kgosi.bathopeleagenda.co.za Open in urlscan Pro
41.185.8.219 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html
Submission: On September 18 via manual (September 18th 2024, 7:45:18 am UTC) from ZA — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 41.185.8.219, located in South Africa and belongs to ZA-1-Grid, ZA. The main domain is kgosi.bathopeleagenda.co.za.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 18th 2024. Valid for: 3 months.

This is the only time kgosi.bathopeleagenda.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Nedbank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
23	41.185.8.219 41.185.8.219		36943 (ZA-1-Grid) (ZA-1-Grid)
23	1

23 41.185.8.219 (South Africa)

ASN36943 (ZA-1-Grid, ZA)
PTR: srv147.hostserv.co.za

kgosi.bathopeleagenda.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	bathopeleagenda.co.za kgosi.bathopeleagenda.co.za	1 MB
23	1

	Domain	Requested by
23	kgosi.bathopeleagenda.co.za	kgosi.bathopeleagenda.co.za
23	1

This site contains no links.

Subject Issuer	Validity	Valid
kgosi.bathopeleagenda.co.za cPanel, Inc. Certification Authority	`2024-09-18` - `2024-12-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html
Frame ID: 0AF71D4B4C62879DAEB4C308F02AE981
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1103 kB
Transfer

1099 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Letter_2514.html Show response kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	120 KB 120 KB	907ms 364ms	Document text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `4f52e3b2b0e6745b5e87659ef7eda8ead5b20a5c48f073dd03fb3340200e9f41` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-length 122744 content-type text/html date Wed, 18 Sep 2024 07:45:12 GMT last-modified Wed, 18 Sep 2024 03:32:55 GMT server nginx
GET H2	200	styles.css kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/	173 KB 173 KB	412ms 411ms	Stylesheet text/css	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/styles.css Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `8887a3e0dea10c649e723d160fcac04d7432910580a8c0f2726c0c27ef8ee9cc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers accept-ranges bytes content-length 177164 date Wed, 18 Sep 2024 07:45:12 GMT content-type text/css last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx
GET H2	200	jquery.min.js Show response kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/	95 KB 95 KB	235ms 234ms	Script application/javascript	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/jquery.min.js Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers accept-ranges bytes content-length 97163 date Wed, 18 Sep 2024 07:45:12 GMT content-type application/javascript last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx
GET H2	200	KenaKahare.png kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/vision/	73 KB 73 KB	360ms 359ms	Image image/png	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/vision/KenaKahare.png Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `98abae8830ada4659fe72d966fbf8e96c3607a71283e45f0904214004c520f41` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 74758 date Wed, 18 Sep 2024 07:45:12 GMT content-type image/png last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	200	login-fast.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/	5 KB 5 KB	232ms 232ms	Image image/svg+xml	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/login-fast.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `54e78d62919fc3c90ac4cb592eb5d9c419b377094d563fad66729afc97f356fe` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 5236 date Wed, 18 Sep 2024 07:45:12 GMT content-type image/svg+xml last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	200	login-easy.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/	4 KB 4 KB	206ms 206ms	Image image/svg+xml	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/login-easy.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `ee214fda63de4a1786bb0b14585f02af8c09b1a6b2b45fd697fa80aa6a26cace` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 4097 date Wed, 18 Sep 2024 07:45:12 GMT content-type image/svg+xml last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	200	login-secure.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/	5 KB 6 KB	229ms 228ms	Image image/svg+xml	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/login-secure.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `b35a2d5904979dbbff2a7b2455ce7b3bc048a3d51bda638c3af9b4d19bd31ba0` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 5473 date Wed, 18 Sep 2024 07:45:13 GMT content-type image/svg+xml last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	200	entrust_site_seal_ssl.png kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/vision/	18 KB 19 KB	238ms 237ms	Image image/png	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/vision/entrust_site_seal_ssl.png Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 18758 date Wed, 18 Sep 2024 07:45:13 GMT content-type image/png last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	200	GooglePlay.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/	22 KB 22 KB	244ms 243ms	Image image/svg+xml	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/GooglePlay.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 22795 date Wed, 18 Sep 2024 07:45:13 GMT content-type image/svg+xml last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	200	AppStoreBadge.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/	12 KB 12 KB	232ms 231ms	Image image/svg+xml	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/AppStoreBadge.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 12224 date Wed, 18 Sep 2024 07:45:13 GMT content-type image/svg+xml last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	404	Icon.ef111dcaf7b1952d120f.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	1 KB 1 KB	1453ms 1452ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Icon.ef111dcaf7b1952d120f.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `cac7603ae2fddd182848c749e89c2e95af5614f03b3386181bbb5cfd9a5eb8cd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:14 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	404	location-blank-green.4b8e66bca4aac4a2aad6.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	1 KB 1 KB	1065ms 1064ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/location-blank-green.4b8e66bca4aac4a2aad6.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `cac7603ae2fddd182848c749e89c2e95af5614f03b3386181bbb5cfd9a5eb8cd` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:13 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	404	contact-blank-green.a180fba4b897921edd0b.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	3 KB 3 KB	1379ms 1379ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/contact-blank-green.a180fba4b897921edd0b.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `4b547a9a0dbe3eed98e4543ebeb8ff31f6b26063e8bf47fe72610431f465074d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:14 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	404	Eye-Show.e1de9570f043be4db21c.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/	6 KB 6 KB	1480ms 1480ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/Eye-Show.e1de9570f043be4db21c.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `061b7007a010633949da207a1b4fc92752d33f2cc2a24939edd83052ec676022` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/styles.css Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:14 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	404	PPP.cee7674f38c105ee0fb4.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	3 KB 3 KB	1261ms 1261ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/PPP.cee7674f38c105ee0fb4.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `4b547a9a0dbe3eed98e4543ebeb8ff31f6b26063e8bf47fe72610431f465074d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:14 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	404	contact-footer.ff0deb4d99b5c501e332.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	3 KB 3 KB	1582ms 1581ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/contact-footer.ff0deb4d99b5c501e332.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `4b547a9a0dbe3eed98e4543ebeb8ff31f6b26063e8bf47fe72610431f465074d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:14 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	404	location-blank.e36d304f8628a21886d3.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	3 KB 3 KB	1806ms 1804ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/location-blank.e36d304f8628a21886d3.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `4b547a9a0dbe3eed98e4543ebeb8ff31f6b26063e8bf47fe72610431f465074d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:14 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	404	phoneicon.d20aa97e94487e70b840.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	10 KB 10 KB	1674ms 1673ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/phoneicon.d20aa97e94487e70b840.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `9dfad3e609d935a6919c30a060861814f6c386b1947b255499630ff5397861b5` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:14 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	404	tncs.04b64534a4bbcb7c2676.svg kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/	3 KB 3 KB	1758ms 1757ms	Image text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Show image Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/tncs.04b64534a4bbcb7c2676.svg Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `4b547a9a0dbe3eed98e4543ebeb8ff31f6b26063e8bf47fe72610431f465074d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:14 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx
GET H2	200	FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/	162 KB 162 KB	371ms 371ms	Font font/otf	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/FontFont%20-%20MarkPro.12d6724a254d3be629fc.otf Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://kgosi.bathopeleagenda.co.za Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 165396 date Wed, 18 Sep 2024 07:45:13 GMT content-type font/otf last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	200	FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/	162 KB 162 KB	555ms 555ms	Font font/otf	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/FontFont%20-%20MarkPro-Bold.476d44b0f6c8939bb885.otf Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `979af22174e46123e6fb3c96d96360ba0ea7a5dbd00ae97ab1ebefae9c284d37` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://kgosi.bathopeleagenda.co.za Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 165936 date Wed, 18 Sep 2024 07:45:13 GMT content-type font/otf last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	200	FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/	158 KB 159 KB	423ms 423ms	Font font/otf	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mehala/FontFont%20-%20MarkPro-Medium.8531ae94f5ad973be8b7.otf Requested by Host: kgosi.bathopeleagenda.co.za URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / Resource Hash `ad51841bf5cf5eb27ead0ae50f936f678eeb2d4e1be6035e83fce13b0e3b83bb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://kgosi.bathopeleagenda.co.za Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers access-control-allow-methods GET,PUT,POST,DELETE accept-ranges bytes access-control-allow-origin * content-length 162260 date Wed, 18 Sep 2024 07:45:13 GMT content-type font/otf last-modified Wed, 08 Jan 2020 12:47:12 GMT server nginx access-control-allow-headers Content-Type, Authorization
GET H2	404	runtings.ico kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/vision/	56 KB 56 KB	472ms 472ms	Other text/html	41.185.8.219 ZA-1-Grid
General Check archive.org Show headers Download Go to Full URL https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/vision/runtings.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 41.185.8.219 , South Africa, ASN36943 (ZA-1-Grid, ZA), Reverse DNS srv147.hostserv.co.za Software nginx / PHP/7.1.33 Resource Hash `59c085926b997256b8130494df897104b2cf0c45fdadc966cf08dcf5d162b09b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Response headers expires Wed, 11 Jan 1984 05:00:00 GMT link <https://kgosi.bathopeleagenda.co.za/wp65/wp-json/>; rel="https://api.w.org/" cache-control no-cache, must-revalidate, max-age=0 date Wed, 18 Sep 2024 07:45:15 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.1.33 server nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Nedbank (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Letter_2514.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/location-blank-green.4b8e66bca4aac4a2aad6.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/PPP.cee7674f38c105ee0fb4.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/contact-blank-green.a180fba4b897921edd0b.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Icon.ef111dcaf7b1952d120f.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/Mekhoa/Eye-Show.e1de9570f043be4db21c.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/contact-footer.ff0deb4d99b5c501e332.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/phoneicon.d20aa97e94487e70b840.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/tncs.04b64534a4bbcb7c2676.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/location-blank.e36d304f8628a21886d3.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kgosi.bathopeleagenda.co.za/wp65/wp-includes/blocks/vision/runtings.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kgosi.bathopeleagenda.co.za
41.185.8.219
00ff1bb43d0a271618cd1f626e0530c4e9efb344058b85744e569306c93ecc42
061b7007a010633949da207a1b4fc92752d33f2cc2a24939edd83052ec676022
203680b7945ca5c9f3697881f9af9c8ed160354675055d22fc34545910cd4d54
4b547a9a0dbe3eed98e4543ebeb8ff31f6b26063e8bf47fe72610431f465074d
4cfabcfdbec9a5cd903190f150028743f38c3533b53ea21c6e4dd35a52a80383
4f52e3b2b0e6745b5e87659ef7eda8ead5b20a5c48f073dd03fb3340200e9f41
54e78d62919fc3c90ac4cb592eb5d9c419b377094d563fad66729afc97f356fe
59c085926b997256b8130494df897104b2cf0c45fdadc966cf08dcf5d162b09b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8887a3e0dea10c649e723d160fcac04d7432910580a8c0f2726c0c27ef8ee9cc
979af22174e46123e6fb3c96d96360ba0ea7a5dbd00ae97ab1ebefae9c284d37
98abae8830ada4659fe72d966fbf8e96c3607a71283e45f0904214004c520f41
9dfad3e609d935a6919c30a060861814f6c386b1947b255499630ff5397861b5
ad51841bf5cf5eb27ead0ae50f936f678eeb2d4e1be6035e83fce13b0e3b83bb
b35a2d5904979dbbff2a7b2455ce7b3bc048a3d51bda638c3af9b4d19bd31ba0
cac7603ae2fddd182848c749e89c2e95af5614f03b3386181bbb5cfd9a5eb8cd
eaa561f9f8ef5b69bd39e15e332dc3700decacebf48e08b0640ad3a5d8711f65
ee214fda63de4a1786bb0b14585f02af8c09b1a6b2b45fd697fa80aa6a26cace

kgosi.bathopeleagenda.co.za Open in urlscan Pro 41.185.8.219 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1103 kBTransfer

1099 kBSize

0 Cookies

0 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

12 Console Messages

Indicators

kgosi.bathopeleagenda.co.za Open in urlscan Pro
41.185.8.219 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1103 kB
Transfer

1099 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!