password.nwu.ac.za - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 7 HTTP transactions. The main IP is 143.160.38.186, located in Montshiwa, South Africa and belongs to PUKNET, ZA. The main domain is password.nwu.ac.za.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 18th 2023. Valid for: a year.

This is the only time password.nwu.ac.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	143.160.38.186 143.160.38.186	8094 (PUKNET) (PUKNET)
2	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
7	3

4 143.160.38.186 (Montshiwa, South Africa)

ASN8094 (PUKNET, ZA)
PTR: v-tom-lnx1.nwu.ac.za

password.nwu.ac.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	nwu.ac.za password.nwu.ac.za	6 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447	131 KB
7	2

	Domain	Requested by
4	password.nwu.ac.za	password.nwu.ac.za
2	platform.twitter.com	password.nwu.ac.za platform.twitter.com
1	syndication.twitter.com	platform.twitter.com
7	3

This site contains links to these domains. Also see Links.

Domain
vssweb.nwu.ac.za
diyservices.nwu.ac.za

Subject Issuer	Validity	Valid
*.nwu.ac.za Sectigo RSA Organization Validation Secure Server CA	`2023-10-18` - `2024-10-17`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-08-20`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-01` - `2024-10-31`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://password.nwu.ac.za/manqiti/password_change.jsp
Frame ID: A82338D17BE69BFF6E6BAAF623C1819E
Requests: 5 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fpassword.nwu.ac.za
Frame ID: 7998A4ED32669170E0D12940639DFF83
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Password Change

Page URL History Show full URLs

https://password.nwu.ac.za/ Page URL
https://password.nwu.ac.za/manqiti/password_change.jsp Page URL

Detected technologies

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

137 kB
Transfer

417 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vssweb.nwu.ac.za/str-webclient/StudentWebLoginWin.do#/top
Title: Change Student PIN

Search URL Search Domain Scan URL

URL: https://diyservices.nwu.ac.za/vss-password-reset
Title: VSS Password Reset

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://password.nwu.ac.za/ Page URL
https://password.nwu.ac.za/manqiti/password_change.jsp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
password.nwu.ac.za/ 496 B
766 B 1329ms
224ms Document
text/html 143.160.38.186
PUKNET

General

Check archive.org

Show headers Download Go to

Full URL: https://password.nwu.ac.za/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 143.160.38.186 Montshiwa, South Africa, ASN8094 (PUKNET, ZA),
Reverse DNS: v-tom-lnx1.nwu.ac.za
Software: Apache/2.2.15 (Red Hat) /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: close
Content-Length: 496
Content-Type: text/html; charset=UTF-8
Date: Wed, 15 Nov 2023 08:39:16 GMT
ETag: "600cd-1f0-4f8bb75111fe4"
Last-Modified: Tue, 06 May 2014 13:45:13 GMT
Server: Apache/2.2.15 (Red Hat)

GET
H/1.1 200
OK Primary Request password_change.jsp Show response
password.nwu.ac.za/manqiti/ 3 KB
4 KB 669ms
223ms Document
text/html 143.160.38.186
PUKNET

General

Check archive.org

Show headers Download Go to

Full URL: https://password.nwu.ac.za/manqiti/password_change.jsp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 143.160.38.186 Montshiwa, South Africa, ASN8094 (PUKNET, ZA),
Reverse DNS: v-tom-lnx1.nwu.ac.za
Software: /
Resource Hash: ace36b5bb34da4df6c7e7ab46a8694d7d2d83308a64300de74d8b73b86deb4e4

Request headers

Referer: https://password.nwu.ac.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: close
Content-Length: 3387
Content-Type: text/html;charset=UTF-8
Date: Wed, 15 Nov 2023 08:39:17 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 72ms
22ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: password.nwu.ac.za
URL: https://password.nwu.ac.za/manqiti/password_change.jsp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://password.nwu.ac.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 08:39:17 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 27598
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-eddf8230078-FRA
last-modified: Mon, 09 Oct 2023 20:29:49 GMT
etag: "391b7fdf0c468036f27102529636f0ca+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H/1.1 404
Not Found twitter_user.js
password.nwu.ac.za/manqiti/scripts/ 0
0 668ms
223ms Script
text/html 143.160.38.186
PUKNET

General

Check archive.org

Show headers Download Go to

Full URL: https://password.nwu.ac.za/manqiti/scripts/twitter_user.js
Requested by: Host: password.nwu.ac.za
URL: https://password.nwu.ac.za/manqiti/password_change.jsp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 143.160.38.186 Montshiwa, South Africa, ASN8094 (PUKNET, ZA),
Reverse DNS: v-tom-lnx1.nwu.ac.za
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://password.nwu.ac.za/manqiti/password_change.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 08:39:18 GMT
Connection: close
Content-Length: 1013
Content-Type: text/html;charset=utf-8

GET
H/1.1 200
OK look.css
password.nwu.ac.za/manqiti/ 2 KB
2 KB 649ms
218ms Stylesheet
text/css 143.160.38.186
PUKNET

General

Check archive.org

Show headers Download Go to

Full URL: https://password.nwu.ac.za/manqiti/look.css
Requested by: Host: password.nwu.ac.za
URL: https://password.nwu.ac.za/manqiti/password_change.jsp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 143.160.38.186 Montshiwa, South Africa, ASN8094 (PUKNET, ZA),
Reverse DNS: v-tom-lnx1.nwu.ac.za
Software: /
Resource Hash: def8dca16b16dc4423052cd0137ab0f32f3f7c837254ccd9c408e2f4c8f6d17b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://password.nwu.ac.za/manqiti/password_change.jsp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Wed, 15 Nov 2023 08:39:18 GMT
Last-Modified: Wed, 12 Dec 2018 13:27:11 GMT
Connection: close
Accept-Ranges: bytes
ETag: W/"1585-1544621231000"
Content-Length: 1585
Content-Type: text/css

GET
H2 200 widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 7998 319 KB
103 KB 23ms
22ms Document
text/html 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fpassword.nwu.ac.za
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://password.nwu.ac.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Wed, 15 Nov 2023 08:39:18 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 09 Oct 2023 20:29:18 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100103-IAD, cache-fra-eddf8230078-FRA

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7998 869 B
659 B 178ms
132ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e089e29deaba18d37ba91c5319890b1b2b883863

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fpassword.nwu.ac.za

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 15 Nov 2023 08:39:17 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 15 Nov 2023 08:39:18 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: a87a797e86c73ae3
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 686eeb256da34824416f418bff39d766675d153859adaff2a29eeda94412095b
content-length: 337

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			password.nwu.ac.za/manqiti/	1969-12-31 23:59:59	Name: JSESSIONID Value: 730E05981EA2E318279D35D121467C81

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://password.nwu.ac.za/manqiti/scripts/twitter_user.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

password.nwu.ac.za
platform.twitter.com
syndication.twitter.com
104.244.42.72
143.160.38.186
146.75.116.157
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
ace36b5bb34da4df6c7e7ab46a8694d7d2d83308a64300de74d8b73b86deb4e4
def8dca16b16dc4423052cd0137ab0f32f3f7c837254ccd9c408e2f4c8f6d17b

password.nwu.ac.za Open in urlscan Pro 143.160.38.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

3 Countries

137 kBTransfer

417 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

password.nwu.ac.za Open in urlscan Pro
143.160.38.186 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

137 kB
Transfer

417 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions