urlscan.io logo urlscan.io
SecurityTrails logo

mehtagaqar.com Open in urlscan Pro
198.57.149.47  Public Scan

Go To Rescan Add Verdict Report
URL: https://mehtagaqar.com/wp-content/plugins/lmppqte/support.html
Submission Tags: falconsandbox
Submission: On November 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 198.57.149.47, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is mehtagaqar.com.
TLS certificate: Issued by R3 on October 30th 2022. Valid for: 3 months.
This is the only time mehtagaqar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 198.57.149.47 46606 (UNIFIEDLA...)
2 195.16.241.229 39912 (I3B-AS)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 3
Apex Domain
Subdomains		 Transfer
2 stiftardagger.at
kimsta.stiftardagger.at
4 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
30 KB
1 mehtagaqar.com
mehtagaqar.com
463 B
4 3
Domain Requested by
2 kimsta.stiftardagger.at mehtagaqar.com
code.jquery.com
1 code.jquery.com kimsta.stiftardagger.at
1 mehtagaqar.com
4 3

This site contains no links.

Subject Issuer Validity Valid
webdisk.mehtagaqar.com
R3		 2022-10-30 -
2023-01-28		 3 months crt.sh
kimsta.stiftardagger.at
R3		 2022-10-30 -
2023-01-28		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mehtagaqar.com/wp-content/plugins/lmppqte/support.html
Frame ID: C93CC39504E9863AB83CCE21B86AAFD3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

34 kB
Transfer

89 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request support.html
mehtagaqar.com/wp-content/plugins/lmppqte/ 		353 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mehtagaqar.com/wp-content/plugins/lmppqte/support.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.57.149.47 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
mail.glowinghut.com
Software
Apache /
Resource Hash
7f9b367a82e2e04bcab8cbd5e89a71b61b4c199cc47c3a5c0bec6a315c3e5c85

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=7200
content-encoding
gzip
content-length
254
content-type
text/html
date
Tue, 22 Nov 2022 18:33:36 GMT
expires
Tue, 22 Nov 2022 20:33:36 GMT
last-modified
Thu, 03 Nov 2022 00:40:07 GMT
server
Apache
vary
Accept-Encoding
x-endurance-cache-level
2
x-nginx-cache
WordPress
x-server-cache
false
scf.js
kimsta.stiftardagger.at/secure/host7/admin/js/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kimsta.stiftardagger.at/secure/host7/admin/js/scf.js
Requested by
Host: mehtagaqar.com
URL: https://mehtagaqar.com/wp-content/plugins/lmppqte/support.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.16.241.229 Klagenfurt, Austria, ASN39912 (I3B-AS, AT),
Reverse DNS
pd1.buero-shop.at
Software
Apache/2.2.34 /
Resource Hash
ade668306c736efe40fd02d53164f196124e2bbced0048dec1695cecf8595a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mehtagaqar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 18:33:36 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 23 Oct 2022 23:22:55 GMT
Server
Apache/2.2.34
ETag
"39e29a-df8-5ebbbf46efe1d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3576
X-XSS-Protection
1; mode=block
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: kimsta.stiftardagger.at
URL: https://kimsta.stiftardagger.at/secure/host7/admin/js/scf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mehtagaqar.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 18:33:37 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-152b5"
vary
Accept-Encoding
x-hw
1669142017.dop054.fr8.t,1669142017.cds003.fr8.hn,1669142017.cds164.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30070
74a11db.php
kimsta.stiftardagger.at/secure/host7/ 		2 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kimsta.stiftardagger.at/secure/host7/74a11db.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.16.241.229 Klagenfurt, Austria, ASN39912 (I3B-AS, AT),
Reverse DNS
pd1.buero-shop.at
Software
Apache/2.2.34 /
Resource Hash
9390298f3fb0c5b160498935d79cb139aef28e1c47358b4bbba61862b9c26e59

Request headers

Accept
*/*
Referer
https://mehtagaqar.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 22 Nov 2022 18:33:38 GMT
Server
Apache/2.2.34
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x22c0a8 function| _0x4876b9 function| _0x527943 function| _0x44ac06 function| _0x34a683 object| scr string| stc function| _0x5804 function| _0x1057 function| $ function| jQuery

0 Cookies