khoedepngaymoi.com Open in urlscan Pro
94.237.77.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rb.gy/fzqmmc
Effective URL:
https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo/
Submission: On November 15 via manual (November 15th 2021, 4:41:54 pm UTC) from CA — Scanned from CA

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 3 HTTP transactions. The main IP is 94.237.77.204, located in Singapore and belongs to UPCLOUD, FI. The main domain is khoedepngaymoi.com.
TLS certificate: Issued by R3 on October 11th 2021. Valid for: 3 months.

This is the only time khoedepngaymoi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.223.86.4 76.223.86.4	16509 (AMAZON-02) (AMAZON-02)
1	196.43.185.101 196.43.185.101	327687 (RENU) (RENU)
1 2	94.237.77.204 94.237.77.204	202053 (UPCLOUD) (UPCLOUD)
3	3

1 76.223.86.4 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: abaa834e320054d4d.awsglobalaccelerator.com

rb.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 196.43.185.101 (Uganda)

ASN327687 (RENU, UG)
PTR: cp1.renu.ac.ug

lirauni.ac.ug	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.237.77.204 (Singapore) 1 redirects

ASN202053 (UPCLOUD, FI)
PTR: sin06.stablehost.com

khoedepngaymoi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	khoedepngaymoi.com 1 redirects khoedepngaymoi.com	94 KB
1	lirauni.ac.ug lirauni.ac.ug	340 B
1	rb.gy 1 redirects rb.gy	239 B
3	3

	Domain	Requested by
2	khoedepngaymoi.com	1 redirects
1	lirauni.ac.ug
1	rb.gy	1 redirects
3	3

This site contains no links.

Subject Issuer	Validity	Valid
lirauni.ac.ug cPanel, Inc. Certification Authority	`2021-10-09` - `2022-01-07`	3 months	crt.sh
khoedepngaymoi.com R3	`2021-10-11` - `2022-01-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo/
Frame ID: 72200B747450D242956062C8052ED8E1
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3F665608FE1FBB45A691E4FD4337FC0E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connexion mon compte Helix

Page URL History Show full URLs

https://rb.gy/fzqmmc HTTP 301
https://lirauni.ac.ug/wp-admin/maint/-/newvideo/ Page URL
https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo HTTP 301
https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo/ Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

218 kB
Transfer

275 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rb.gy/fzqmmc HTTP 301
https://lirauni.ac.ug/wp-admin/maint/-/newvideo/ Page URL
https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo HTTP 301
https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://rb.gy/fzqmmc HTTP 301
https://lirauni.ac.ug/wp-admin/maint/-/newvideo/

3 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
lirauni.ac.ug/wp-admin/maint/-/newvideo/
Redirect Chain

https://rb.gy/fzqmmc
https://lirauni.ac.ug/wp-admin/maint/-/newvideo/

113 B
340 B

2107ms
267ms

Document
text/html

196.43.185.101
RENU

General

Check archive.org

Show headers Download Go to

Full URL

https://lirauni.ac.ug/wp-admin/maint/-/newvideo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

196.43.185.101 , Uganda, ASN327687 (RENU, UG),

Reverse DNS

cp1.renu.ac.ug

Software

AUTOM8N-nginx /

Resource Hash

9243f898e6d386023df38198a5bd1db6d3bd7fa3481ec90553f2c46237801846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Mon, 15 Nov 2021 16:41:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: AUTOM8N-nginx
cluster-host: cp1.renu.ac.ug
content-encoding: gzip

Redirect headers

Date: Mon, 15 Nov 2021 16:41:46 GMT
Content-Length: 0
Cache-Control: no-cache, no-store
Expires: -1
Location: https://lirauni.ac.ug/wp-admin/maint/-/newvideo/
Engine: Rebrandly.redirect, version 2.1

GET
H2

200

Primary Request / Show response
khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo/
Redirect Chain

https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo
https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo/

146 KB
94 KB

540ms
539ms

Document
text/html

94.237.77.204
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 94.237.77.204 , Singapore, ASN202053 (UPCLOUD, FI),
Reverse DNS: sin06.stablehost.com
Software: nginx /
Resource Hash: ffdffbea23ec0306d8f0f6e9589fbe9ef905ac90dec711b03c9e138c7fe78e13

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://lirauni.ac.ug/wp-admin/maint/-/newvideo/

Response headers

server: nginx
date: Mon, 15 Nov 2021 16:41:43 GMT
content-type: text/html
last-modified: Thu, 11 Nov 2021 05:39:20 GMT
etag: "1fe0326c-248e8-5d07cc39e3200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600, must-revalidate

Redirect headers

server: nginx
date: Mon, 15 Nov 2021 16:41:42 GMT
content-type: text/html; charset=iso-8859-1
content-length: 275
location: https://khoedepngaymoi.com/wp-content/plugins/jetpack/bin/newvideo/

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17d59fb60c1b2d25a338bee6997f327aa604d0ccaef61bba57de2262eef84320

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 949 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68770bac35f3a6a2c77107f571994631d3789133e2222b76cb62622ea7ba8908

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2af4f859b4f70ed6c2e24ebff19f4de0c08e4d8a112c344f3098826f20866bae

Request headers

Referer
Origin: https://khoedepngaymoi.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8458d6d9cb2524dfa79f5cc6761b5cf3a119ac97377ae1e2d4ca5593b2ed347

Request headers

Referer
Origin: https://khoedepngaymoi.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80a8d2ee07b47a839ff6c07705b01e1ceaf738f8f8a1c6ec77d6af05931678c0

Request headers

Referer
Origin: https://khoedepngaymoi.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44d2e28ba456c9e27985d13cbd4efcf70e58d58de8c8e981870550e9de3cffc9

Request headers

Referer
Origin: https://khoedepngaymoi.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ Frame 3F66 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Request headers

Accept-Language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3F66 15 KB
15 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Request headers

Referer
Origin: null
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ Frame 3F66 15 KB
15 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Request headers

Referer
Origin: null
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/woff2

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

khoedepngaymoi.com
lirauni.ac.ug
rb.gy
196.43.185.101
76.223.86.4
94.237.77.204
0ff806d22730554734c3b464888c8ddcde04cfe74b37e025a35488540c6ccbaa
17d59fb60c1b2d25a338bee6997f327aa604d0ccaef61bba57de2262eef84320
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2af4f859b4f70ed6c2e24ebff19f4de0c08e4d8a112c344f3098826f20866bae
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44d2e28ba456c9e27985d13cbd4efcf70e58d58de8c8e981870550e9de3cffc9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
68770bac35f3a6a2c77107f571994631d3789133e2222b76cb62622ea7ba8908
80a8d2ee07b47a839ff6c07705b01e1ceaf738f8f8a1c6ec77d6af05931678c0
9243f898e6d386023df38198a5bd1db6d3bd7fa3481ec90553f2c46237801846
a8458d6d9cb2524dfa79f5cc6761b5cf3a119ac97377ae1e2d4ca5593b2ed347
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
ffdffbea23ec0306d8f0f6e9589fbe9ef905ac90dec711b03c9e138c7fe78e13

khoedepngaymoi.com Open in urlscan Pro 94.237.77.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

3 Requests

67 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

218 kBTransfer

275 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

khoedepngaymoi.com Open in urlscan Pro
94.237.77.204 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

218 kB
Transfer

275 kB
Size

0
Cookies

3 HTTP transactions
9 data transactions