b8000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
etag
"5eb03e60-3a28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o5P%2FdAXoz3mMZDZS8A%2BW3elgQUZhZvhw%2BLJvKFbs92fJiiHUjDxj32w4GXp6%2FvV2gZi3vYw3Qn3l%2FwaqcX30k7jrCmnM927iOUffrE1Rz%2Fhh2Qu7KxFWZ6e3hZNRs%2FS6lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f8953cdfdc9dfb7-FRA
expires
Wed, 17 Nov 2021 05:07:44 GMT
truncated
/ 		44 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3516f9d365326aff2e5b98a72fa695899e759408df33418814d935aebce7d1f8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		81 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a668c08b997a246bf48095ac12474aaee61f3d9c2c224139998506438f031e3b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
421949f2d08145e9aa840f91a55493c74e84241761c996e89828c8a03c24f1e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70b5b0b8faa70b2e2a9bc92dabf32743fb0b06873501532d24173bfee533ef1c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cc159f4959c4d69de65806ca5770e77d32a18da8c976da0d1eeb7139ae6f370

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg
2sDZZGJYnIjSi6H75xk7t0GsBJ0Y.woff2
fonts.gstatic.com/s/assistant/v2/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v2/2sDZZGJYnIjSi6H75xk7t0GsBJ0Y.woff2
Requested by
Host: h2ogroup.za.com
URL: https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f29daf60c988a1de45229009ce72da156e3db24ecd3a2ccf82de29dc9e7c873
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://h2ogroup.za.com
Referer
https://h2ogroup.za.com/dist/images/content/contatto/cmcic_response/giftcertificate/assetmanage.php?nose=peekrsk9wt99ap90&europe=wide&note=brown
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 23 Nov 2020 10:05:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 21:49:52 GMT
server
sffe
age
327749
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16416
x-xss-protection
0
expires
Tue, 23 Nov 2021 10:05:16 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fff202b6b1e77bbf4023210119cf762e792b63772793aa82ea0ff256b4de9d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a38a702b5fca318ba6fe7a67e810acc736f10470e8b6a8379af8712230350a5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b66a289fdbfd32de4691a35fa2c724b4aaa60829bd9a2eac46da000e25524ac

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72761bd247615c25e59e825c8ceaa8ffb88ad97a178ed20db4a20d712da43e13

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitly.com
cdnjs.cloudflare.com
fonts.gstatic.com
h2ogroup.za.com
196.41.127.31
2606:4700::6810:125e
2a00:1450:4001:819::2003
67.199.248.14
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a38a702b5fca318ba6fe7a67e810acc736f10470e8b6a8379af8712230350a5
192fd75d041254b32a6210b6702a06707065551df683ca9dfb3d410a7563449d
25dd7928472246012ad97f82843212f99bf39c68b39efcee59643f6e3bfa1639
2cc159f4959c4d69de65806ca5770e77d32a18da8c976da0d1eeb7139ae6f370
2f29daf60c988a1de45229009ce72da156e3db24ecd3a2ccf82de29dc9e7c873
3516f9d365326aff2e5b98a72fa695899e759408df33418814d935aebce7d1f8
40a39a543c8b307d44acc44b824dfd82142df1bc324415f82a25a65f79564633
421949f2d08145e9aa840f91a55493c74e84241761c996e89828c8a03c24f1e9
4b66a289fdbfd32de4691a35fa2c724b4aaa60829bd9a2eac46da000e25524ac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5567c5a47f8bbd27707bd2cffdb1679c292a07ccf09a8578e1b9eba7ab481cf3
5fff202b6b1e77bbf4023210119cf762e792b63772793aa82ea0ff256b4de9d2
70b5b0b8faa70b2e2a9bc92dabf32743fb0b06873501532d24173bfee533ef1c
72761bd247615c25e59e825c8ceaa8ffb88ad97a178ed20db4a20d712da43e13
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
a668c08b997a246bf48095ac12474aaee61f3d9c2c224139998506438f031e3b
d030dd72fc73e38aeb03d4149a2327c6b2b85be2ac5ca0d636cca96f3619cc9b
f7e2be320b690ff4ac5e053c9b914137c959c769c4ddd08bc1837bec405edb2f