kpicentre.com Open in urlscan Pro
103.28.91.38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kpicentre.com/fr-academie/
Submission Tags: @phish_report
Submission: On September 09 via api (September 9th 2024, 8:27:41 am UTC) from FI — Scanned from FI

Summary HTTP 6 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 103.28.91.38, located in Cyberjaya, Malaysia and belongs to GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY. The main domain is kpicentre.com.
TLS certificate: Issued by R11 on August 26th 2024. Valid for: 3 months.

This is the only time kpicentre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	103.28.91.38 103.28.91.38		132372 (GBNETWORK...) (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd.)
6	2

3 103.28.91.38 (Cyberjaya, Malaysia)

ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY)

kpicentre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	kpicentre.com kpicentre.com	60 KB
0	tw1.ru Failed cp41046.tw1.ru Failed
0	Failed function sub() { [native code] }. Failed
6	3

	Domain	Requested by
3	kpicentre.com	kpicentre.com
0	cp41046.tw1.ru Failed
0	invalid Failed	kpicentre.com
6	3

This site contains links to these domains. Also see Links.

Domain
extranet.ac-mayotte.fr
messagerie.ac-mayotte.fr

Subject Issuer	Validity	Valid
kpicentre.com R11	`2024-08-26` - `2024-11-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://kpicentre.com/fr-academie/
Frame ID: CD1197F83681C89BEFB369279B758DDA
Requests: 10 HTTP requests in this frame

Frame: https://kpicentre.com/fr-academie/125Authentification_files/download-iframe-GC.html
Frame ID: CD2172350E44589E3BF38A0D2CCE6348
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Authentification

Page Statistics

6
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

60 kB
Transfer

94 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://extranet.ac-mayotte.fr/login/activation_cle.jsp
Title: activer ma clé

Search URL Search Domain Scan URL

URL: https://messagerie.ac-mayotte.fr/aida
Title: cliquez ce lien

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response kpicentre.com/fr-academie/	59 KB 59 KB	1893ms 548ms	Document text/html	103.28.91.38 GBNETWORK-AS-AP G...
General Check archive.org Show headers Download Go to Full URL https://kpicentre.com/fr-academie/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.28.91.38 Cyberjaya, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY), Reverse DNS Software Apache / Resource Hash `c2b47b917eee5c72d1245cf901dbf2913eb3d57e31db07108fad44ca7c292ee8` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 60068 Content-Type text/html Date Mon, 09 Sep 2024 08:27:34 GMT Keep-Alive timeout=5 Last-Modified Wed, 19 Apr 2023 10:21:50 GMT Server Apache
GET H/1.1	200 OK	css kpicentre.com/fr-academie/125Authentification_files/	656 B 864 B	612ms 337ms	Stylesheet text/plain	103.28.91.38 GBNETWORK-AS-AP G...
General Check archive.org Show headers Download Go to Full URL https://kpicentre.com/fr-academie/125Authentification_files/css Requested by Host: kpicentre.com URL: https://kpicentre.com/fr-academie/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.28.91.38 Cyberjaya, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY), Reverse DNS Software Apache / Resource Hash `7d8874be11b33e1c104b4d84881b6dad69c87e06def0107abfe8bf9c53a45f0d` Request headers Referer https://kpicentre.com/fr-academie/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Date Mon, 09 Sep 2024 08:27:35 GMT Last-Modified Wed, 19 Apr 2023 10:21:50 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 656
GET DATA	200 OK	truncated /	25 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a0e585b3324d091e9591fdfb631b2d81f69680a04c482e9d6b7d39e4eb6278cd` Request headers Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	3 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `63ae340679d5af35ec862cc7cc430135ddb8b194f702e5505292c70a63a46d83` Request headers Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	3 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `df1a98d6ee3b9578353f14046cccfdd676066bd87d793b766f634a185761802e` Request headers Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	2 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `09966d1a1a6a6e10d0b016ce71ad623aab78b78cf7c9bca140e72c4d60bc3e0b` Request headers Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Content-Type image/gif
GET		/ invalid/	0 0

GET H/1.1	200 OK	download-iframe-GC.html Show response kpicentre.com/fr-academie/125Authentification_files/ Frame CD21	341 B 574 B	377ms 376ms	Document text/html	103.28.91.38 GBNETWORK-AS-AP G...
General Check archive.org Show headers Download Go to Full URL https://kpicentre.com/fr-academie/125Authentification_files/download-iframe-GC.html Requested by Host: kpicentre.com URL: https://kpicentre.com/fr-academie/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.28.91.38 Cyberjaya, Malaysia, ASN132372 (GBNETWORK-AS-AP GB Network Solutions Sdn. Bhd., MY), Reverse DNS Software Apache / Resource Hash `5edccdb352fa8df20a15c2125f2e24c5d09ab15230a667c85d9f0b702eb59c25` Request headers Referer https://kpicentre.com/fr-academie/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 341 Content-Type text/html Date Mon, 09 Sep 2024 08:27:35 GMT Keep-Alive timeout=5 Last-Modified Wed, 19 Apr 2023 10:21:50 GMT Server Apache
GET DATA	200 OK	truncated /	1 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5b24b39536564664d3b3f8370c7f5eebdda366c5ea5ba7acee6a853e115fd4a7` Request headers Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	932 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8c81b6cbb3ca90d967cf811099e7636d47bb122d2950ecfcb9e56f0713aeadeb` Request headers Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers Content-Type image/gif
GET		/ invalid/ Frame CD21	0 0

GET		Authentification.html cp41046.tw1.ru/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: cp41046.tw1.ru
URL: http://cp41046.tw1.ru/Authentification.html

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| savepage_ShadowLoader

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
security	error	URL: https://kpicentre.com/fr-academie/ Message: Mixed Content: The page at 'https://kpicentre.com/fr-academie/' was loaded over HTTPS, but requested an insecure favicon 'http://cp41046.tw1.ru/Authentification.html'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cp41046.tw1.ru
invalid
kpicentre.com
cp41046.tw1.ru
invalid
103.28.91.38
09966d1a1a6a6e10d0b016ce71ad623aab78b78cf7c9bca140e72c4d60bc3e0b
5b24b39536564664d3b3f8370c7f5eebdda366c5ea5ba7acee6a853e115fd4a7
5edccdb352fa8df20a15c2125f2e24c5d09ab15230a667c85d9f0b702eb59c25
63ae340679d5af35ec862cc7cc430135ddb8b194f702e5505292c70a63a46d83
7d8874be11b33e1c104b4d84881b6dad69c87e06def0107abfe8bf9c53a45f0d
8c81b6cbb3ca90d967cf811099e7636d47bb122d2950ecfcb9e56f0713aeadeb
a0e585b3324d091e9591fdfb631b2d81f69680a04c482e9d6b7d39e4eb6278cd
c2b47b917eee5c72d1245cf901dbf2913eb3d57e31db07108fad44ca7c292ee8
df1a98d6ee3b9578353f14046cccfdd676066bd87d793b766f634a185761802e

kpicentre.com Open in urlscan Pro 103.28.91.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

60 kBTransfer

94 kBSize

0 Cookies

2 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

kpicentre.com Open in urlscan Pro
103.28.91.38 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

60 kB
Transfer

94 kB
Size

0
Cookies

6 HTTP transactions
6 data transactions