abc.alkawthar.edu.sa Open in urlscan Pro
92.205.90.20  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://enquiry.geeta.edu.in/university.html Page URL
2. https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	university.html Show response enquiry.geeta.edu.in/	808 B 1 KB	517ms 414ms	Document text/html	2606:4700:3031::6815:c56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://enquiry.geeta.edu.in/university.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:c56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e353777ea867b09b07619e9a74255addc85528d1b128744d5f3560c418c32fc1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 70eb1b5dba3434cf-NRT content-encoding br content-type text/html date Sat, 21 May 2022 06:03:05 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 18 May 2022 13:46:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8orP16JyQAq4nyM%2FfpU%2BIL0Z7%2BtwUg5Ri%2BUm3UMv5Ji6Scu%2BuabG%2BsauZhUlmWYEN1ToFHzI90PUMzGznSk36ecbQ91qUU8nXNSq6pvtpvOWVRc%2B1SJvInRUKMRdf23Q1dynD634GbF1MHu1U24x2yZmQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	rocket-loader.min.js Show response enquiry.geeta.edu.in/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	5ms 4ms	Script application/javascript	2606:4700:3031::6815:c56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://enquiry.geeta.edu.in/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: enquiry.geeta.edu.in URL: https://enquiry.geeta.edu.in/university.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:c56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language jp-JP,jp;q=0.9 Referer https://enquiry.geeta.edu.in/university.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:05 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 17 May 2022 19:29:40 GMT server cloudflare etag W/"6283f7a4-302c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4evzzQXtNz5vBWmu9uAehiXutsWGBX1LTK2aEYBDZscC1iWgMet3NSz%2FuodFnf8ZoqWoHTw3P4BZ2PA%2F6kVIWxNH9Hqx2hJtS%2BkqSo%2BnETvbwXA3ejf5bzoLCAxX2sLm%2BdcqljEpFMSRWJTzpp7avEEUnw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 70eb1b607d6f34cf-NRT vary Accept-Encoding expires Mon, 23 May 2022 06:03:05 GMT
GET H2	200	api.js enquiry.geeta.edu.in/cdn-cgi/bm/cv/669835187/	35 KB 9 KB	5ms 4ms	Script text/javascript	2606:4700:3031::6815:c56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://enquiry.geeta.edu.in/cdn-cgi/bm/cv/669835187/api.js Requested by Host: enquiry.geeta.edu.in URL: https://enquiry.geeta.edu.in/university.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:c56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://enquiry.geeta.edu.in/university.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:05 GMT content-encoding gzip x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39e8poo0giAgbRTmHAmG2dzTWpRm5IgYD7HWbFyiNK9sUqOCwTMO9Crv4E18jWVpRk7R9MNyhnbVdM%2FJ2%2BYLC1xbvoX3gfbQ1YZ%2FTiRxB%2F1IUBrDAeUdwNCEb7Vq6EcCGYwxPZPd%2BTr8lJ2%2FrWkZ7FwgsQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=604800, public cf-ray 70eb1b607d7034cf-NRT
GET H2	200	Primary Request index.html Show response abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/	46 KB 6 KB	824ms 240ms	Document text/html	92.205.90.20 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html Requested by Host: enquiry.geeta.edu.in URL: https://enquiry.geeta.edu.in/university.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.90.20 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash e1abc206511324c7ddbc9169839fe9fe29d17a46d4cbb38a238c826c1a8eea47 Request headers Referer https://enquiry.geeta.edu.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 6320 content-type text/html date Sat, 21 May 2022 06:03:06 GMT etag "29a2eae-b712-5df0cbda71a80-br" last-modified Sun, 15 May 2022 13:18:18 GMT server Apache vary Accept-Encoding
POST H3	204	result enquiry.geeta.edu.in/cdn-cgi/bm/cv/	0 713 B	11ms 11ms	XHR text/plain	2606:4700:3031::6815:c56 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://enquiry.geeta.edu.in/cdn-cgi/bm/cv/result?req_id=70eb1b5dba3434cf Requested by Host: enquiry.geeta.edu.in URL: https://enquiry.geeta.edu.in/cdn-cgi/bm/cv/669835187/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::6815:c56 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://enquiry.geeta.edu.in/university.html accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/json Response headers date Sat, 21 May 2022 06:03:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 70eb1b60ef4b1eab-NRT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J%2BAFmF%2B%2BOvyuwJYqk4dL5VScZse4JFEYHpoV2ICjvxCQwwLvRZEfdY4pF2w%2BnWcxzBPfIVXTufWQKG%2Fe9QZL1HZ1taIfREe5gkcAkCN84eQ2hGmAGTXTIf2LoxneV2fEpF1gxvBRmHmYvGQG8xTUGpPyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
GET H2	200	ionos.min5638.js Show response abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/	29 KB 7 KB	240ms 240ms	Script application/javascript	92.205.90.20 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/ionos.min5638.js?v=1579862045214 Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.90.20 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash 7c0de161499069d611d714a1a14cb2d077f651d14f13fd1d8d3ad22496f85de5 Request headers accept-language jp-JP,jp;q=0.9 Referer https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:06 GMT content-encoding br last-modified Mon, 25 May 2020 19:40:44 GMT server Apache etag "29a2e4e-73c5-5a67e27994700-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 6581
GET H2	200	main.min5638.js Show response abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/	204 KB 65 KB	716ms 715ms	Script application/javascript	92.205.90.20 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/main.min5638.js?v=1579862045214 Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.90.20 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash bf4cbf9d81ae5793eb38dcb25361c7e6694282c8f286ec7ab485b22480e20a7b Request headers accept-language jp-JP,jp;q=0.9 Referer https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:06 GMT content-encoding br last-modified Tue, 30 Jun 2020 16:13:42 GMT server Apache etag "29a2eaf-3301d-5a94f757a1980-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 66149
GET H2	200	ionos.min5638.css abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/	168 KB 23 KB	475ms 474ms	Stylesheet text/css	92.205.90.20 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/ionos.min5638.css?v=1579862045214 Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.90.20 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash b3277e70abe1446f00087e4c9b22dd32ff2c2273c0ca5df76dbdd913fdb06744 Request headers accept-language jp-JP,jp;q=0.9 Referer https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:06 GMT content-encoding br last-modified Tue, 26 May 2020 21:48:18 GMT server Apache etag "29a2e4c-29e88-5a6940da76c80-br" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 23132
GET H2	200	login.min5638.css abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/css/	15 KB 6 KB	240ms 240ms	Stylesheet text/css	92.205.90.20 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/css/login.min5638.css?v=1579862045214 Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.90.20 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash 9d27c279b8aef5083f4720d71b79ba18519d3f924955d7338932a5252555b669 Request headers accept-language jp-JP,jp;q=0.9 Referer https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:06 GMT content-encoding br last-modified Fri, 24 Jan 2020 17:34:06 GMT server Apache etag "29a2e7b-3cd3-59ce62a153f80-br" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6324
GET H2	200	exos-icon-font.woff ce1.uicdn.net/exos/icons/	49 KB 49 KB	1151ms 508ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=5 Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/ionos.min5638.css?v=1579862045214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 4306df7936080ae76ba0880e54cdbfd3c0a7c82b63d9c2c02c54e991e733a919 Request headers Referer https://abc.alkawthar.edu.sa/ Origin https://abc.alkawthar.edu.sa accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:08 GMT last-modified Mon, 21 Mar 2022 08:31:12 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 50192 expires Tue, 16 May 2023 13:22:20 GMT
GET H2	200	opensans-regular.woff ce1.uicdn.net/exos/fonts/open-sans/	62 KB 63 KB	1897ms 1258ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/ionos.min5638.css?v=1579862045214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b Request headers Referer https://abc.alkawthar.edu.sa/ Origin https://abc.alkawthar.edu.sa accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:08 GMT last-modified Tue, 12 Jun 2018 09:26:07 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 63712 expires Tue, 16 May 2023 13:22:12 GMT
GET H2	403	status.json Show response abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/maintenance/	0 94 B	246ms 246ms	XHR text/html	92.205.90.20 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/maintenance/status.json Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/main.min5638.js?v=1579862045214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.90.20 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / PHP/7.3.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/index.html X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:07 GMT content-encoding br server Apache x-powered-by PHP/7.3.33 content-length 1 vary Accept-Encoding content-type text/html;charset=utf-8
GET H2	200	overpass-bold.woff ce1.uicdn.net/exos/fonts/overpass/	41 KB 41 KB	1321ms 1167ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/overpass/overpass-bold.woff Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/ionos.min5638.css?v=1579862045214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc Request headers Referer https://abc.alkawthar.edu.sa/ Origin https://abc.alkawthar.edu.sa accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:08 GMT last-modified Tue, 12 Jun 2018 09:26:06 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 42092 expires Tue, 16 May 2023 13:22:12 GMT
GET H2	200	opensans-bold.woff ce1.uicdn.net/exos/fonts/open-sans/	62 KB 62 KB	972ms 818ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/ionos.min5638.css?v=1579862045214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9 Request headers Referer https://abc.alkawthar.edu.sa/ Origin https://abc.alkawthar.edu.sa accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:08 GMT last-modified Tue, 12 Jun 2018 09:26:07 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 63564 expires Tue, 16 May 2023 13:22:12 GMT
GET H2	200	overpass-regular.woff ce1.uicdn.net/exos/fonts/overpass/	42 KB 42 KB	1238ms 1084ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff Requested by Host: abc.alkawthar.edu.sa URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/1.1/ionos.min5638.css?v=1579862045214 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5 Request headers Referer https://abc.alkawthar.edu.sa/ Origin https://abc.alkawthar.edu.sa accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Sat, 21 May 2022 06:03:08 GMT last-modified Tue, 12 Jun 2018 09:26:06 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 42580 expires Tue, 16 May 2023 13:22:12 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| Tap object| EXOS string| oao_market_tld string| oao_market_language undefined| oao_hostName object| oaoTranslationLib object| translationDictionary object| OAO object| stay_logged_in object| oao_moc_login object| $buoop function| $buo function| $ function| jQuery function| _ object| op undefined| $bu function| addToHomescreen

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.geeta.edu.in/	1970-01-20 03:11:54	Name: __cf_bm Value: j_EKclaJFTm1L9.X.tHj3mQg3JUuK_VFDH6xooYUFEk-1653112985-0-AXEQ5fhRDJ836DR7tsqsJycOXWmXq1OvOSZ+U3/MmgmGt3xRcLLm13Xy9/UgKTgWnws9pJWNSSpOd5M7SonaYBGFXmq+Dnz/FKqOrBNCdAVXXey41hasGvXPZiR/f3rJFg==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://abc.alkawthar.edu.sa/dmrsybslaegpemdagevn/maintenance/status.json Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abc.alkawthar.edu.sa
ce1.uicdn.net
enquiry.geeta.edu.in
213.165.66.58
2606:4700:3031::6815:c56
92.205.90.20
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
4306df7936080ae76ba0880e54cdbfd3c0a7c82b63d9c2c02c54e991e733a919
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc
7c0de161499069d611d714a1a14cb2d077f651d14f13fd1d8d3ad22496f85de5
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9
9d27c279b8aef5083f4720d71b79ba18519d3f924955d7338932a5252555b669
b3277e70abe1446f00087e4c9b22dd32ff2c2273c0ca5df76dbdd913fdb06744
bf4cbf9d81ae5793eb38dcb25361c7e6694282c8f286ec7ab485b22480e20a7b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5
e1abc206511324c7ddbc9169839fe9fe29d17a46d4cbb38a238c826c1a8eea47
e353777ea867b09b07619e9a74255addc85528d1b128744d5f3560c418c32fc1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855