urlscan.io logo urlscan.io
SecurityTrails logo

www.kemfied.co.za Open in urlscan Pro
197.255.147.146  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.kemfied.co.za/backup/zimbra-hash.html
Submission: On February 02 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 197.255.147.146, located in Johannesburg, South Africa and belongs to ADEPT-, ZA. The main domain is www.kemfied.co.za.
This is the only time www.kemfied.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 197.255.147.146 15022 (ADEPT-)
3 77.83.219.182 199837 (TREPSYSTEMAS)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 3
Apex Domain
Subdomains		 Transfer
3 saetpd.it
webmail.saetpd.it
27 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
33 KB
1 kemfied.co.za
www.kemfied.co.za
11 KB
5 3
Domain Requested by
3 webmail.saetpd.it www.kemfied.co.za
webmail.saetpd.it
1 code.jquery.com www.kemfied.co.za
1 www.kemfied.co.za
5 3

This site contains links to these domains. Also see Links.

Domain
www.zimbra.com
blog.zimbra.com
wiki.zimbra.com
Subject Issuer Validity Valid
*.saetpd.it
Sectigo RSA Domain Validation Secure Server CA		 2021-03-24 -
2022-04-14		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh

This page contains 1 frames:

Primary Page: http://www.kemfied.co.za/backup/zimbra-hash.html
Frame ID: F147F99AF729914895DD6BD56840D21E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zimbra Web Client Sign In

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

80 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

71 kB
Transfer

178 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zimbra-hash.html
www.kemfied.co.za/backup/ 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.kemfied.co.za/backup/zimbra-hash.html
Protocol
HTTP/1.1
Server
197.255.147.146 Johannesburg, South Africa, ASN15022 (ADEPT-, ZA),
Reverse DNS
cp0.adept.co.za
Software
Apache /
Resource Hash
9d2bcf70ad515fa949c166b5d66e0be62f66db5f4b69790e01623364fa215058

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 02 Feb 2022 13:25:46 GMT
Server
Apache
Last-Modified
Wed, 02 Feb 2022 05:52:28 GMT
Accept-Ranges
bytes
Content-Length
11349
Connection
close
Content-Type
text/html
common,login,zhtml,skin.css
webmail.saetpd.it/css/ 		60 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webmail.saetpd.it/css/common,login,zhtml,skin.css?skin=harmony&v=141215152838
Requested by
Host: www.kemfied.co.za
URL: http://www.kemfied.co.za/backup/zimbra-hash.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.83.219.182 Limena, Italy, ASN199837 (TREPSYSTEMAS, IT),
Reverse DNS
webmail.saetpd.it
Software
/
Resource Hash
0808e0766239013a76be3d0d605f62b98937d414dc099d6b89073d24be6c67be
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.kemfied.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 13:25:46 GMT
Content-Encoding
gzip
Vary
User-Agent, Accept-Encoding, User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
public, max-age=2595600
Transfer-Encoding
chunked
Expires
Fri, 4 Mar 2022 14:25:46 GMT
jquery-1.11.1.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: www.kemfied.co.za
URL: http://www.kemfied.co.za/backup/zimbra-hash.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.kemfied.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 13:25:45 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-1762a"
vary
Accept-Encoding
x-hw
1643808345.dop013.ml1.t,1643808345.cds016.ml1.hn,1643808345.cds019.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
ImgCritical_32.png
webmail.saetpd.it/img/dwt/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.saetpd.it/img/dwt/ImgCritical_32.png
Requested by
Host: www.kemfied.co.za
URL: http://www.kemfied.co.za/backup/zimbra-hash.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.83.219.182 Limena, Italy, ASN199837 (TREPSYSTEMAS, IT),
Reverse DNS
webmail.saetpd.it
Software
/
Resource Hash
dbe2ddb68a1551e50afee8edce02b19f9f86a0f43643fac32f66616bd10e30cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.kemfied.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 13:25:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Dec 2014 21:10:20 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Content-Type
image/png
Cache-Control
public, max-age=2595600
Accept-Ranges
bytes
Content-Length
1809
Expires
Fri, 4 Mar 2022 14:25:46 GMT
LoginBanner_white.png
webmail.saetpd.it/skins/_base/logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail.saetpd.it/skins/_base/logos/LoginBanner_white.png?v=141215152839
Requested by
Host: webmail.saetpd.it
URL: https://webmail.saetpd.it/css/common,login,zhtml,skin.css?skin=harmony&v=141215152838
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.83.219.182 Limena, Italy, ASN199837 (TREPSYSTEMAS, IT),
Reverse DNS
webmail.saetpd.it
Software
/
Resource Hash
e9938d831d47476ba1bae2c1116bae70493e98b384cc14c15a5e348a38c01942
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://webmail.saetpd.it/css/common,login,zhtml,skin.css?skin=harmony&v=141215152838
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 02 Feb 2022 13:25:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Dec 2014 21:10:36 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, User-Agent
Content-Type
image/png
Cache-Control
public, max-age=2595600
Accept-Ranges
bytes
Content-Length
12444
Expires
Fri, 4 Mar 2022 14:25:46 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| _0x43a7f2 string| hash function| _0x3b44 function| _0x2ab7 number| count function| eldoNai function| clientChange function| showWhatsThis

0 Cookies