urlscan.io logo urlscan.io
SecurityTrails logo

www.discovery.co.za Open in urlscan Pro
107.154.80.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://comms.discoverymails.com/servlet/link/34665/149859/103302543/1470921
Effective URL: https://www.discovery.co.za/assets/template-resources/general/retirement-fund-trustee-report.pdf
Submission: On December 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 1 HTTP transactions. The main IP is 107.154.80.49, located in United States and belongs to INCAPSULA, US. The main domain is www.discovery.co.za.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 10th 2021. Valid for: a year.
This is the only time www.discovery.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

retirement-fund-trustee-report.pdf 4 MB application/pdf
MIME: PDF document, version 1.7
Size: 4 MB (4461343 bytes, 100% done)
Downloaded from: https://www.discovery.co.za/assets/template-resources/general/retirement-fund-trustee-report.pdf

Domain & IP information

IP Address AS Autonomous System
1 1 173.213.233.81 22903 (EDGE-HOSTING)
1 107.154.80.49 19551 (INCAPSULA)
1 1
Apex Domain
Subdomains		 Transfer
1 discovery.co.za
www.discovery.co.za
1 discoverymails.com
comms.discoverymails.com
441 B
1 2
Domain Requested by
1 www.discovery.co.za
1 comms.discoverymails.com 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
www.discovery.co.za
Entrust Certification Authority - L1K		 2021-11-10 -
2022-09-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.discovery.co.za/assets/template-resources/general/retirement-fund-trustee-report.pdf
Frame ID: D68DCA15EBC17E9DE341C0C76B5AD24A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

0 kB
Transfer

0 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request retirement-fund-trustee-report.pdf
www.discovery.co.za/assets/template-resources/general/
Redirect Chain
  • https://comms.discoverymails.com/servlet/link/34665/149859/103302543/1470921
  • https://www.discovery.co.za/assets/template-resources/general/retirement-fund-trustee-report.pdf
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.discovery.co.za/assets/template-resources/general/retirement-fund-trustee-report.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.49 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.49.ip.incapdns.net
Software
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1k /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Dec 2021 07:34:24 GMT
server
Apache/2.4.37 (Red Hat Enterprise Linux) OpenSSL/1.1.1k
vary
Origin
last-modified
Thu, 09 Dec 2021 10:23:08 GMT
expires
Fri, 17 Dec 2021 04:45:41 GMT
cache-control
public, immutable, max-age=335476
etag
"1622019362404"
accept-ranges
bytes
content-type
application/pdf;charset=UTF-8
content-length
4461343
server-timing
dtSInfo;desc="0", dtRpid;desc="-1599015227"
x-cdn
Imperva
content-security-policy-report-only
connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.co.in www.google.co.za digitalhealth.discovery.co.za api.feefo.com analytics.google.com fonts.gstatic.com privacyatdiscovery.my.onetrust.com *.doubleclick.net www.google.com adservice.google.com t.co maps.gstatic.com collect.feefo.com api.iperceptions.com www.googletagmanager.com *.googleapis.com cdn.ampproject.org cdn-ukwest.onetrust.com www.discovery.co.za connect.facebook.net maps.googleapis.com www.google.ie *.facebook.com *.ads-twitter.com www.google.co.uk snap.licdn.com; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.cloudfront.net cdn.discovery.co.za; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.discovery.co.za cdnjs.cloudflare.com *.googleapis.com www.googletagmanager.com; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.discovery.co.za; default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: geolocation.onetrust.com *.googleapis.com analytics.twitter.com www.google.com *.doubleclick.net register.feefo.com snap.licdn.com maps.googleapis.com cdn.ampproject.org universal.iperceptions.com localhost:8000 *.googlesyndication.com cdn-ukwest.onetrust.com api.feefo.com *.googleadservices.com www.googletagmanager.com www.google.co.za connect.facebook.net *.ads-twitter.com www.youtube.com *.rfihub.com; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.doubleclick.net; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.googletagmanager.com *.facebook.com maps.google.co.za universal.iperceptions.com www.youtube.com *.googlesyndication.com *.doubleclick.net www.discovery.co.za *.cloudfront.net iframe.iono.fm digitalhealth.discovery.co.za; form-action *.facebook.com www.discovery.co.za; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: cdn-ukwest.onetrust.com digital.discsrv.co.za www.google.com www.google.co.in *.doubleclick.net maps.googleapis.com www.linkedin.com px.ads.linkedin.com www.google.co.za api.feefo.com connect.facebook.net maps.gstatic.com *.cloudfront.net www.googletagmanager.com www.google.ie *.googleadservices.com *.facebook.com t.co www.google.co.uk www.discovery.co.za; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: fonts.gstatic.com www.discovery.co.za cdnjs.cloudflare.com static3.avast.com; report-uri /csp_report
x-iinfo
9-9742400-9742401 NNNY CT(198 397 0) RT(1639380864245 0) q(0 0 0 0) r(4 4) U18

Redirect headers

Date
Mon, 13 Dec 2021 07:34:24 GMT
Server
Apache
Location
https://www.discovery.co.za/assets/template-resources/general/retirement-fund-trustee-report.pdf
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

5 Cookies

Domain/Path Name / Value
comms.discoverymails.com/ Name: LB-Persist
Value: !koX+rIlC+LPjCeUqFoahm/5T+BANzsCNV5eTL+NUAMeGOklOwBdWnydwIEkVqEpsPx+6QnqqNyzZ2JU=
.discovery.co.za/ Name: dtCookie
Value: v_4_srv_2_sn_B49B8F1C5754F981890869C27E1CF468_perc_84437_ol_0_mul_2_app-3Ab1cc0772b1865bef_1_rcs-3Acss_0
.discovery.co.za/ Name: visid_incap_1753140
Value: zFKTc443R+uCEuUPKxcKToD3tmEAAAAAQUIPAAAAAAC56lnS8j6iA6R5s4qD1iL/
.discovery.co.za/ Name: nlbi_1753140
Value: J2yiSW/FbyIf7enqiEr7XwAAAAD2Th+zr0Sb3q4tW6ncDps3
.discovery.co.za/ Name: incap_ses_535_1753140
Value: ekdcJbV5eFNSr0ZqKrRsB4D3tmEAAAAAdX7DuImL0scaV1it2qPSBA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comms.discoverymails.com
www.discovery.co.za
107.154.80.49
173.213.233.81