afriwell.co Open in urlscan Pro
51.68.214.168 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://eblockchain.edu.vn/
Effective URL:
https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b...
Submission: On December 20 via api (December 20th 2024, 7:22:39 am UTC) from JP — Scanned from JP

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 24 HTTP transactions. The main IP is 51.68.214.168, located in United Kingdom and belongs to OVH OVH SAS, FR. The main domain is afriwell.co.
TLS certificate: Issued by E6 on November 4th 2024. Valid for: 3 months.

This is the only time afriwell.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.122.221.239 103.122.221.239	150838 (HASONTECH...) (HASONTECH-VN HA SON TECHNOLOGY ONE MEMBER LIMITED COMPANY)
1 1	172.67.207.252 172.67.207.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.68.214.168 51.68.214.168	16276 (OVH OVH SAS) (OVH OVH SAS)
15	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	103.126.138.87 103.126.138.87	40676 (AS40676) (AS40676)
2	2a02:4780:1:5... 2a02:4780:1:549:0:19f4:4348:2	47583 (AS-HOSTIN...) (AS-HOSTINGER Hostinger International Limited)
24	5

1 103.122.221.239 (Viet Nam) 1 redirects

ASN150838 (HASONTECH-VN HA SON TECHNOLOGY ONE MEMBER LIMITED COMPANY, VN)
PTR: network.powernet.vn

eblockchain.edu.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.207.252 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

adflowtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.68.214.168 (United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: afriwell.co

afriwell.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 199.232.196.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.126.138.87 (Singapore, Singapore)

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net

ipwho.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:4780:1:549:0:19f4:4348:2 (Asheville, United States)

ASN47583 (AS-HOSTINGER Hostinger International Limited, CY)

colnud.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	imgur.com i.imgur.com — Cisco Umbrella Rank: 8961	584 KB
2	colnud.co colnud.co	198 KB
2	afriwell.co afriwell.co	32 KB
1	ipwho.is ipwho.is — Cisco Umbrella Rank: 58100	935 B
1	adflowtube.com 1 redirects adflowtube.com	792 B
1	eblockchain.edu.vn 1 redirects eblockchain.edu.vn	204 B
0	esefelipesuarez.gov.co Failed esefelipesuarez.gov.co Failed
0	jrci.com.co Failed jrci.com.co Failed
24	8

	Domain	Requested by
15	i.imgur.com	afriwell.co
2	colnud.co	afriwell.co
2	afriwell.co
1	ipwho.is	afriwell.co
1	adflowtube.com	1 redirects
1	eblockchain.edu.vn	1 redirects
0	esefelipesuarez.gov.co Failed	afriwell.co
0	jrci.com.co Failed	afriwell.co
24	8

This site contains no links.

Subject Issuer	Validity	Valid
afriwell.co E6	`2024-11-04` - `2025-02-02`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
ipwho.is GoGetSSL ECC DV CA	`2024-03-13` - `2025-03-13`	a year	crt.sh
colnud.co R11	`2024-12-09` - `2025-03-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b1216501d075d5a1d5c09460e0c465a5e4e09451e07465e5a0e070002540b465154500d565d5e5302
Frame ID: F3FDD64D2AD4A86170A023B9D9D9432D
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

コンピューターエラー0x800700B7

Page URL History Show full URLs

https://eblockchain.edu.vn/ HTTP 302
https://adflowtube.com/?ctihmct3kl6c738dhc60 HTTP 302
https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c... Page URL

Page Statistics

24
Requests

83 %
HTTPS

17 %
IPv6

8
Domains

8
Subdomains

5
IPs

4
Countries

814 kB
Transfer

913 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://eblockchain.edu.vn/ HTTP 302
https://adflowtube.com/?ctihmct3kl6c738dhc60 HTTP 302
https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b1216501d075d5a1d5c09460e0c465a5e4e09451e07465e5a0e070002540b465154500d565d5e5302 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://afriwell.co/js/jquery-1.4.4.min.js HTTP 302
https://adflowtube.com/?ctihmdt3kl6c738dho7g HTTP 302
https://jrci.com.co/?p=eada0697b75e8877b981d60aeb813913&u=8eec140685ed594044464b0f4a4b5050465356411016544752594d410c1544511e5557584a5b5b470d5e4c5809495b441d554c5c0d095401010601440653020c550f545102

Request Chain 1

https://afriwell.co/js/noir.js HTTP 302
https://ecomicrolab.com/?ctihmdt3kl6c738dho70 HTTP 302
https://esefelipesuarez.gov.co/?p=6682973a921f01632ecc10398c63b827&u=fdb6c652903b0b4241424a0a1c4d02524357574446100645575d4c445a1316531b51565d1c5d0945085a4d5d5f4f094618514d595b0f0603040200415055500e500b555503

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
afriwell.co/
Redirect Chain

https://eblockchain.edu.vn/
https://adflowtube.com/?ctihmct3kl6c738dhc60
https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b1216501d075d5a1d5c09460e0c465a5e4e09451e07465e5a0e070002540b465154500d565d5e5302

48 KB
14 KB

2229ms
1099ms

Document
text/html

51.68.214.168
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b1216501d075d5a1d5c09460e0c465a5e4e09451e07465e5a0e070002540b465154500d565d5e5302
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.214.168 , United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: afriwell.co
Software: nginx/1.18.0 /
Resource Hash: 2e4613995a9ba9b7b17106dce6a0a34ca58f47add5c07bda79a1cd3d07ea64ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 20 Dec 2024 07:22:30 GMT
server: nginx/1.18.0

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f4de1a3cb08e382-NRT
content-length: 0
date: Fri, 20 Dec 2024 07:22:28 GMT
location: https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b1216501d075d5a1d5c09460e0c465a5e4e09451e07465e5a0e070002540b465154500d565d5e5302
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJQ9yXIWXZ8zGYPE5EPUT4aVHcmAHSd%2BoJ0XxNOrX6DNpvbDe9hjp9TcK7sC75QaihUknCzhqAs85yWmdqaF5kr%2B70emlKVxsKfyD17YcJ0Iddpit8rzAFIc%2FhxQrhzv6g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=1439&min_rtt=1182&rtt_var=469&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4208&recv_bytes=5752&delivery_rate=1030&cwnd=12000&unsent_bytes=0&cid=60ec40c3cf9dd3de&ts=1058&x=1" cfExtPri cfHdrFlush;dur=0

GET

/
jrci.com.co/
Redirect Chain

https://afriwell.co/js/jquery-1.4.4.min.js
https://adflowtube.com/?ctihmdt3kl6c738dho7g
https://jrci.com.co/?p=eada0697b75e8877b981d60aeb813913&u=8eec140685ed594044464b0f4a4b5050465356411016544752594d410c1544511e5557584a5b5b470d5e4c5809495b441d554c5c0d095401010601440653020c550f545102

0
0

GET

/
esefelipesuarez.gov.co/
Redirect Chain

https://afriwell.co/js/noir.js
https://ecomicrolab.com/?ctihmdt3kl6c738dho70
https://esefelipesuarez.gov.co/?p=6682973a921f01632ecc10398c63b827&u=fdb6c652903b0b4241424a0a1c4d02524357574446100645575d4c445a1316531b51565d1c5d0945085a4d5d5f4f094618514d595b0f0603040200415055500e...

0
0

GET
H2 200 9OBGUei.png
i.imgur.com/ 528 KB
529 KB 341ms
111ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/9OBGUei.png

Requested by

Host: afriwell.co
URL: https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b1216501d075d5a1d5c09460e0c465a5e4e09451e07465e5a0e070002540b465154500d565d5e5302

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0c706e3033886129ee1c3b32d264c158ce963ec7ab31e74bc698f173d3a56697

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "61a1539a7632de082fa08a5937a036a3"
age: 537261
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: 8C_tqkDrNU3FUree6rxfDWWHZ84WALfHAGiR0Ljpb_GseOATYRUQ0A==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:40:06 GMT
x-cache-hits: 14, 0
x-served-by: cache-iad-kjyo7100062-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679351.398652,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 540631
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 MXIvmu1.png
i.imgur.com/ 148 B
358 B 380ms
149ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/MXIvmu1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ee797aa7c999cbf88f325170f3560b88e564aa40bac6af8112eabfb5b2619962

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "8f1988e1b825836ab2ea8c7a72798970"
age: 2140919
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: eWiWBxLFDfZX0umy7Jh_3MqyBw7Ak-mvR0tVi9Q4ahwdC-_4GsZrJg==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:40:33 GMT
x-cache-hits: 70, 0
x-served-by: cache-iad-kcgs7200043-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679351.398296,VS0,VE2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 148
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 n08EtAv.png
i.imgur.com/ 130 B
341 B 281ms
281ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/n08EtAv.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2c1ac0b57a3f6fd384088b0ef8124d97d78a915fe90d8bc4c731f4d0479b5069

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "e98c17066c8faaf0d892409591043ac8"
age: 2140900
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: Mn-c5fon_arCed_C7j-eOX5VjbeakT5DZOXBddDFMa30cTZ9r4ZygQ==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:40:51 GMT
x-cache-hits: 116, 1
x-served-by: cache-iad-kcgs7200152-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679352.549221,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 130
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 WevJzdD.png
i.imgur.com/ 235 B
654 B 113ms
112ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WevJzdD.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9e5eec5f891694d2bb86c19a628b9201b1b60d6974cb4365e1f6477b99da4167

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "fd8c498c4673675d9959738b38195581"
age: 1320721
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: a_NzmijI6DJn0dYS_Qlb7bsiFzkVOEUyeAJWcSaYoup0Nbxt0EA1xA==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:41:37 GMT
x-cache-hits: 12, 0
x-served-by: cache-iad-kcgs7200170-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679352.850214,VS0,VE2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 235
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 xte0J4Y.png
i.imgur.com/ 724 B
936 B 110ms
109ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/xte0J4Y.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e842d9cf71efae552c512b1f9ef1633ed1460ff2fe9adc23999c0226f1a9e282

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "5be4df5b230e33992a654b34bd8c2cf5"
age: 1971838
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: BhR3_QZF2mUpr1VEVq0CzRdrwrEJLHffURjHQBoLeoTSmKP2ut9qIw==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:42:20 GMT
x-cache-hits: 55, 0
x-served-by: cache-iad-kjyo7100085-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679352.941883,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 724
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 eYrwaJf.png
i.imgur.com/ 33 KB
33 KB 110ms
110ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/eYrwaJf.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4711112c5ed5f53898894bdd96900d21d0966a964a04c284a1c6bfe7e0dc429e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "3e7746a0d1d6733adee72683dd7410ea"
age: 537263
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: Q1gOe66JPKwG4h-pplb5j91dRCrhnfaZdJkKdhH-_ozX9df1eY5OCw==
date: Fri, 20 Dec 2024 07:22:33 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 09:51:18 GMT
x-cache-hits: 15, 0
x-served-by: cache-iad-kiad7000053-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679354.733988,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33952
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 Y3VaaQ9.png
i.imgur.com/ 240 B
637 B 111ms
111ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Y3VaaQ9.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ff0d20e833aae687da29d607830755248ae94f09dfe104763a192a51ca5dff20

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "44ed4aeff58d875eb14c472217b2f89d"
age: 1991503
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: tt29_9ZJ-bftQYQ5ZRnljb_mAHZkdRDWw3tezykdwE1QqTfIn64PKw==
date: Fri, 20 Dec 2024 07:22:33 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 09:50:49 GMT
x-cache-hits: 88, 0
x-served-by: cache-iad-kiad7000045-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679354.848030,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 240
x-amz-cf-pop: IAD89-P3
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 MtF6F6O.png
i.imgur.com/ 409 B
630 B 110ms
109ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/MtF6F6O.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6d0d2079a49549d11d026f444c1c968d24b142c8855f55221cafa314d7f09be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "2c4b6873881b8527fa1ec3932eb1f73f"
age: 613478
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: NVVbx_bOP6j7CnTaajvUa1yt3t9t_mtWOV1UrV7C8nq41TkBZxPzJA==
date: Fri, 20 Dec 2024 07:22:33 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:41:07 GMT
x-cache-hits: 12, 0
x-served-by: cache-iad-kjyo7100144-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679354.959975,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 409
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 zL786vL.png
i.imgur.com/ 330 B
564 B 110ms
110ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/zL786vL.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

16c43ffa085aa2f9e2f24999a0b07d67b0683778390e4b19650787f2aec62f6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "53fc7b95de8bb8aba4fbb2f587b02cad"
age: 2140968
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: Fc6JUoRw9Wx_aDMlOUw3jh7ehrEclqEBr-yzmEr0w8THrkUD37NuCA==
date: Fri, 20 Dec 2024 07:22:34 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:39:46 GMT
x-cache-hits: 49, 0
x-served-by: cache-iad-kcgs7200116-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679354.071797,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 330
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 x1myANd.png
i.imgur.com/ 3 KB
3 KB 123ms
123ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/x1myANd.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

f8f0e99ed1ae553d9b0d6fd1d080093498798db970909ce6b3eb1f451d047707

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "08ee3925657947022c10f5050995352c"
age: 185175
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: Fn-Es2feJvDHa7UJ-cPHVQFG9Un45eF00dnKMRSBYLexjOih_3hnYg==
date: Fri, 20 Dec 2024 07:22:34 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:39:22 GMT
x-cache-hits: 3, 0
x-served-by: cache-iad-kcgs7200144-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679354.194858,VS0,VE2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3084
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 T0zk7wg.gif
i.imgur.com/ 14 KB
15 KB 110ms
109ms Image
image/gif 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/T0zk7wg.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d4a1837f0cea6400c72ecb093bf7abf8d9a0a4bd0817a2e3fbabe532942610e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "9c6002806f0ca02c3f9d78844505ecf7"
age: 2140840
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: 6CPikHms0nvGkDhyJ_iMH-VkQRlPgjSzX1wRICcO6aH4mjmiEcxhRw==
date: Fri, 20 Dec 2024 07:22:34 GMT
content-type: image/gif
last-modified: Mon, 25 Nov 2024 12:41:54 GMT
x-cache-hits: 32, 0
x-served-by: cache-iad-kiad7000166-IAD, cache-sjc1000126-SJC
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1734679354.306907,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14706
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK / Show response
ipwho.is/ 663 B
935 B 234ms
77ms XHR
application/json 103.126.138.87
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: https://ipwho.is/?lang=en
Requested by: Host: afriwell.co
URL: https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b1216501d075d5a1d5c09460e0c465a5e4e09451e07465e5a0e070002540b465154500d565d5e5302
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 103.126.138.87 Singapore, Singapore, ASN40676 (AS40676, US),
Reverse DNS: unassigned.psychz.net
Software: ipwhois /
Resource Hash: 1ff0b6a8931249eb5aee1a473a6cf7ca1df1c99dbd260af8ace82464b429a9b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

Transfer-Encoding: chunked
X-Robots-Tag: noindex
Connection: keep-alive
Access-Control-Allow-Origin: *
Date: Fri, 20 Dec 2024 07:22:35 GMT
Content-Type: application/json; charset=utf-8
Server: ipwhois
Access-Control-Allow-Headers: *

GET
DATA 200
OK truncated
/ 349 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 MXIvmu1.png
i.imgur.com/ 148 B
0 0ms
0ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/MXIvmu1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ee797aa7c999cbf88f325170f3560b88e564aa40bac6af8112eabfb5b2619962

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "8f1988e1b825836ab2ea8c7a72798970"
age: 2140919
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: eWiWBxLFDfZX0umy7Jh_3MqyBw7Ak-mvR0tVi9Q4ahwdC-_4GsZrJg==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:40:33 GMT
x-cache-hits: 70, 0
x-served-by: cache-iad-kcgs7200043-IAD, cache-sjc1000126-SJC
cache-control: public, max-age=31536000
x-timer: S1734679351.398296,VS0,VE2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 148
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 n08EtAv.png
i.imgur.com/ 130 B
0 1ms
1ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/n08EtAv.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2c1ac0b57a3f6fd384088b0ef8124d97d78a915fe90d8bc4c731f4d0479b5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "e98c17066c8faaf0d892409591043ac8"
age: 2140900
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: Mn-c5fon_arCed_C7j-eOX5VjbeakT5DZOXBddDFMa30cTZ9r4ZygQ==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:40:51 GMT
x-cache-hits: 116, 1
x-served-by: cache-iad-kcgs7200152-IAD, cache-sjc1000126-SJC
cache-control: public, max-age=31536000
x-timer: S1734679352.549221,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 130
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 WevJzdD.png
i.imgur.com/ 235 B
0 1ms
1ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/WevJzdD.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9e5eec5f891694d2bb86c19a628b9201b1b60d6974cb4365e1f6477b99da4167

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "fd8c498c4673675d9959738b38195581"
age: 1320721
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: a_NzmijI6DJn0dYS_Qlb7bsiFzkVOEUyeAJWcSaYoup0Nbxt0EA1xA==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:41:37 GMT
x-cache-hits: 12, 0
x-served-by: cache-iad-kcgs7200170-IAD, cache-sjc1000126-SJC
cache-control: public, max-age=31536000
x-timer: S1734679352.850214,VS0,VE2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 235
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 xte0J4Y.png
i.imgur.com/ 724 B
0 1ms
1ms Image
image/png 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/xte0J4Y.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

e842d9cf71efae552c512b1f9ef1633ed1460ff2fe9adc23999c0226f1a9e282

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/

Response headers

etag: "5be4df5b230e33992a654b34bd8c2cf5"
age: 1971838
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, HIT
x-amz-cf-id: BhR3_QZF2mUpr1VEVq0CzRdrwrEJLHffURjHQBoLeoTSmKP2ut9qIw==
date: Fri, 20 Dec 2024 07:22:31 GMT
content-type: image/png
last-modified: Mon, 25 Nov 2024 12:42:20 GMT
x-cache-hits: 55, 0
x-served-by: cache-iad-kjyo7100085-IAD, cache-sjc1000126-SJC
cache-control: public, max-age=31536000
x-timer: S1734679352.941883,VS0,VE1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 724
x-amz-cf-pop: IAD89-P1
server: cat factory 1.0
x-amz-server-side-encryption: AES256

GET
H2 200 /
colnud.co/ 189 KB
189 KB 2224ms
1645ms Media
audio/mpeg 2a02:4780:1:549:0:19f4:4348:2
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://colnud.co/?p=05c5c0ea9dc52ad80e545634e21d36b0&u=e6160ad6a4f458151046120e491b510512530f4013465512065914400f4545044a550e59490b5a12595b11074b5e404c0742085c0b500550540f1057510708045d5a0504

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:549:0:19f4:4348:2 Asheville, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.2.16

Resource Hash

8f24cf514509b9830bcb4a7204463b87fa3e6d9ce47187192130f8230b1990e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://afriwell.co/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-litespeed-cache-control: no-cache
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Fri, 20 Dec 2024 07:22:37 GMT
content-type: audio/mpeg
x-powered-by: PHP/8.2.16
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2 200 /
colnud.co/ 8 KB
9 KB 1694ms
1115ms Media
audio/mpeg 2a02:4780:1:549:0:19f4:4348:2
AS-HOSTINGER Host...

General

Check archive.org

Show headers Download Go to

Full URL

https://colnud.co/?p=05c5c0ea9dc52ad80e545634e21d36b0&u=a513fa3728360e15474741021c19070545525c4c464403125158474c5a4713041d545d551c090c120e5a420b1e5c164c515257481e5512085b5a560d02065f1050000100560f0a0503

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:549:0:19f4:4348:2 Asheville, United States, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY),

Reverse DNS

Software

LiteSpeed / PHP/8.2.16

Resource Hash

0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://afriwell.co/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-litespeed-cache-control: no-cache
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date: Fri, 20 Dec 2024 07:22:36 GMT
content-type: audio/mpeg
x-powered-by: PHP/8.2.16
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2 404 w1.png
afriwell.co/ 85 KB
18 KB 1070ms
1069ms Other
text/html 51.68.214.168
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://afriwell.co/w1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.214.168 , United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: afriwell.co
Software: nginx/1.18.0 /
Resource Hash: 857cb2afda1c98f02bbfe061d79f00218c04b6322b862bcdce73b6c0eafdd56f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://afriwell.co/?p=e245c2a47390ca7c2a589b5464c14c05&u=73a7c53d272c0b414714410d1d4c025145015c4347110646510b47435b1216501d075d5a1d5c09460e0c465a5e4e09451e07465e5a0e070002540b465154500d565d5e5302

Response headers

expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://afriwell.co/wp-json/>; rel="https://api.w.org/"
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
date: Fri, 20 Dec 2024 07:22:37 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.18.0

GET w3.png
afriwell.co/ 0
0

GET w1.png
afriwell.co/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jrci.com.co
URL: https://jrci.com.co/?p=eada0697b75e8877b981d60aeb813913&u=8eec140685ed594044464b0f4a4b5050465356411016544752594d410c1544511e5557584a5b5b470d5e4c5809495b441d554c5c0d095401010601440653020c550f545102

Domain: esefelipesuarez.gov.co
URL: https://esefelipesuarez.gov.co/?p=6682973a921f01632ecc10398c63b827&u=fdb6c652903b0b4241424a0a1c4d02524357574446100645575d4c445a1316531b51565d1c5d0945085a4d5d5f4f094618514d595b0f0603040200415055500e500b555503

Domain: afriwell.co
URL: https://afriwell.co/w3.png

Domain: afriwell.co
URL: https://afriwell.co/w1.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://afriwell.co/w1.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adflowtube.com
afriwell.co
colnud.co
eblockchain.edu.vn
esefelipesuarez.gov.co
i.imgur.com
ipwho.is
jrci.com.co
afriwell.co
esefelipesuarez.gov.co
jrci.com.co
103.122.221.239
103.126.138.87
172.67.207.252
199.232.196.193
2a02:4780:1:549:0:19f4:4348:2
51.68.214.168
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
0c706e3033886129ee1c3b32d264c158ce963ec7ab31e74bc698f173d3a56697
16c43ffa085aa2f9e2f24999a0b07d67b0683778390e4b19650787f2aec62f6d
1ff0b6a8931249eb5aee1a473a6cf7ca1df1c99dbd260af8ace82464b429a9b8
2c1ac0b57a3f6fd384088b0ef8124d97d78a915fe90d8bc4c731f4d0479b5069
2e4613995a9ba9b7b17106dce6a0a34ca58f47add5c07bda79a1cd3d07ea64ce
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4711112c5ed5f53898894bdd96900d21d0966a964a04c284a1c6bfe7e0dc429e
6d0d2079a49549d11d026f444c1c968d24b142c8855f55221cafa314d7f09be1
857cb2afda1c98f02bbfe061d79f00218c04b6322b862bcdce73b6c0eafdd56f
8f24cf514509b9830bcb4a7204463b87fa3e6d9ce47187192130f8230b1990e3
9e5eec5f891694d2bb86c19a628b9201b1b60d6974cb4365e1f6477b99da4167
d4a1837f0cea6400c72ecb093bf7abf8d9a0a4bd0817a2e3fbabe532942610e1
e842d9cf71efae552c512b1f9ef1633ed1460ff2fe9adc23999c0226f1a9e282
ee797aa7c999cbf88f325170f3560b88e564aa40bac6af8112eabfb5b2619962
f8f0e99ed1ae553d9b0d6fd1d080093498798db970909ce6b3eb1f451d047707
ff0d20e833aae687da29d607830755248ae94f09dfe104763a192a51ca5dff20

afriwell.co Open in urlscan Pro 51.68.214.168 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

24 Requests

83 %HTTPS

17 %IPv6

8 Domains

8 Subdomains

5 IPs

4 Countries

814 kBTransfer

913 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

afriwell.co Open in urlscan Pro
51.68.214.168 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

83 %
HTTPS

17 %
IPv6

8
Domains

8
Subdomains

5
IPs

4
Countries

814 kB
Transfer

913 kB
Size

0
Cookies

24 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!