prestigebanking.mn Open in urlscan Pro
202.131.224.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://progres.com.br/mde/upload.php
Effective URL:
https://prestigebanking.mn/ncan.snb/scnrst.php
Submission: On September 26 via manual (September 26th 2023, 9:22:25 am UTC) from ZA — Scanned from DE

Summary HTTP 4 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 202.131.224.36, located in Mongolia and belongs to MOBINET-AS-MN Mobinet LLC. AS Mobinet Internet Service Provider, MN. The main domain is prestigebanking.mn.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 2nd 2023. Valid for: 3 months.

This is the only time prestigebanking.mn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	187.103.240.254 187.103.240.254	28283 (Adylnet T...) (Adylnet Telecom)
4	202.131.224.36 202.131.224.36	9484 (MOBINET-A...) (MOBINET-AS-MN Mobinet LLC. AS Mobinet Internet Service Provider)
4	2

1 187.103.240.254 (Bento Gonçalves, Brazil) 1 redirects

ASN28283 (Adylnet Telecom, BR)
PTR: netserver11.galafassi.com.br

progres.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.131.224.36 (Mongolia)

ASN9484 (MOBINET-AS-MN Mobinet LLC. AS Mobinet Internet Service Provider, MN)
PTR: whm3.mobinet.mn

prestigebanking.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	prestigebanking.mn prestigebanking.mn	16 KB
1	progres.com.br 1 redirects progres.com.br	183 B
4	2

	Domain	Requested by
4	prestigebanking.mn	prestigebanking.mn
1	progres.com.br	1 redirects
4	2

This site contains no links.

Subject Issuer	Validity	Valid
prestigebanking.mn cPanel, Inc. Certification Authority	`2023-08-02` - `2023-10-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prestigebanking.mn/ncan.snb/scnrst.php
Frame ID: 524932A1FF81975036E9B7EC970A4E9E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

No route found for "GET /ncan.snb/scnrst.php" (404 Not Found) An Error Occurred: Not Found

Page URL History Show full URLs

https://progres.com.br/mde/upload.php HTTP 302
https://prestigebanking.mn/ncan.snb/scnrst.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

16 kB
Transfer

17 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://progres.com.br/mde/upload.php HTTP 302
https://prestigebanking.mn/ncan.snb/scnrst.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request scnrst.php Show response prestigebanking.mn/ncan.snb/ Redirect Chain https://progres.com.br/mde/upload.php https://prestigebanking.mn/ncan.snb/scnrst.php	5 KB 5 KB	770ms 168ms	Document text/html	202.131.224.36 MOBINET-AS-MN Mob...
General Check archive.org Show headers Download Go to Full URL https://prestigebanking.mn/ncan.snb/scnrst.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.131.224.36 , Mongolia, ASN9484 (MOBINET-AS-MN Mobinet LLC. AS Mobinet Internet Service Provider, MN), Reverse DNS whm3.mobinet.mn Software Apache / Resource Hash `afb0f2a6622f5db17f54162c7961e2663f8b36bfd3b1e533794d3c1a74617466` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 26 Sep 2023 09:22:19 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked Redirect headers cluster-host netserver11.galafassi.com.br content-length 0 content-type text/html; charset=UTF-8 date Tue, 26 Sep 2023 09:22:19 GMT location https://prestigebanking.mn/ncan.snb/scnrst.php server AUTOM8N-nginx vary User-Agent x-powered-by PHP/7.4.33
GET H/1.1	200 OK	structure.css prestigebanking.mn/bundles/framework/css/	1 KB 1 KB	127ms 126ms	Stylesheet text/css	202.131.224.36 MOBINET-AS-MN Mob...
General Check archive.org Show headers Download Go to Full URL https://prestigebanking.mn/bundles/framework/css/structure.css Requested by Host: prestigebanking.mn URL: https://prestigebanking.mn/ncan.snb/scnrst.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.131.224.36 , Mongolia, ASN9484 (MOBINET-AS-MN Mobinet LLC. AS Mobinet Internet Service Provider, MN), Reverse DNS whm3.mobinet.mn Software Apache / Resource Hash `76f41c81402560eb764b1054e1a8b7462ed9f8aea999979f131f00f575bcf6f5` Request headers accept-language de-DE,de;q=0.9 Referer https://prestigebanking.mn/ncan.snb/scnrst.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Tue, 26 Sep 2023 09:22:19 GMT Last-Modified Thu, 08 May 2014 02:34:44 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1191
GET H/1.1	200 OK	body.css prestigebanking.mn/bundles/framework/css/	7 KB 7 KB	254ms 126ms	Stylesheet text/css	202.131.224.36 MOBINET-AS-MN Mob...
General Check archive.org Show headers Download Go to Full URL https://prestigebanking.mn/bundles/framework/css/body.css Requested by Host: prestigebanking.mn URL: https://prestigebanking.mn/ncan.snb/scnrst.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.131.224.36 , Mongolia, ASN9484 (MOBINET-AS-MN Mobinet LLC. AS Mobinet Internet Service Provider, MN), Reverse DNS whm3.mobinet.mn Software Apache / Resource Hash `39bc05b06cc293306e6ece64e39c780cda8f5cf17d694700f0fea72e16c95b9d` Request headers accept-language de-DE,de;q=0.9 Referer https://prestigebanking.mn/ncan.snb/scnrst.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Tue, 26 Sep 2023 09:22:19 GMT Last-Modified Thu, 08 May 2014 02:34:44 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 6657
GET H/1.1	200 OK	exception.css prestigebanking.mn/bundles/framework/css/	2 KB 3 KB	381ms 126ms	Stylesheet text/css	202.131.224.36 MOBINET-AS-MN Mob...
General Check archive.org Show headers Download Go to Full URL https://prestigebanking.mn/bundles/framework/css/exception.css Requested by Host: prestigebanking.mn URL: https://prestigebanking.mn/ncan.snb/scnrst.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 202.131.224.36 , Mongolia, ASN9484 (MOBINET-AS-MN Mobinet LLC. AS Mobinet Internet Service Provider, MN), Reverse DNS whm3.mobinet.mn Software Apache / Resource Hash `46cae20e3bffa7837bf5fb531ec34d18bb6831022292d07609848289ece71c59` Request headers accept-language de-DE,de;q=0.9 Referer https://prestigebanking.mn/ncan.snb/scnrst.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Date Tue, 26 Sep 2023 09:22:19 GMT Last-Modified Thu, 08 May 2014 02:34:44 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 2425
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a906b18578b3fd7a9f95d37b1c93c30551fc6cf09169f042976795cadaf4fc56` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	393 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `63754ee3a59e9a98c30fdf945d0f44a8bfbbecb1808c3bd0b62cf1d48f0be389` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	63 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d8a22ae83d5a11f9d7b9a39f2bce1fcb64930f403734a75738e8e62d23c555ea` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	361 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `df74e5c10bbbe640c9d4dbc1a6eb09e396af142eea596a3cc1cd312fc298a373` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	379 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `763d87e919fd43a1fe57eb609a1357459b9a8d214e508fea034adee51cdedb30` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	135 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `27e7b74ad4ec231c02047a95517579dd928868ea8d86ea45085b722aa8bd07cd` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prestigebanking.mn/ncan.snb/scnrst.php Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://prestigebanking.mn/ncan.snb/scnrst.php(Line 19) Message: Mixed Content: The page at 'https://prestigebanking.mn/ncan.snb/scnrst.php' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://symfony.com/search'. This endpoint should be made available over a secure connection.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

prestigebanking.mn
progres.com.br
187.103.240.254
202.131.224.36
27e7b74ad4ec231c02047a95517579dd928868ea8d86ea45085b722aa8bd07cd
39bc05b06cc293306e6ece64e39c780cda8f5cf17d694700f0fea72e16c95b9d
46cae20e3bffa7837bf5fb531ec34d18bb6831022292d07609848289ece71c59
63754ee3a59e9a98c30fdf945d0f44a8bfbbecb1808c3bd0b62cf1d48f0be389
763d87e919fd43a1fe57eb609a1357459b9a8d214e508fea034adee51cdedb30
76f41c81402560eb764b1054e1a8b7462ed9f8aea999979f131f00f575bcf6f5
a906b18578b3fd7a9f95d37b1c93c30551fc6cf09169f042976795cadaf4fc56
afb0f2a6622f5db17f54162c7961e2663f8b36bfd3b1e533794d3c1a74617466
d8a22ae83d5a11f9d7b9a39f2bce1fcb64930f403734a75738e8e62d23c555ea
df74e5c10bbbe640c9d4dbc1a6eb09e396af142eea596a3cc1cd312fc298a373

prestigebanking.mn Open in urlscan Pro 202.131.224.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

16 kBTransfer

17 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

prestigebanking.mn Open in urlscan Pro
202.131.224.36 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

16 kB
Transfer

17 kB
Size

0
Cookies

4 HTTP transactions
6 data transactions