secureaffirmverification.ixafrica.1-grid-website-design.co.za Open in urlscan Pro
41.185.8.42  Malicious Activity! Public Scan

Submitted URL: http://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Effective URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 29 via api from CA — Scanned from CA

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 41.185.8.42, located in South Africa and belongs to ZA-1-Grid, ZA. The main domain is secureaffirmverification.ixafrica.1-grid-website-design.co.za.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 29th 2023. Valid for: 3 months.
This is the only time secureaffirmverification.ixafrica.1-grid-website-design.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Affirm (Financial)

Domain & IP information

IP Address AS Autonomous System
1 4 41.185.8.42 36943 (ZA-1-Grid)
6 151.101.194.133 54113 (FASTLY)
3 3.160.5.100 16509 (AMAZON-02)
1 69.16.175.10 20446 (STACKPATH...)
2 23.21.145.8 14618 (AMAZON-AES)
15 5
Apex Domain
Subdomains
Transfer
9 affirm.com
cdn1.affirm.com — Cisco Umbrella Rank: 7193
www.affirm.com — Cisco Umbrella Rank: 6903
465 KB
4 1-grid-website-design.co.za
secureaffirmverification.ixafrica.1-grid-website-design.co.za
82 KB
2 iesnare.com
mpsnare.iesnare.com — Cisco Umbrella Rank: 5838
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 736
83 KB
15 4
Domain Requested by
6 cdn1.affirm.com secureaffirmverification.ixafrica.1-grid-website-design.co.za
4 secureaffirmverification.ixafrica.1-grid-website-design.co.za 1 redirects secureaffirmverification.ixafrica.1-grid-website-design.co.za
3 www.affirm.com secureaffirmverification.ixafrica.1-grid-website-design.co.za
2 mpsnare.iesnare.com secureaffirmverification.ixafrica.1-grid-website-design.co.za
1 code.jquery.com secureaffirmverification.ixafrica.1-grid-website-design.co.za
15 5

This site contains no links.

Subject Issuer Validity Valid
secureaffirmverification.ixafrica.1-grid-website-design.co.za
cPanel, Inc. Certification Authority
2023-08-29 -
2023-11-27
3 months crt.sh
cdn1.affirm.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
affirm.com
Amazon RSA 2048 M01
2023-02-28 -
2023-12-18
10 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
mpsnare.iesnare.com
DigiCert SHA2 High Assurance Server CA
2023-05-01 -
2024-05-29
a year crt.sh

This page contains 1 frames:

Primary Page: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Frame ID: 15C2292F26AE7982DFF96313D2870B82
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Affirm Protection

Page URL History Show full URLs

  1. http://secureaffirmverification.ixafrica.1-grid-website-design.co.za/ HTTP 301
    https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

632 kB
Transfer

1739 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://secureaffirmverification.ixafrica.1-grid-website-design.co.za/ HTTP 301
    https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Redirect Chain
  • http://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
  • https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
27 KB
27 KB
Document
General
Full URL
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.42 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
lnxwsd-dev01-monitor.hostserv.co.za
Software
nginx / PHP/7.4.33
Resource Hash
ee3870b5bf1ffe3c9b8bbb0bdcbbe64538cff5c706d01e61c51d23f67e16144c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 29 Aug 2023 23:17:48 GMT
server
nginx
x-powered-by
PHP/7.4.33

Redirect headers

Content-Length
278
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 29 Aug 2023 23:17:47 GMT
Location
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Server
nginx
microfrontend.js
cdn1.affirm.com/assets/product_flows/master/
1 MB
320 KB
Script
General
Full URL
https://cdn1.affirm.com/assets/product_flows/master/microfrontend.js
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a937a7277bd56cde0321127b4c0aedfb6d99f14b1e37bacc579ee87451c649ec
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
OxR7zMKuB_0QKfEWN18g2Qyxq5Mvce1x
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 29 Aug 2023 23:17:48 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
CA5FKP5H1E75BKYE
age
45
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
327195
x-amz-id-2
BkVEtd2D4FIDOGog/DK8iYGB+AjlEuYps3z23TIjSS904xK7HMxcqzADrgI58f8+xZ48uycvxV8=
x-served-by
cache-iad-kjyo7100052-IAD, cache-yyz4565-YYZ
last-modified
Tue, 29 Aug 2023 22:41:27 GMT
server
AmazonS3
etag
"e31dee8e5392edf0e2bf173a94099cfd"
vary
Origin
x-amz-meta-md5checksum
4x3ujlOS7fDivxc6lAmc/Q==
content-type
application/javascript
cache-control
max-age=300, public, immutable
accept-ranges
bytes
x-cache-hits
1, 1
microfrontend.css
cdn1.affirm.com/assets/product_flows/master/
102 KB
21 KB
Stylesheet
General
Full URL
https://cdn1.affirm.com/assets/product_flows/master/microfrontend.css
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bb841d490596b1116ad105a3b5972dbef4cc5371af722cd75920d8db0a67078
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
DLOgz0vYGm1kumdTNHJsCl5IfmekCE4i
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 29 Aug 2023 23:17:48 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
ZZXPECSN2YC35WZJ
age
245
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
21110
x-amz-id-2
kb2MXqhZrD2LBJsISzdgpp3SIJXEwcAeo0Z4TRBH0pwZmm/NudOhnEGIJTodWrE1r1A8RWOM7gY=
x-served-by
cache-iad-kcgs7200178-IAD, cache-yyz4565-YYZ
last-modified
Tue, 22 Aug 2023 21:19:39 GMT
server
AmazonS3
etag
"73683f3f09c4fe182b0fa7b28d36cb3e"
vary
Origin
x-amz-meta-md5checksum
c2g/PwnE/hgrD6eyjTbLPg==
content-type
text/css
cache-control
max-age=300, public, immutable
accept-ranges
bytes
x-cache-hits
236701, 1
calibre-bold.woff2
www.affirm.com/fonts/src/
28 KB
28 KB
Font
General
Full URL
https://www.affirm.com/fonts/src/calibre-bold.woff2
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-100.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d011a5c437242af919ca8c96751dc101efd1695fbeec4c19d8753d4aa82b80e8

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:17:49 GMT
x-amz-version-id
HLsUIx_BA35Ek347a5geQ4UqGz1nYVj7
via
1.1 cc47ec2760d38b865200c4e75e0eec54.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
28484
last-modified
Thu, 09 Mar 2023 21:24:47 GMT
server
AmazonS3
etag
"845a75bb03fe676f787aad2667481c7e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000,public,immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
JwwV0ZLKmQHlgtFOVVrbg0cEZpn2P9vzQ_KbN78YMKeNUE1OF_BUAA==
calibre-regular.woff2
www.affirm.com/fonts/src/
27 KB
27 KB
Font
General
Full URL
https://www.affirm.com/fonts/src/calibre-regular.woff2
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-100.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb9fc8bab80de0146a30a781d47795251a570e5d11aacf42d480cf20124f96bf

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:17:49 GMT
x-amz-version-id
G4Cyl1Qoxe9tyxUK4FJXE6HUMLNcg56Z
via
1.1 cc47ec2760d38b865200c4e75e0eec54.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
27408
last-modified
Thu, 09 Mar 2023 21:24:47 GMT
server
AmazonS3
etag
"76e1ff23b58cefd86aa63b0abbb79d00"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000,public,immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
Z0WofvE7Hbk2uUliq4VVJzqB8ei6ZEx-kQcsv-zi21mxdw15_OUkHg==
calibre-semibold.woff2
www.affirm.com/fonts/src/
27 KB
27 KB
Font
General
Full URL
https://www.affirm.com/fonts/src/calibre-semibold.woff2
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.5.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-5-100.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0786f1f1c2ac8789c0e8a8a4640a24ef01f508f82ed86967d8d175c3ef4a9d16

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:17:49 GMT
x-amz-version-id
o563M0siyTR2f_3OcnYkmAd76MZzSzS8
via
1.1 cc47ec2760d38b865200c4e75e0eec54.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
27580
last-modified
Thu, 09 Mar 2023 21:24:47 GMT
server
AmazonS3
etag
"6345af6e7a0b173fcf5173f3652bf262"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000,public,immutable
vary
Origin
accept-ranges
bytes
x-amz-cf-id
6FMR33dwVcTYfioStMeJo0Jgi7y18MGSkGnMbWhtCFYDzjxht1XaZg==
intl-copy-US-json-a1ca8f2fe53fd1e38302.js
cdn1.affirm.com/assets/identity_app/master/
21 KB
7 KB
Script
General
Full URL
https://cdn1.affirm.com/assets/identity_app/master/intl-copy-US-json-a1ca8f2fe53fd1e38302.js
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0332e2e1b144a06dd640a2b96b68bb4f81edf1052a2ad8b242ac0647a4eb62b4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
CCRvfwXnmWEWJOa7KzWB7i8gtzmGOh2I
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 29 Aug 2023 23:17:48 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
GX8R7M498DXCR65R
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS, MISS
x-amz-replication-status
COMPLETED
content-length
6482
x-amz-id-2
nEPx/LRjGrCwj9g1iYLFTm30dt5faPIfYvoj6tZTW0ZYcBEGShKfvxB5jU40dq4Grihz18Ptt/Y=
x-served-by
cache-iad-kiad7000120-IAD, cache-yyz4558-YYZ
last-modified
Thu, 20 Oct 2022 23:29:44 GMT
server
AmazonS3
etag
"b7bb39bc50c323057e3ef9723ea3a7da"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-meta-md5checksum
t7s5vFDDIwV+PvlyPqOn2g==
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=31536000, public, immutable
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
accept-ranges
bytes
x-cache-hits
0, 0
index-344d885493e3af0993f3.css
cdn1.affirm.com/assets/identity_app/master/
123 KB
28 KB
Stylesheet
General
Full URL
https://cdn1.affirm.com/assets/identity_app/master/index-344d885493e3af0993f3.css
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7ef33d5409f1df4c9de8584bfa411c53a891f9ac2dd81819de1ed3f5e1842c9
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
5C.zAo9RAQkrUuRmlY3aQnTFGU_lXpsl
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 29 Aug 2023 23:17:48 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
NEP9WHYNCKPM52Y4
age
2016007
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
x-amz-replication-status
COMPLETED
content-length
27754
x-amz-id-2
LZW/HhJADVQeVBq/0PHTKdHcNJrivpxocRa0+S1KGN02IrU0GHmzR8Vp2BwZoTuK9rIEIT/C2XQ=
x-served-by
cache-iad-kjyo7100033-IAD, cache-yyz4558-YYZ
last-modified
Thu, 20 Oct 2022 23:29:43 GMT
server
AmazonS3
etag
"0b3fd489e675cfb677df1986efb63eca"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-meta-md5checksum
Cz/UieZ1z7Z33xmG77Y+yg==
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=31536000, public, immutable
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
accept-ranges
bytes
x-cache-hits
4, 0
jquery-1.11.3.js
code.jquery.com/
278 KB
83 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.11.3.js
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:17:48 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:01 GMT
server
nginx
etag
W/"62f659d5-456ea"
surrogate-control
max-age=315360000;hw-h2proxy
vary
Accept-Encoding
x-hw
1693351068.cdn4-pxy007-yyz02.tr2.evs,1693351068.cds222.tr2.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000,public
accept-ranges
bytes
content-length
84538
MobileDownloadBanner-64833ec1487ac202d803.css
cdn1.affirm.com/assets/product_flows/master/
4 KB
3 KB
Stylesheet
General
Full URL
https://cdn1.affirm.com/assets/product_flows/master/MobileDownloadBanner-64833ec1487ac202d803.css
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19eb15a82c7d57da840702df09105cec7a6e5c5c9edef82b5ce2b05ce0e5dcac
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
_mIuG8epSOw1yg2VX2m52yNlZBcMbNVM
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 29 Aug 2023 23:17:48 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
BPNP56EZX3BJ4YNR
age
96021
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
x-amz-replication-status
COMPLETED
content-length
3180
x-amz-id-2
7zWxWpJwi/8eCWH5ZrcbJB0DBBgb71RVCr/xa2Rvp9KVCmWBTZQ9MThk7Hv8pXSgJ9p4fauF72UjyxAqeJwMzg==
x-served-by
cache-iad-kjyo7100030-IAD, cache-yyz4558-YYZ
last-modified
Fri, 21 Oct 2022 19:15:47 GMT
server
AmazonS3
etag
"937709d3946f8478d7b147ded6c2a5a5"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-meta-md5checksum
k3cJ05RvhHjXsUfe1sKlpQ==
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=31536000, public, immutable
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
accept-ranges
bytes
x-cache-hits
1, 0
DesktopSnackbar-64833ec1487ac202d803.css
cdn1.affirm.com/assets/product_flows/master/
8 KB
3 KB
Stylesheet
General
Full URL
https://cdn1.affirm.com/assets/product_flows/master/DesktopSnackbar-64833ec1487ac202d803.css
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77accfb685af26e3283da4844fbdef11cdc3b5adc94d326f6fcd9a94c4446cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id
mHfx0sxffwHbOzKHfVwlzEo9ST1RrgXC
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 29 Aug 2023 23:17:48 GMT
strict-transport-security
max-age=31557600
x-amz-request-id
WQH2M9CN9R6WBZQ0
age
699268
x-amz-server-side-encryption
AES256
x-cache
HIT, MISS
x-amz-replication-status
COMPLETED
content-length
2609
x-amz-id-2
UZHKAwTQgvWpGa198ux3G805MiNT8Hj8yute6PlatwsvhypmGn1rKIbm/6tuVxICOWYO7euZArY=
x-served-by
cache-iad-kcgs7200081-IAD, cache-yyz4558-YYZ
last-modified
Fri, 21 Oct 2022 19:15:45 GMT
server
AmazonS3
etag
"a9698b71c0848cc6339cc716f689b5a0"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-meta-md5checksum
qWmLccCEjMYznMcW9om1oA==
access-control-allow-origin
*
content-type
text/css
cache-control
max-age=31536000, public, immutable
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
accept-ranges
bytes
x-cache-hits
2, 0
css
secureaffirmverification.ixafrica.1-grid-website-design.co.za/apps/prefetch/v1/user_portal/index/
0
27 KB
Other
General
Full URL
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/apps/prefetch/v1/user_portal/index/css
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.42 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
lnxwsd-dev01-monitor.hostserv.co.za
Software
nginx / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:17:48 GMT
server
nginx
x-powered-by
PHP/7.4.33
content-type
text/html; charset=UTF-8
js
secureaffirmverification.ixafrica.1-grid-website-design.co.za/apps/prefetch/v1/user_portal/index/
0
27 KB
Other
General
Full URL
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/apps/prefetch/v1/user_portal/index/js
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.42 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
lnxwsd-dev01-monitor.hostserv.co.za
Software
nginx / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Origin
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 23:17:48 GMT
server
nginx
x-powered-by
PHP/7.4.33
content-type
text/html; charset=UTF-8
time.mp3
mpsnare.iesnare.com/
504 B
881 B
Media
General
Full URL
https://mpsnare.iesnare.com/time.mp3?nocache=0.8078188702025861
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.21.145.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-145-8.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e99aa959d27092cf1f0f0997b396a66ea7e85327f9502ab4a944eabcc2dbb79f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range
bytes=0-

Response headers

Pragma
public
Date
Tue, 29 Aug 2023 23:17:48 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Server
nginx
Content-Type
audio/mpeg
Content-Range
bytes 0-503/504
Content-Disposition
inline; filename=time.mp3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
504
Expires
Thu, 01 Jan 1970 00:00:00 GMT
time.mp3
mpsnare.iesnare.com/
504 B
881 B
Media
General
Full URL
https://mpsnare.iesnare.com/time.mp3?nocache=0.21686435261211767
Requested by
Host: secureaffirmverification.ixafrica.1-grid-website-design.co.za
URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.21.145.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-145-8.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e99aa959d27092cf1f0f0997b396a66ea7e85327f9502ab4a944eabcc2dbb79f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range
bytes=0-

Response headers

Pragma
public
Date
Tue, 29 Aug 2023 23:17:48 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Server
nginx
Content-Type
audio/mpeg
Content-Range
bytes 0-503/504
Content-Disposition
inline; filename=time.mp3
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
504
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Affirm (Financial)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Message:
The resource https://cdn1.affirm.com/assets/identity_app/master/intl-copy-US-json-a1ca8f2fe53fd1e38302.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://secureaffirmverification.ixafrica.1-grid-website-design.co.za/
Message:
The resource https://cdn1.affirm.com/assets/product_flows/master/microfrontend.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.