heirheads.co.za Open in urlscan Pro
197.242.144.104  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://pipingvidya.com/kolo.php?k=s Page URL
2. https://heirheads.co.za/.well-known/true/info/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	kolo.php pipingvidya.com/	12 KB 13 KB	15732ms 70ms	Document text/html	167.86.115.117 CONTABO
General Check archive.org Show headers Download Go to Full URL https://pipingvidya.com/kolo.php?k=s Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 167.86.115.117 Nuremberg, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi267632.contaboserver.net Software Apache / Resource Hash Request headers Host pipingvidya.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:01 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request / Show response heirheads.co.za/.well-known/true/info/	14 KB 15 KB	632ms 207ms	Document text/html	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Full URL https://heirheads.co.za/.well-known/true/info/ Requested by Host: pipingvidya.com URL: https://pipingvidya.com/kolo.php?k=s Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 7bbc65e95b36ececb089c29be61503025be358653b7deb3af505ae1e880a08a1 Request headers Host heirheads.co.za Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer https://pipingvidya.com/kolo.php?k=s Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://pipingvidya.com/kolo.php?k=s Response headers Date Thu, 11 Jul 2019 09:30:00 GMT Server Apache Last-Modified Sat, 11 Jan 2014 00:38:26 GMT ETag "3944-4efa70f882480" Accept-Ranges bytes Content-Length 14660 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	style.css heirheads.co.za/.well-known/true/info/i/	91 KB 92 KB	211ms 207ms	Stylesheet text/css	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Full URL https://heirheads.co.za/.well-known/true/info/i/style.css Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 7ee817ef7aab069bd57e8a3082f62ba70ed249e8f7faff7f1cc3b503fbe0fc7d Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:01 GMT Last-Modified Sun, 08 Dec 2013 07:56:48 GMT Server Apache ETag "16d29-4ed0138a61000" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 93481
GET H/1.1	200 OK	style1.css heirheads.co.za/.well-known/true/info/i/	80 KB 80 KB	1044ms 210ms	Stylesheet text/css	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Full URL https://heirheads.co.za/.well-known/true/info/i/style1.css Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 7cabfc220823b90e666f378d3835c89b9c715279a2adf5ec4eb621c6781f7cf4 Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:01 GMT Last-Modified Sun, 08 Dec 2013 08:04:40 GMT Server Apache ETag "13e5d-4ed0154c83600" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 81501
GET H/1.1	200 OK	style4.css heirheads.co.za/.well-known/true/info/i/	3 KB 4 KB	1646ms 211ms	Stylesheet text/css	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Full URL https://heirheads.co.za/.well-known/true/info/i/style4.css Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 9db0dabd50fbadf8c46bda6dc6bc6f1ae53ccf8332921098b1fec4b0e7f772ee Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:02 GMT Last-Modified Sun, 08 Dec 2013 08:10:50 GMT Server Apache ETag "d19-4ed016ad5f680" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3353
GET H/1.1	200 OK	style5.css heirheads.co.za/.well-known/true/info/i/	9 KB 9 KB	1855ms 209ms	Stylesheet text/css	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Full URL https://heirheads.co.za/.well-known/true/info/i/style5.css Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 26f4d159a73ab641c683f4595d75e97ebde21740cede826ae73f4d036b3386b1 Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:02 GMT Last-Modified Sun, 08 Dec 2013 08:11:20 GMT Server Apache ETag "24ac-4ed016c9fba00" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 9388
GET H/1.1	200 OK	1.js Show response heirheads.co.za/.well-known/true/info/i/	14 KB 14 KB	1924ms 223ms	Script application/javascript	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Full URL https://heirheads.co.za/.well-known/true/info/i/1.js Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash a5e7ed4cc2cf01ddc29aa7bca5fd6d2c93a9c081c2d9f9de65d68c77b35c78d5 Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:02 GMT Last-Modified Sun, 08 Dec 2013 08:38:34 GMT Server Apache ETag "38df-4ed01ce049680" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 14559
GET H/1.1	200 OK	logopaypal.png heirheads.co.za/.well-known/true/info/i/	983 B 1 KB	2284ms 212ms	Image image/png	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Show image Full URL https://heirheads.co.za/.well-known/true/info/i/logopaypal.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 042af5e5bcafb1c47c62475fb00a65bc522992e2bfb7a55edf243e04590dc0ba Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:03 GMT Last-Modified Sun, 08 Dec 2013 08:50:46 GMT Server Apache ETag "3d7-4ed01f9a60580" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 983
GET H/1.1	200 OK	homepage-buy.png heirheads.co.za/.well-known/true/info/i/	14 KB 14 KB	1508ms 207ms	Image image/png	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Show image Full URL https://heirheads.co.za/.well-known/true/info/i/homepage-buy.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash b1294cdd8fd123c39e49b9a69c03d4b30043395338297d1ff4c0535a39cfb239 Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:03 GMT Last-Modified Sun, 08 Dec 2013 09:06:40 GMT Server Apache ETag "3817-4ed023282e800" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 14359
GET H/1.1	200 OK	homepage-sell.png heirheads.co.za/.well-known/true/info/i/	16 KB 16 KB	1617ms 212ms	Image image/png	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Show image Full URL https://heirheads.co.za/.well-known/true/info/i/homepage-sell.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 44394b743f692cfabfeeb2e5e5bfa82eda8b38cd8948f51e420ace08db5d377c Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:04 GMT Last-Modified Sun, 08 Dec 2013 09:07:04 GMT Server Apache ETag "3f69-4ed0233f11e00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 16233
GET H/1.1	200 OK	homepage-transfer.png heirheads.co.za/.well-known/true/info/i/	15 KB 15 KB	2056ms 231ms	Image image/png	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Show image Full URL https://heirheads.co.za/.well-known/true/info/i/homepage-transfer.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash c4539b6d99ff1b7e97943f3dcbb3a1eb45b77b81248455e3c15f374487ddf9eb Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:05 GMT Last-Modified Sun, 08 Dec 2013 09:07:28 GMT Server Apache ETag "3a8c-4ed02355f5400" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 14988
GET H/1.1	200 OK	2.js Show response heirheads.co.za/.well-known/true/info/i/	276 KB 276 KB	657ms 253ms	Script application/javascript	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Full URL https://heirheads.co.za/.well-known/true/info/i/2.js Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 9d40b569e56eb45951b82c076f76386c2d36efef6ba320d92be4af99e67c3575 Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:03 GMT Last-Modified Sun, 08 Dec 2013 13:36:42 GMT Server Apache ETag "44ee8-4ed05f839ce80" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 282344
GET H2	200	scr_gray-bkgd.png www.paypalobjects.com/webstatic/i/ex_ce2/scr/	2 KB 2 KB	182ms 71ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/i/ex_ce2/scr/scr_gray-bkgd.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/i/1.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8989f902aac638178b44581ddfd4245ea17d61c77c450657bf752083c95c688f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:36:45 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 1706 expires Thu, 11 Jul 2019 09:30:04 GMT
GET H2	200	scr_content-bkgd.png www.paypalobjects.com/webstatic/i/ex_ce2/scr/	3 KB 3 KB	162ms 58ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/i/ex_ce2/scr/scr_content-bkgd.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 0de9dc4df795b30e9fa458090c49ab8137e65a7901803c81895cef56ac543d13 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:36:46 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 2681 expires Thu, 11 Jul 2019 09:30:04 GMT
GET H2	200	scr_gray-bkgd.png www.paypalobjects.com/webstatic/i/sparta/scr/	2 KB 2 KB	180ms 77ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/i/sparta/scr/scr_gray-bkgd.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8989f902aac638178b44581ddfd4245ea17d61c77c450657bf752083c95c688f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:36:55 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 1706 expires Thu, 11 Jul 2019 09:30:04 GMT
GET H2	200	sprite_ia.png www.paypalobjects.com/webstatic/i/sparta/sprite/	18 KB 19 KB	172ms 71ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/i/sparta/sprite/sprite_ia.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash fb2434a896e3e106be72dbbcb361d048b3e1edc30239ae94113becd33ec4fa39 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:36:55 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 18929 expires Thu, 11 Jul 2019 09:30:04 GMT
GET H2	200	interior-gradient-bottom.png www.paypalobjects.com/webstatic/mktg/consumer/gradients/	951 B 1 KB	165ms 65ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/mktg/consumer/gradients/interior-gradient-bottom.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b960c231e8e59f6c73ba9e3af6e76dbe04b8c75b430ddac77f6f42e6ba47b98e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:43:12 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 951 expires Thu, 11 Jul 2019 09:30:04 GMT
GET H2	200	interior-gradient-top.png www.paypalobjects.com/webstatic/mktg/consumer/gradients/	952 B 1 KB	157ms 58ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/mktg/consumer/gradients/interior-gradient-top.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f2c173be6a198adf60868c86f6e093f3b850bef0da34689e981fe218ad2a43a1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:43:12 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 952 expires Thu, 11 Jul 2019 09:30:04 GMT
GET H/1.1	200 OK	hero_signup_counter.jpg heirheads.co.za/.well-known/true/info/i/	102 KB 102 KB	332ms 210ms	Image image/jpeg	197.242.144.104 Afrihost
General Check archive.org Show headers Download Go to Show image Full URL https://heirheads.co.za/.well-known/true/info/i/hero_signup_counter.jpg Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 197.242.144.104 , South Africa, ASN37611 (Afrihost, ZA), Reverse DNS dot.aserv.co.za Software Apache / Resource Hash 883315dca8d8b7c8096c2b3371dda718cebcabd7a4966c0811eb2eb7dc63b4bb Request headers Referer https://heirheads.co.za/.well-known/true/info/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 11 Jul 2019 09:30:03 GMT Last-Modified Sun, 08 Dec 2013 08:18:34 GMT Server Apache ETag "198ed-4ed01867e0a80" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 104685
GET H2	200	vertical-gradient-sprite.png www.paypalobjects.com/webstatic/mktg/consumer/pages/home/	1 KB 2 KB	147ms 63ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/mktg/consumer/pages/home/vertical-gradient-sprite.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 713be2b4e284567cbe1052bf8b5e43b0e4f6cf232b4f0cb429e51c1a748bac22 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:43:02 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 1482 expires Thu, 11 Jul 2019 09:30:04 GMT
GET H2	200	homepage-gradient-top.png www.paypalobjects.com/webstatic/mktg/consumer/pages/home/	955 B 1 KB	191ms 107ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/mktg/consumer/pages/home/homepage-gradient-top.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash bbf40134304a63796fa2b6a75466a19d6e675c205af5cb0c41387def3841bd04 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:43:02 GMT server Apache strict-transport-security max-age=31536000 p3p CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI" status 200 cache-control max-age=0, no-cache, no-store accept-ranges bytes content-type image/png content-length 955 expires Thu, 11 Jul 2019 09:30:04 GMT
GET H2	200	sprite_header_footer_94.png www.paypalobjects.com/webstatic/i/sparta/sprite/	5 KB 5 KB	198ms 115ms	Image image/png	23.210.248.226 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/webstatic/i/sparta/sprite/sprite_header_footer_94.png Requested by Host: heirheads.co.za URL: https://heirheads.co.za/.well-known/true/info/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a23-210-248-226.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 0d20242be67c0597e0203dacb7f9b5cec66c3ad056045929faf4605142e854a2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://heirheads.co.za/.well-known/true/info/i/style1.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 11 Jul 2019 09:30:04 GMT x-content-type-options nosniff last-modified Tue, 07 Jan 2014 00:36:55 GMT server Apache strict-transport-security max-age=31536000 content-type image/png status 200 cache-control max-age=7776000 accept-ranges bytes content-length 4984 expires Wed, 09 Oct 2019 09:30:04 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| Modernizr function| changePass function| requirejs function| require function| define function| $ function| jQuery object| PAYPAL

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

heirheads.co.za
pipingvidya.com
www.paypalobjects.com
167.86.115.117
197.242.144.104
23.210.248.226
042af5e5bcafb1c47c62475fb00a65bc522992e2bfb7a55edf243e04590dc0ba
0d20242be67c0597e0203dacb7f9b5cec66c3ad056045929faf4605142e854a2
0de9dc4df795b30e9fa458090c49ab8137e65a7901803c81895cef56ac543d13
26f4d159a73ab641c683f4595d75e97ebde21740cede826ae73f4d036b3386b1
44394b743f692cfabfeeb2e5e5bfa82eda8b38cd8948f51e420ace08db5d377c
713be2b4e284567cbe1052bf8b5e43b0e4f6cf232b4f0cb429e51c1a748bac22
7bbc65e95b36ececb089c29be61503025be358653b7deb3af505ae1e880a08a1
7cabfc220823b90e666f378d3835c89b9c715279a2adf5ec4eb621c6781f7cf4
7ee817ef7aab069bd57e8a3082f62ba70ed249e8f7faff7f1cc3b503fbe0fc7d
883315dca8d8b7c8096c2b3371dda718cebcabd7a4966c0811eb2eb7dc63b4bb
8989f902aac638178b44581ddfd4245ea17d61c77c450657bf752083c95c688f
9d40b569e56eb45951b82c076f76386c2d36efef6ba320d92be4af99e67c3575
9db0dabd50fbadf8c46bda6dc6bc6f1ae53ccf8332921098b1fec4b0e7f772ee
a5e7ed4cc2cf01ddc29aa7bca5fd6d2c93a9c081c2d9f9de65d68c77b35c78d5
b1294cdd8fd123c39e49b9a69c03d4b30043395338297d1ff4c0535a39cfb239
b960c231e8e59f6c73ba9e3af6e76dbe04b8c75b430ddac77f6f42e6ba47b98e
bbf40134304a63796fa2b6a75466a19d6e675c205af5cb0c41387def3841bd04
c4539b6d99ff1b7e97943f3dcbb3a1eb45b77b81248455e3c15f374487ddf9eb
f2c173be6a198adf60868c86f6e093f3b850bef0da34689e981fe218ad2a43a1
fb2434a896e3e106be72dbbcb361d048b3e1edc30239ae94113becd33ec4fa39