elearning.sheqbusinesscollege.org Open in urlscan Pro
162.213.255.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://elearning.sheqbusinesscollege.org/0.47633610006165705
Submission: On July 25 via api (July 25th 2024, 2:31:36 pm UTC) from US — Scanned from US

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main IP is 162.213.255.60, located in United States and belongs to NAMECHEAP-NET, US. The main domain is elearning.sheqbusinesscollege.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 28th 2022. Valid for: a year.

This is the only time elearning.sheqbusinesscollege.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.213.255.60 162.213.255.60	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::88	15169 (GOOGLE) (GOOGLE)
1	65.21.235.194 65.21.235.194	24940 (HETZNER-AS) (HETZNER-AS)
1	135.181.63.70 135.181.63.70	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2600:1408:c40... 2600:1408:c400:1f::17d4:fbc9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	6

1 162.213.255.60 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server149-4.web-hosting.com

elearning.sheqbusinesscollege.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::88 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn16.top4top.io

k.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.181.63.70 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn15.top4top.io

l.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:1f::17d4:fbc9 (Ashburn, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	pinimg.com 1 redirects i.pinimg.com — Cisco Umbrella Rank: 2625	25 KB
2	top4top.io k.top4top.io — Cisco Umbrella Rank: 347763 l.top4top.io — Cisco Umbrella Rank: 707005	20 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 84
1	sheqbusinesscollege.org elearning.sheqbusinesscollege.org	254 KB
0	htmlfreecodes.com Failed htmlfreecodes.com Failed
0	Failed function sub() { [native code] }. Failed
7	6

	Domain	Requested by
2	i.pinimg.com	1 redirects
1	l.top4top.io	elearning.sheqbusinesscollege.org
1	k.top4top.io	elearning.sheqbusinesscollege.org
1	www.youtube.com	elearning.sheqbusinesscollege.org
1	elearning.sheqbusinesscollege.org
0	htmlfreecodes.com Failed	elearning.sheqbusinesscollege.org
0	Failed	elearning.sheqbusinesscollege.org
7	7

This site contains no links.

Subject Issuer	Validity	Valid
elearning.sheqbusinesscollege.org Sectigo RSA Domain Validation Secure Server CA	`2022-05-28` - `2023-05-29`	a year	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.top4top.co R3	`2024-06-01` - `2024-08-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://elearning.sheqbusinesscollege.org/0.47633610006165705
Frame ID: 8A4509D803E72BA001EBFB43B4F39AD0
Requests: 7 HTTP requests in this frame

Frame: https://www.youtube.com/watch?v=FKvKnuvXUSU&ab_channel=BLTNM%D8%A8%D9%84%D8%A7%D8%AA%D9%86%D9%85
Frame ID: 95DD2209FD2CBB431EF608814C89B87E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hacked By YASCO

Page Statistics

7
Requests

43 %
HTTPS

40 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

299 kB
Transfer

730 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://i.pinimg.com/750x/cf/ed/84/cfed843d5fc722af7e3850cba9d16f69.jpg HTTP 301
https://i.pinimg.com/736x/cf/ed/84/cfed843d5fc722af7e3850cba9d16f69.jpg

7 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 0.47633610006165705 Show response
elearning.sheqbusinesscollege.org/ 361 KB
254 KB 1458ms
297ms Document
text/html 162.213.255.60
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://elearning.sheqbusinesscollege.org/0.47633610006165705
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.60 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server149-4.web-hosting.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 9fd2f8bb2e066cc915e6c8df0840613c40072d6074c8a972b54b08d2815aa94e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Jul 2024 14:31:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET LOGO.png
/C:/Users/zainp/Desktop/ 0
0

GET
DATA 200
OK truncated
/ 261 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444c7abd364b0bac9f0e7e77239af2cc47df2d1843c092c8439f5d89571ed21a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET rain.js
htmlfreecodes.com/codes/ 0
0

GET
H2 200 watch
www.youtube.com/ Frame 95DD 0
0 406ms
52ms Document
text/html 2607:f8b0:400d:c0d::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/watch?v=FKvKnuvXUSU&ab_channel=BLTNM%D8%A8%D9%84%D8%A7%D8%AA%D9%86%D9%85

Requested by

Host: elearning.sheqbusinesscollege.org
URL: https://elearning.sheqbusinesscollege.org/0.47633610006165705

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::88 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://elearning.sheqbusinesscollege.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="youtube_main"
date: Thu, 25 Jul 2024 14:31:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 p_1521297ka1.png
k.top4top.io/ 19 KB
20 KB 1224ms
202ms Image
image/png 65.21.235.194
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k.top4top.io/p_1521297ka1.png
Requested by: Host: elearning.sheqbusinesscollege.org
URL: https://elearning.sheqbusinesscollege.org/0.47633610006165705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn16.top4top.io
Software: nginx /
Resource Hash: de8a7fba9723a4995e2a07bde595860b671ba4a0faf361a23509ab97cb4797af

Request headers

Referer: https://elearning.sheqbusinesscollege.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-file-id: x31574458x
date: Thu, 25 Jul 2024 14:31:31 GMT
last-modified: Sun, 01 Mar 2020 16:00:32 GMT
server: nginx
etag: "5e5bdc20-4d86"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="darkbind.png"
accept-ranges: bytes
content-length: 19846
expires: Thu, 25 Jul 2024 16:31:31 GMT

GET
H2 206 m_2537ks98q1.mp3
l.top4top.io/ 64 KB
0 1254ms
211ms Media
audio/mpeg 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l.top4top.io/m_2537ks98q1.mp3
Requested by: Host: elearning.sheqbusinesscollege.org
URL: https://elearning.sheqbusinesscollege.org/0.47633610006165705
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash

Request headers

Referer: https://elearning.sheqbusinesscollege.org/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x51298979x
date: Thu, 25 Jul 2024 14:31:31 GMT
last-modified: Mon, 12 Dec 2022 23:34:19 GMT
server: nginx
etag: "6397ba7b-279dc3"
content-type: audio/mpeg
Content-Range: bytes 0-2596290/2596291
cache-control: max-age=7200
content-disposition: inline; filename="Bankai%20Minazuki%20%2B%20Swerved%20it%20(slowed%2Breverb).mp3"
Content-Length: 2596291
expires: Thu, 25 Jul 2024 16:31:31 GMT

GET
H2

200

cfed843d5fc722af7e3850cba9d16f69.jpg
i.pinimg.com/736x/cf/ed/84/
Redirect Chain

https://i.pinimg.com/750x/cf/ed/84/cfed843d5fc722af7e3850cba9d16f69.jpg
https://i.pinimg.com/736x/cf/ed/84/cfed843d5fc722af7e3850cba9d16f69.jpg

24 KB
25 KB

398ms
390ms

Other
image/jpeg

2600:1408:c400:1f::17d4:fbc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://i.pinimg.com/736x/cf/ed/84/cfed843d5fc722af7e3850cba9d16f69.jpg
Protocol: H2
Server: 2600:1408:c400:1f::17d4:fbc9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: cfd56373a1fab259e0ef1946d3a2a889f7ee5c54742b54422967b4f81d9386a9

Request headers

Referer: https://elearning.sheqbusinesscollege.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.c96bdc17.1721917891.419cf1f2
etag: "6a62a21ee0be6c17fb14f84f9b91f9ea"
x-amz-server-side-encryption: AES256
vary: Origin
content-type: image/jpeg
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-pinterest-cache-status-v2: Hit
content-length: 25070

Redirect headers

location: https://i.pinimg.com/736x/cf/ed/84/cfed843d5fc722af7e3850cba9d16f69.jpg
x-cdn: akamai
akamai-grn: 0.c96bdc17.1721917891.419cf184
alt-svc: h3=":443"; ma=600
content-length: 0
x-pinterest-cache-status-v2: Miss
vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: file:///C:/Users/zainp/Desktop/LOGO.png

Domain: htmlfreecodes.com
URL: http://htmlfreecodes.com/codes/rain.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| x function| playAudio function| pauseAudio

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5Vv7B6EDKuo
.youtube.com/	1970-01-21 02:37:49	Name: VISITOR_INFO1_LIVE Value: _ePXj7g_YdE
.youtube.com/	1970-01-21 02:37:49	Name: VISITOR_PRIVACY_METADATA Value: CgJVUxIEGgAgUw%3D%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://elearning.sheqbusinesscollege.org/0.47633610006165705(Line 15) Message: Not allowed to load local resource: file:///C:/Users/zainp/Desktop/LOGO.png
security	error	URL: https://elearning.sheqbusinesscollege.org/0.47633610006165705 Message: Mixed Content: The page at 'https://elearning.sheqbusinesscollege.org/0.47633610006165705' was loaded over HTTPS, but requested an insecure script 'http://htmlfreecodes.com/codes/rain.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://elearning.sheqbusinesscollege.org/0.47633610006165705 Message: Mixed Content: The page at 'https://elearning.sheqbusinesscollege.org/0.47633610006165705' was loaded over HTTPS, but requested an insecure element 'http://k.top4top.io/p_1521297ka1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


elearning.sheqbusinesscollege.org
htmlfreecodes.com
i.pinimg.com
k.top4top.io
l.top4top.io
www.youtube.com

htmlfreecodes.com
135.181.63.70
162.213.255.60
2600:1408:c400:1f::17d4:fbc9
2607:f8b0:400d:c0d::88
65.21.235.194
444c7abd364b0bac9f0e7e77239af2cc47df2d1843c092c8439f5d89571ed21a
9fd2f8bb2e066cc915e6c8df0840613c40072d6074c8a972b54b08d2815aa94e
cfd56373a1fab259e0ef1946d3a2a889f7ee5c54742b54422967b4f81d9386a9
de8a7fba9723a4995e2a07bde595860b671ba4a0faf361a23509ab97cb4797af

elearning.sheqbusinesscollege.org Open in urlscan Pro 162.213.255.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

43 %HTTPS

40 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

299 kBTransfer

730 kBSize

3 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

3 Console Messages

Indicators

elearning.sheqbusinesscollege.org Open in urlscan Pro
162.213.255.60 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

43 %
HTTPS

40 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

299 kB
Transfer

730 kB
Size

3
Cookies

7 HTTP transactions
1 data transactions