urlscan.io logo urlscan.io
SecurityTrails logo

ballito-accommodation.co.za Open in urlscan Pro
196.220.38.76  Public Scan

Go To Rescan Add Verdict Report
URL: http://ballito-accommodation.co.za/
Submission: On November 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 5 HTTP transactions. The main IP is 196.220.38.76, located in Cape Town, South Africa and belongs to ZA-1-Grid, ZA. The main domain is ballito-accommodation.co.za.
This is the only time ballito-accommodation.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 196.220.38.76 36943 (ZA-1-Grid)
1 163.172.36.88 12876 (Online SAS)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 51.210.32.103 16276 (OVH)
5 5
1    196.220.38.76 (Cape Town, South Africa)

ASN36943 (ZA-1-Grid, ZA)
PTR: win16.wadns.net
ballito-accommodation.co.za
1    163.172.36.88 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-36-88.rev.poneytelecom.eu
d.top4top.io
1    2400:52e0:1e01::883:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)
cdn.rawgit.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    51.210.32.103 (France)

ASN16276 (OVH, FR)
PTR: ns3172599.ip-51-210-32.eu
i.ibb.co
Apex Domain
Subdomains		 Transfer
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 13047
66 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
6 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 10290
724 B
1 top4top.io
d.top4top.io
842 KB
1 ballito-accommodation.co.za
ballito-accommodation.co.za
2 KB
0 trash.network Failed
a.trash.network Failed
5 6
Domain Requested by
1 i.ibb.co ballito-accommodation.co.za
1 cdn.jsdelivr.net ballito-accommodation.co.za
1 cdn.rawgit.com 1 redirects
1 d.top4top.io ballito-accommodation.co.za
1 ballito-accommodation.co.za
0 a.trash.network Failed ballito-accommodation.co.za
5 6

This site contains no links.

Subject Issuer Validity Valid
top4top.io
R3		 2022-11-01 -
2023-01-30		 3 months crt.sh
ibb.co
R3		 2022-10-09 -
2023-01-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://ballito-accommodation.co.za/
Frame ID: 9862BB6978C661A31101B41B69C66B77
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

anonymous09

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

5
Requests

40 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

916 kB
Transfer

926 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js HTTP 301
  • https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ballito-accommodation.co.za/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ballito-accommodation.co.za/
Protocol
HTTP/1.1
Server
196.220.38.76 Cape Town, South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
win16.wadns.net
Software
Microsoft-IIS/6.0 / ASP.NET
Resource Hash
c979dd9d6fd7181f15072c923fdcedc73dc96f0231dc39f0486483f325515e40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
1506
Content-Location
http://ballito-accommodation.co.za/index.htm
Content-Type
text/html
Date
Wed, 23 Nov 2022 06:09:30 GMT
ETag
"80704a6f6efd61:f7185"
Last-Modified
Wed, 20 Jan 2021 08:29:57 GMT
Server
Microsoft-IIS/6.0
Vary
Accept-Encoding
X-Powered-By
ASP.NET
p_1628rowfb0.png
d.top4top.io/ 		841 KB
842 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.top4top.io/p_1628rowfb0.png
Requested by
Host: ballito-accommodation.co.za
URL: http://ballito-accommodation.co.za/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.172.36.88 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-36-88.rev.poneytelecom.eu
Software
nginx /
Resource Hash
b22d5435d1010c53ba5f5604e39ec85a0f4c6c35085e02f58b788a03c8d1aa6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ballito-accommodation.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-file-id
x33016395x
date
Wed, 23 Nov 2022 06:09:31 GMT
last-modified
Tue, 16 Jun 2020 10:52:30 GMT
server
nginx
etag
"5ee8a46e-d24b1"
content-type
image/png
cache-control
max-age=7200
content-disposition
inline; filename="20200616_175131.png"
accept-ranges
bytes
content-length
861361
expires
Wed, 23 Nov 2022 08:09:31 GMT
efek-salju.js
cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/
Redirect Chain
  • https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js
  • https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js
Requested by
Host: ballito-accommodation.co.za
URL: http://ballito-accommodation.co.za/
Protocol
H2
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5ed77faf29839c9d46e57e4b4a39b84edc143818579a7e0db1f61f9c58f084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ballito-accommodation.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 06:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2834
x-jsd-version
2a7805c7
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19127-FRA, cache-itm18834-ITM
x-jsd-version-type
branch
server
cloudflare
etag
W/"3e74-+UH++c/vmoJn5o/iit08ZPyZab0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uPTECdCPttiq8qrcbC3OkMDAridP5tJoGWFb%2BBtlogOs%2BcXgLWSM9RM4%2B3G6P72MBfYCC2deiw5HzM4R4aZuiKx19IVRHr%2Bz6Fy3fRnmyhdBHYduAtNz9bMjEBgqohR6YGCJzR5fOV5GCnEUBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
76e7bc8b08d99c12-FRA

Redirect headers

date
Wed, 23 Nov 2022 06:09:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1056
age
81055
x-cache
MISS, HIT
cdn-cachedat
11/23/2022 06:09:31
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
106
x-served-by
cache-fra-eddf8230081-FRA, cache-chi-kigq8000139-CHI
server
BunnyCDN-AMS1-883
cdn-proxyver
1.03
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
d340ddadd98c2ee76d3b0de105580d13
timing-allow-origin
*
cdn-requestcountrycode
RU
cdn-status
301
cdn-requestpullsuccess
True
1600x900-doomsday-aftermath.jpg
i.ibb.co/LRLJySR/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/LRLJySR/1600x900-doomsday-aftermath.jpg
Requested by
Host: ballito-accommodation.co.za
URL: http://ballito-accommodation.co.za/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.32.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172599.ip-51-210-32.eu
Software
nginx /
Resource Hash
ba362e33cd264d2a788a444668e21300ddab21d48b45fa855e1173463c3532ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ballito-accommodation.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 06:09:31 GMT
last-modified
Wed, 21 Oct 2020 03:34:53 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67734
expires
Thu, 31 Dec 2037 23:55:55 GMT
pgsohs.mp3
a.trash.network/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
a.trash.network
URL
https://a.trash.network/pgsohs.mp3

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| vid function| playVid function| pauseVid object| snowStorm function| SnowStorm

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://a.trash.network/pgsohs.mp3
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED