urlscan.io logo urlscan.io
SecurityTrails logo

feedback.pwminvest.co.za Open in urlscan Pro
40.118.40.109  Public Scan

Go To Rescan Add Verdict Report
URL: https://feedback.pwminvest.co.za/
Submission: On December 30 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 40.118.40.109, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is feedback.pwminvest.co.za.
TLS certificate: Issued by GeoTrust TLS DV RSA Mixed SHA256 2020... on August 13th 2021. Valid for: 6 months.
This is the only time feedback.pwminvest.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 40.118.40.109 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 13.95.155.53 8075 (MICROSOFT...)
7 5
2    40.118.40.109 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
feedback.pwminvest.co.za
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    13.95.155.53 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-61.westeurope.logic.azure.com
Domain Requested by
2 prod-61.westeurope.logic.azure.com code.jquery.com
2 feedback.pwminvest.co.za feedback.pwminvest.co.za
1 code.jquery.com feedback.pwminvest.co.za
1 stackpath.bootstrapcdn.com feedback.pwminvest.co.za
1 cdnjs.cloudflare.com feedback.pwminvest.co.za
7 5

This site contains links to these domains. Also see Links.

Domain
pwminvest.co.za
Subject Issuer Validity Valid
feedback.pwminvest.co.za
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-08-13 -
2022-02-12		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
westeurope.logic.azure.com
Microsoft Azure TLS Issuing CA 02		 2021-09-27 -
2022-09-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://feedback.pwminvest.co.za/
Frame ID: 1015F6E351DAC5D279CB41DF0319E880
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Feedback

Detected technologies

Overall confidence: 100%
Detected patterns
  • /Chart(?:\.bundle)?(?:\.min)?\.js
  • cdnjs\.cloudflare\.com/ajax/libs/Chart\.js/([\d.]+(?:-[^/]+)?)/Chart.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

499 kB
Transfer

927 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
feedback.pwminvest.co.za/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://feedback.pwminvest.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05fa143176dabfea7c53c4270cf4ba0870a9562c416bb233a0d12aa639aa6836
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

cache-control
public, must-revalidate, max-age=30
content-type
text/html
content-encoding
br
etag
"73113630"
vary
Accept-Encoding
strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-dns-prefetch-control
off
date
Thu, 30 Dec 2021 12:50:11 GMT
Chart.min.js
cdnjs.cloudflare.com/ajax/libs/Chart.js/2.4.0/ 		145 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.4.0/Chart.min.js
Requested by
Host: feedback.pwminvest.co.za
URL: https://feedback.pwminvest.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694c9d05ddc3de9dfee6d5495c4465a8cb6809e8fea78b5d0fe76426079158d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 12:50:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2370496
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
34988
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:03:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cee-244cb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mnw%2BZStQfd2WOgE%2BG%2FfEeNZr0GTalT%2Bmc5eY5snIrmp3yAFdv904fXspdScx5vROKEH44KR0SUg6IIYGNe7PkCt6Rcu4gy0RiToUsUln1Qwg7j5KdC6BupCuoRqgwJoYAF3pR9IwIacWyLbui2MbgqKS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c5b647c3fff59e9-MXP
expires
Tue, 20 Dec 2022 12:50:12 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/ 		150 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css
Requested by
Host: feedback.pwminvest.co.za
URL: https://feedback.pwminvest.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://feedback.pwminvest.co.za
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 12:50:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601
access-control-allow-origin
*
cdn-cachedat
08/03/2021 19:30:51
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:07 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
d5b00be259981485b36333a2aa458662
cf-ray
6c5b647c381383a3-MXP
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
PWM.png
feedback.pwminvest.co.za/img/ 		355 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://feedback.pwminvest.co.za/img/PWM.png
Requested by
Host: feedback.pwminvest.co.za
URL: https://feedback.pwminvest.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.40.109 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
316373eab4f176358b896709dd44d8ae1e6c5cdfdca6943782f3ff886c10940d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://feedback.pwminvest.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
referrer-policy
same-origin
etag
"73113630"
x-dns-prefetch-control
off
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, must-revalidate, max-age=30
date
Thu, 30 Dec 2021 12:50:11 GMT
x-content-type-options
nosniff
jquery-3.4.1.js
code.jquery.com/ 		274 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.js
Requested by
Host: feedback.pwminvest.co.za
URL: https://feedback.pwminvest.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer
Origin
https://feedback.pwminvest.co.za
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 30 Dec 2021 12:50:12 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-4472c"
vary
Accept-Encoding
x-hw
1640868612.dop205.ml1.t,1640868612.cds214.ml1.hn,1640868612.cds033.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
82889
invoke
prod-61.westeurope.logic.azure.com/workflows/18024d11a6d54b429ac0720510a79399/triggers/manual/paths/ 		0
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-61.westeurope.logic.azure.com/workflows/18024d11a6d54b429ac0720510a79399/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=1OzHGml4ZqOG5Gc8LZgwmpJyyKGu3-jbfuEmCW4Fn3Y
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.155.53 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

x-ms-ratelimit-remaining-workflow-upload-contentsize
111076303
strict-transport-security
max-age=31536000; includeSubDomains
x-ms-client-tracking-id
08585607382725395648063419853CU91
x-ms-ratelimit-time-remaining-directapirequests
10344729
x-ms-tracking-id
08ec0c32-3e70-4166-ae16-ab6da485b1f0
x-ms-ratelimit-remaining-workflow-download-contentsize
111076352
x-ms-workflow-name
dfa93429-05fd-96a6-2fe1-498a635f4f79
x-ms-execution-location
westeurope
content-length
0
x-ms-ratelimit-burst-remaining-workflow-writes
154
x-ms-workflow-id
18024d11a6d54b429ac0720510a79399
pragma
no-cache
x-ms-workflow-system-id
/locations/westeurope/scaleunits/prod-61/workflows/18024d11a6d54b429ac0720510a79399
date
Thu, 30 Dec 2021 12:50:12 GMT
x-ms-workflow-version
08585610737395299663
access-control-allow-origin
*
x-ms-request-id
westeurope:08ec0c32-3e70-4166-ae16-ab6da485b1f0
access-control-expose-headers
x-ms-workflow-run-id,x-ms-correlation-id,x-ms-client-tracking-id,x-ms-trigger-history-name,x-ms-execution-location,x-ms-workflow-system-id,x-ms-workflow-id,x-ms-workflow-version,x-ms-workflow-name,x-ms-tracking-id,x-ms-ratelimit-burst-remaining-workflow-writes,x-ms-ratelimit-remaining-workflow-download-contentsize,x-ms-ratelimit-remaining-workflow-upload-contentsize,x-ms-ratelimit-time-remaining-directapirequests
cache-control
no-cache
x-ms-correlation-id
08ec0c32-3e70-4166-ae16-ab6da485b1f0
x-ms-trigger-history-name
08585607382725395648063419853CU91
x-ms-workflow-run-id
08585607382725395648063419853CU91
expires
-1
invoke
prod-61.westeurope.logic.azure.com/workflows/18024d11a6d54b429ac0720510a79399/triggers/manual/paths/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-61.westeurope.logic.azure.com/workflows/18024d11a6d54b429ac0720510a79399/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=1OzHGml4ZqOG5Gc8LZgwmpJyyKGu3-jbfuEmCW4Fn3Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.95.155.53 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://feedback.pwminvest.co.za
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache
pragma
no-cache
expires
-1
access-control-allow-headers
content-type
access-control-max-age
3600
access-control-allow-origin
*
access-control-allow-methods
GET,POST,PUT,DELETE,PATCH,OPTIONS,HEAD
x-ms-request-id
westeurope:11f5893c-ecde-40e6-a292-6b3b0a160d39
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 30 Dec 2021 12:50:12 GMT
content-length
0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Color function| Chart undefined| $ function| jQuery function| urlParam

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block