prasa.resolve.sng.za.com Open in urlscan Pro
20.164.37.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://prasa.resolve.sng.za.com/admin/login
Submission Tags: falconsandbox
Submission: On October 25 via api (October 25th 2024, 4:49:15 am UTC) from US — Scanned from CA

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 20.164.37.173, located in Johannesburg, South Africa and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is prasa.resolve.sng.za.com.
TLS certificate: Issued by R11 on August 31st 2024. Valid for: 3 months.

This is the only time prasa.resolve.sng.za.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
6	20.164.37.173 20.164.37.173		8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2

6 20.164.37.173 (Johannesburg, South Africa)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prasa.resolve.sng.za.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	za.com prasa.resolve.sng.za.com	5 MB
0	polyfill.io Failed cdn.polyfill.io Failed
7	2

	Domain	Requested by
6	prasa.resolve.sng.za.com	prasa.resolve.sng.za.com
0	cdn.polyfill.io Failed	prasa.resolve.sng.za.com
7	2

This site contains no links.

Subject Issuer	Validity	Valid
prasa.resolve.sng.za.com R11	`2024-08-31` - `2024-11-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prasa.resolve.sng.za.com/admin/login
Frame ID: 40D4F4C8918448CC5CCE37142FF35421
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - PRASA Audit Tracking System

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

4620 kB
Transfer

4646 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
prasa.resolve.sng.za.com/admin/ 33 KB
12 KB 1519ms
279ms Document
text/html 20.164.37.173
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prasa.resolve.sng.za.com/admin/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.164.37.173 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

8a2fb5bd2b8bad01cc87b910c2a79f451fd39c532f3e54cca3452bd66e1fa759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 25 Oct 2024 04:49:07 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 admin.css
prasa.resolve.sng.za.com/themes/prasa/css/ 357 KB
358 KB 261ms
259ms Stylesheet
text/css 20.164.37.173
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prasa.resolve.sng.za.com/themes/prasa/css/admin.css?id=93d3fb482204f16d5fc5664df99cbf2f

Requested by

Host: prasa.resolve.sng.za.com
URL: https://prasa.resolve.sng.za.com/admin/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.164.37.173 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

07bd97cf2bd533727830beaaf2b62b649674b58d7debdb24ad2a1a4e399642c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prasa.resolve.sng.za.com/admin/login

Response headers

strict-transport-security: max-age=31536000
etag: "66e07737-595fc"
accept-ranges: bytes
content-length: 366076
date: Fri, 25 Oct 2024 04:49:07 GMT
content-type: text/css
last-modified: Tue, 10 Sep 2024 16:43:35 GMT
server: nginx

GET
H2 200 logo.png
prasa.resolve.sng.za.com/themes/prasa/images/ 14 KB
14 KB 518ms
517ms Image
image/png 20.164.37.173
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prasa.resolve.sng.za.com/themes/prasa/images/logo.png

Requested by

Host: prasa.resolve.sng.za.com
URL: https://prasa.resolve.sng.za.com/admin/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.164.37.173 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e6a690c70e40306e1cdcc75c38f4c7cd465361a5bd10344697edec451137d6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prasa.resolve.sng.za.com/admin/login

Response headers

strict-transport-security: max-age=31536000
etag: "66e0767e-37e2"
accept-ranges: bytes
content-length: 14306
date: Fri, 25 Oct 2024 04:49:07 GMT
content-type: image/png
last-modified: Tue, 10 Sep 2024 16:40:30 GMT
server: nginx

GET polyfill.min.js
cdn.polyfill.io/v2/ 0
0

GET
H2 200 admin.js Show response
prasa.resolve.sng.za.com/js/ 4 MB
4 MB 552ms
551ms Script
application/javascript 20.164.37.173
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prasa.resolve.sng.za.com/js/admin.js?id=03204335ded2962e5f69288ec2d4e65b

Requested by

Host: prasa.resolve.sng.za.com
URL: https://prasa.resolve.sng.za.com/admin/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.164.37.173 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

de7cb5584d33c23f680ed4d575336c1eadf251160005db759e3b6025829a8c70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prasa.resolve.sng.za.com/admin/login

Response headers

strict-transport-security: max-age=31536000
etag: "66e07737-4205ff"
accept-ranges: bytes
content-length: 4326911
date: Fri, 25 Oct 2024 04:49:08 GMT
content-type: application/javascript
last-modified: Tue, 10 Sep 2024 16:43:35 GMT
server: nginx

GET
DATA 200
OK truncated
/ 570 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa5da85cc0ce28e59d50fd286d7a7ec0bbd616cbbc62fa722d7b65d96f169c5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83cbdf3e5f63325a3d359b5c25b51958b3c4c5114ba5808186ce2626fff8be19

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 logo.png
prasa.resolve.sng.za.com/themes/prasa/images/ 14 KB
0 0ms
0ms Image
image/png 20.164.37.173
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prasa.resolve.sng.za.com/themes/prasa/images/logo.png
Requested by: Host: prasa.resolve.sng.za.com
URL: https://prasa.resolve.sng.za.com/admin/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.164.37.173 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e6a690c70e40306e1cdcc75c38f4c7cd465361a5bd10344697edec451137d6e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prasa.resolve.sng.za.com/admin/login

Response headers

accept-ranges: bytes
content-length: 14306
date: Fri, 25 Oct 2024 04:49:07 GMT
etag: "66e0767e-37e2"
content-type: image/png
last-modified: Tue, 10 Sep 2024 16:40:30 GMT
server: nginx

GET
H2 200 favicon.ico
prasa.resolve.sng.za.com/themes/prasa/images/ 894 B
1 KB 260ms
259ms Other
image/x-icon 20.164.37.173
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://prasa.resolve.sng.za.com/themes/prasa/images/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.164.37.173 Johannesburg, South Africa, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

6feb4c2eb1063fd6109332aab6e20d3a1342f9b09523cd615e296b3ee56ea1ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prasa.resolve.sng.za.com/admin/login

Response headers

strict-transport-security: max-age=31536000
etag: "66e0767e-37e"
accept-ranges: bytes
content-length: 894
date: Fri, 25 Oct 2024 04:49:10 GMT
content-type: image/x-icon
last-modified: Tue, 10 Sep 2024 16:40:30 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.polyfill.io
URL: https://cdn.polyfill.io/v2/polyfill.min.js

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			prasa.resolve.sng.za.com/	1970-01-21 00:30:46	Name: XSRF-TOKEN Value: eyJpdiI6IkdXOWNCR3hYUllpZEZ1N1d4c0NQaFE9PSIsInZhbHVlIjoiS2gxa1RVZW85U1BSeWRia3VyajFMWmFqSWRqbU8wd2gwcDhpT3krTHhqT1c3MzdiVEw5YWtHSVpvSEN6MlFXUTNuM0h1WFRpV2xNTlVsNHRlT1dtL1JGNUhjYXpUMERnenNXb0ExVmhPMXJ1QUdVNFNlMlJxdFY4TEo3UXptbmUiLCJtYWMiOiIzYzMxNmU0NWE0NDA2MDQ1NzI5MzI1OTk2MWMyNmQ0ZjMwNGY0OGViNTVlN2YwMjczZjlmMDM2NDI1YjQ4MGFiIiwidGFnIjoiIn0%3D
			prasa.resolve.sng.za.com/	1970-01-21 00:30:46	Name: prasa_audit_tracking_system_session Value: eyJpdiI6ImZVdGRxTHFaV29rRjRiUmprSlpjZXc9PSIsInZhbHVlIjoiTWM1eUJsR3NZT2RrbkVJeVAvcjZaQXlxQ1l5UTVNZ3BDSlNzeTZ0ek5rR2N3bE1pSkIzUGxqNGJvSngzaFNFTldkcEw5MHJXQmpkY1pQZXVjU1hkS3BPWHZxcUhyNlIrY0lHS00vdWVCekVnaG5CamZueUdqMC91bUMyVTg1UU0iLCJtYWMiOiJkM2QxOWQwODEzMzk5NzY1NmI5M2U3ODlhOTg3MDA2MWY0YTZmNzA3MjYyZWU2NjNkZjI5YmY0YTQxMzZlZjBmIiwidGFnIjoiIn0%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.polyfill.io/v2/polyfill.min.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
recommendation	verbose	URL: https://prasa.resolve.sng.za.com/admin/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.polyfill.io
prasa.resolve.sng.za.com
cdn.polyfill.io
20.164.37.173
07bd97cf2bd533727830beaaf2b62b649674b58d7debdb24ad2a1a4e399642c6
6feb4c2eb1063fd6109332aab6e20d3a1342f9b09523cd615e296b3ee56ea1ed
83cbdf3e5f63325a3d359b5c25b51958b3c4c5114ba5808186ce2626fff8be19
8a2fb5bd2b8bad01cc87b910c2a79f451fd39c532f3e54cca3452bd66e1fa759
de7cb5584d33c23f680ed4d575336c1eadf251160005db759e3b6025829a8c70
e6a690c70e40306e1cdcc75c38f4c7cd465361a5bd10344697edec451137d6e6
fa5da85cc0ce28e59d50fd286d7a7ec0bbd616cbbc62fa722d7b65d96f169c5d

prasa.resolve.sng.za.com Open in urlscan Pro 20.164.37.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

4620 kBTransfer

4646 kBSize

2 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

prasa.resolve.sng.za.com Open in urlscan Pro
20.164.37.173 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

4620 kB
Transfer

4646 kB
Size

2
Cookies

7 HTTP transactions
2 data transactions