app.da.org.za - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 196.45.115.47, located in Mauritius and belongs to XTRAORDINARY-AS --- Transit providers ---, GB. The main domain is app.da.org.za.

This is the only time app.da.org.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	196.45.115.47 196.45.115.47	30827 (XTRAORDIN...) (XTRAORDINARY-AS --- Transit providers ---)
3	2606:4700:30:... 2606:4700:30::681f:5cf9	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2

1 196.45.115.47 (Mauritius)

ASN30827 (XTRAORDINARY-AS --- Transit providers ---, GB)
PTR: mta001.da.org.za

app.da.org.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:30::681f:5cf9 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

app.libimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	libimage.com app.libimage.com	122 KB
1	da.org.za app.da.org.za	4 KB
4	2

	Domain	Requested by
3	app.libimage.com	app.da.org.za
1	app.da.org.za
4	2

This site contains links to these domains. Also see Links.

Domain
dagauteng.org.za
www.facebook.com
app.mailclk.com

Subject Issuer	Validity	Valid
sni244167.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-02-09` - `2019-08-18`	6 months	crt.sh

This page contains 1 frames:

Primary Page: http://app.da.org.za/wb.php?p=fcmn/easo/rs/4hd4/bzkc/rs
Frame ID: 0698B634A25E80DF9CDE288413F6D478
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

4
Requests

75 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

126 kB
Transfer

132 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://dagauteng.org.za/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TshepisoSollyMsimanga/

Search URL Search Domain Scan URL

URL: https://app.mailclk.com/u.php?p=fcmn/rs/4hd4/bzkc/rs/rs
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://app.mailclk.com/wb.php?p=fcmn/rs/rs/4hd4/bzkc/rs
Title: View Online

Search URL Search Domain Scan URL

URL: https://app.mailclk.com/f.php?p=fcmn/rs/rs/4hd4/bzkc/rs
Title: Forward to a friend

Search URL Search Domain Scan URL

URL: https://app.mailclk.com/report_abuse.php?mid=fcmn-4hd4-Z3Nvc29sYUBpZmMub3Jn-bzkc-9cq-rs
Title: Report as Spam

Search URL Search Domain Scan URL

URL: https://app.mailclk.com/whitelist.php?email=
Title: Whitelist our newsletter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.0	200 OK	Primary Request Cookie set wb.php Show response app.da.org.za/	11 KB 4 KB	451ms 414ms	Document text/html	196.45.115.47 XTRAORDINARY-AS -...
General Check archive.org Show headers Download Go to Full URL http://app.da.org.za/wb.php?p=fcmn/easo/rs/4hd4/bzkc/rs Protocol HTTP/1.0 Server 196.45.115.47 , Mauritius, ASN30827 (XTRAORDINARY-AS --- Transit providers ---, GB), Reverse DNS mta001.da.org.za Software Apache / Resource Hash `1a15b01697dfc6ef2e1a7b51eda2b3d60cda8be8decb4cd49a642fc7b3c63613` Request headers Host app.da.org.za Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 26 Jun 2019 07:57:57 GMT Server Apache Set-Cookie PHPSESSID=lqjo9sqpu1cbpkucn60fl04ii6; path=/ Vary Accept-Encoding Content-Encoding gzip Content-Length 3305 Content-Type text/html; charset=UTF-8 X-Cache MISS from app.totalsend.com X-Cache-Lookup MISS from app.totalsend.com:80 Connection keep-alive
GET H2	200	1zk0 app.libimage.com/app/public/file/view/9cq/	100 KB 101 KB	277ms 149ms	Image image/jpeg	2606:4700:30::681f:5cf9 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://app.libimage.com/app/public/file/view/9cq/1zk0 Requested by Host: app.da.org.za URL: http://app.da.org.za/wb.php?p=fcmn/easo/rs/4hd4/bzkc/rs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681f:5cf9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `7564ef048f4943337f5f714c12e73cf210e7875cb28b6a541d52015d7c9ac142` Request headers Referer http://app.da.org.za/wb.php?p=fcmn/easo/rs/4hd4/bzkc/rs User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 07:57:58 GMT x-cache-lookup HIT from app.totalsend.com:80 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS from app.totalsend.com content-type image/jpeg status 200 cf-ray 4ecda2275f79bec9-FRA
GET H2	200	1v2c app.libimage.com/app/public/file/view/9cq/	12 KB 12 KB	377ms 249ms	Image image/png	2606:4700:30::681f:5cf9 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://app.libimage.com/app/public/file/view/9cq/1v2c Requested by Host: app.da.org.za URL: http://app.da.org.za/wb.php?p=fcmn/easo/rs/4hd4/bzkc/rs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681f:5cf9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `f6b8731e4d853d8d0ea34005d6d05a59c671fed35642560405406e08a3a9eb65` Request headers Referer http://app.da.org.za/wb.php?p=fcmn/easo/rs/4hd4/bzkc/rs User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 07:57:58 GMT x-cache-lookup HIT from app.totalsend.com:80 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS from app.totalsend.com content-type image/png status 200 cf-ray 4ecda2275f7abec9-FRA
GET H2	200	1tn5 app.libimage.com/app/public/file/view/9cq/	9 KB 9 KB	281ms 153ms	Image image/png	2606:4700:30::681f:5cf9 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://app.libimage.com/app/public/file/view/9cq/1tn5 Requested by Host: app.da.org.za URL: http://app.da.org.za/wb.php?p=fcmn/easo/rs/4hd4/bzkc/rs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681f:5cf9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `f1a0558e9f6a557491fc181863ab2d5b10235d06d573acde4ded3a57dc3d04de` Request headers Referer http://app.da.org.za/wb.php?p=fcmn/easo/rs/4hd4/bzkc/rs User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 07:57:58 GMT x-cache-lookup HIT from app.totalsend.com:80 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-cache MISS from app.totalsend.com content-type image/png status 200 cf-ray 4ecda2275f7bbec9-FRA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.da.org.za/	1969-12-31 23:59:59	Name: PHPSESSID Value: lqjo9sqpu1cbpkucn60fl04ii6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.da.org.za
app.libimage.com
196.45.115.47
2606:4700:30::681f:5cf9
1a15b01697dfc6ef2e1a7b51eda2b3d60cda8be8decb4cd49a642fc7b3c63613
7564ef048f4943337f5f714c12e73cf210e7875cb28b6a541d52015d7c9ac142
f1a0558e9f6a557491fc181863ab2d5b10235d06d573acde4ded3a57dc3d04de
f6b8731e4d853d8d0ea34005d6d05a59c671fed35642560405406e08a3a9eb65

app.da.org.za Open in urlscan Pro 196.45.115.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

4 Requests

75 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

126 kBTransfer

132 kBSize

1 Cookies

7 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Indicators

app.da.org.za Open in urlscan Pro
196.45.115.47 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

126 kB
Transfer

132 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions