urlscan.io logo urlscan.io
SecurityTrails logo

kgdmcollegeacs.com Open in urlscan Pro
115.124.106.45  Public Scan

Go To Rescan Add Verdict Report
URL: https://kgdmcollegeacs.com/wp-content/plugins/pncxccr/index.html?GVtCR*TEXXRytfGyVHBNJKMomIINuhYGvTFCdrfcGvBHnjIKMoKIJUHBYG...
Submission Tags: 6989289
Submission: On February 26 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 115.124.106.45, located in India and belongs to HOSTCOIN-AS-IN-AP ESDS Software Solution Pvt. Ltd., IN. The main domain is kgdmcollegeacs.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 27th 2020. Valid for: 3 months.
This is the only time kgdmcollegeacs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 115.124.106.45 45815 (HOSTCOIN-...)
1 2 186.74.208.84 11556 (Cable & W...)
2 2
Apex Domain
Subdomains		 Transfer
2 heygamersnort.at
heygamersnort.at
3 KB
1 kgdmcollegeacs.com
kgdmcollegeacs.com
398 B
2 2
Domain Requested by
2 heygamersnort.at 1 redirects
1 kgdmcollegeacs.com
2 2

This site contains no links.

Subject Issuer Validity Valid
kgdmcollegeacs.com
cPanel, Inc. Certification Authority		 2020-12-27 -
2021-03-27		 3 months crt.sh

This page contains 1 frames:

Frame: http://heygamersnort.at/
Frame ID: E33D7C30EE279817E8CECC8245A8E0AB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2 kB
Transfer

0 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://heygamersnort.at/ HTTP 302
  • http://heygamersnort.at/

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
kgdmcollegeacs.com/wp-content/plugins/pncxccr/ 		63 B
398 B 		Document
General
Check archive.org
Download Go to
Full URL
https://kgdmcollegeacs.com/wp-content/plugins/pncxccr/index.html?GVtCR*TEXXRytfGyVHBNJKMomIINuhYGvTFCdrfcGvBHnjIKMoKIJUHBYGVtfCD
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
115.124.106.45 , India, ASN45815 (HOSTCOIN-AS-IN-AP ESDS Software Solution Pvt. Ltd., IN),
Reverse DNS
server1.mvp.edu.in
Software
Apache /
Resource Hash
11f14444443dcc79a46f865ed216781d8f1e7a3f0f8cba6cc199ad99f3fac553

Request headers

Host
kgdmcollegeacs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 17:38:31 GMT
Server
Apache
Vary
Accept-Encoding
Last-Modified
Thu, 25 Feb 2021 13:29:34 GMT
ETag
"3f-5bc2924678b80"
Accept-Ranges
bytes
Content-Length
63
Referrer-Policy
no-referrer-when-downgrade
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
Cookie set /
heygamersnort.at/
Redirect Chain
  • http://heygamersnort.at/
  • http://heygamersnort.at/
0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://heygamersnort.at/
Protocol
HTTP/1.1
Server
186.74.208.84 Panama City, Panama, ASN11556 (Cable & Wireless Panama, PA),
Reverse DNS
Software
nginx/1.14.2 / PHP/7.4.14
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
heygamersnort.at
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
XSRF-TOKEN=eyJpdiI6Im1Lbm9vNlBKakhIZG5CamxRMFljTHc9PSIsInZhbHVlIjoieitlNExXNVloWVhvdit5WUsrNFZJYzh4VVdJd1hPY216c2VIa2RsRVNwRDYyV0JyRlZDUGN2SVRKNFE0OVVoaithV1ZxaXh4RGtnRlA1RitKaDA1NHZFSW5XL2w2R0V6U0ZGWUtvMkJaRDFhMFMzb0o2LzN3NmFUeUJjQi9qODciLCJtYWMiOiIxMGFmM2UxYjlkMGRkMTUxODZjYmY1MzMxMjUyMTQ3YTU1ZjNiMmZiMmIzODg2ZDE2ODkyZThhNTY2YWQ5YjU5In0%3D; hotdollar20_session=eyJpdiI6Im5FNzVZTGJ1MVJQbG1BdDYxMlp3Rnc9PSIsInZhbHVlIjoia2NMUzZiZ2ptMmxDUGxYQzVJZjJ0VTBQVnhUUnlsTEErdmpzc1FsMGlpVzV6T1dJUFd4V0F0OTdReTI3L21PUXE4cm9KVHlJQVczVnBiUGROTVhwV0M3SWthTUhka3cwYWJwbThmRG90L0t2VkFXVi9jUWROc3dPRkw1eHV3UEYiLCJtYWMiOiIyNTcxOTE5ODM0NTVjMTIwNGJkZjcyNWFlYTBlZWFkM2JhNzkxOGZmNGI0ZWJjZjQwY2Y3OGZmMjE3NDVhMjg5In0%3D; visit=eyJpdiI6IlN3RDVFbnlqbEZnNDFRM2NEWlBUT3c9PSIsInZhbHVlIjoiVkVxZ3JXNjB6bG1NOEIycnVjM3RWaUlub1hDYWFCNzVHTVg5V29WT081L1ZmVUpmVkNLUEFiZnlEQkhoOTV2M3VRNVU0SE9PVC9nYU5HbVJzVXIxZXJvUjhOUmRkTjN2Q1o1NFdCdXprOXZiQkV0RHV4Yzl3NFF5V0diTksrK1BBcEo2UXJPdzAzUmhBNE1CWitWMWJranowRi82RU9HRVdQOUswbDlrNzN2UEd0TGFXdnE3OVhXK3J6Rm41cDA1dy9SZTloVGVXWGVlUm9kRXN5QnVUdmttcFdQdkhHdUZUaklNTGFmSXAzUnJoY2JldTlFYkZuUm41aERyUEZPU3Z0MldCd2hmMmxaa3ZBU3F0V1dYSVZ5am8xbDJWZkJEamt1dTBxMTZXTzYxclhGSHpoZWt3cjZZQ1VXdEVuenI3NU90UEhwSkJIb0FJVFJ2bnhGV0dlakovM05pSHN5aGRQZHlTQXd6eTRiNFdYK0xmTUpKckxuNUNKVi9oRkFRZ0pSREZJbm5GdE9HSmRVbm51Uk5KQUJEWVU4VlZyZkVocncxVnZ6d0dKb2tCeTRWNFFaY2NBd3F4cmMwSndieTB4R3VCU1lNb0k1S1VmUm1ZV0x2OFpiWEdGRmZRZmZtM3czVTVsN0MyMlU9IiwibWFjIjoiZDRmYjNjOWViNzBmNWQyZTViYWRmMjJhMGM3NTU3YmYyNDBkZGY2NzI1MWZiNjg3OWUxYzU4NTQyNDQ0OTAwNCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kgdmcollegeacs.com/wp-content/plugins/pncxccr/index.html?GVtCR*TEXXRytfGyVHBNJKMomIINuhYGvTFCdrfcGvBHnjIKMoKIJUHBYGVtfCD

Response headers

Server
nginx/1.14.2
Date
Fri, 26 Feb 2021 18:52:55 GMT
Content-Type
text/html; charset=UTF-8
Connection
close
X-Powered-By
PHP/7.4.14
Cache-Control
private, must-revalidate
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6IjczUU5XbXpid1ZWSlNsQzg4TWI4Z0E9PSIsInZhbHVlIjoiK1AzVUs3UWhIS2VRSGsxdjdiSXEwdXNsV1F4SDdLbkIyaTJzMmVkM2t2aElUQk9BTStuT3BVaFlsRC9FRmZOdmRMU3FqTlBzZnVJYmVEUGVDejVuTWx2UTQrUXZicEVMY0J0YS9mQWFDbktWbVEvcFpMSmtURjhPUTJ5bE5ocTIiLCJtYWMiOiJiZGM5ODlkZmNiNzI0YjAzNWM0MjJkNTcxYWY4MDZjODI2OGMxMjg5MmJmYzUyODU3MzM1NzE4NGE3YzRkYWI3In0%3D; expires=Sat, 27-Feb-2021 18:52:55 GMT; Max-Age=86400; path=/; samesite=lax hotdollar20_session=eyJpdiI6IjdtN1c0bEZhQkdscmMyYlJwWjU5cXc9PSIsInZhbHVlIjoiQmlVRnFrUGEwOXh6WUNYM2VRVEtHajBVbzRjaHhSYmM3RzNZdGdCYzJJVzA0Slo1Tk1TNFBZdW1jU3hsTElaMEEvYWZnRS9pNHJ4TkhxazBPbVNIamY4bC9abW4rR3ZvYmtENXRWbU5pdTB1R09mUzZUYU45MGlKa1dERmxKR1EiLCJtYWMiOiI3NTMxNGM4ZWZjZTZiZjk2YjlmYWJkZTZjNzk3MTJmYTVlYzUyZThkODI1NjAyMmFkYmY2ZjYzYTQxMTYzOTdjIn0%3D; expires=Sat, 27-Feb-2021 18:52:55 GMT; Max-Age=86400; path=/; httponly; samesite=lax
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff

Redirect headers

Server
nginx/1.14.2
Date
Fri, 26 Feb 2021 18:52:54 GMT
Content-Type
text/html; charset=UTF-8
Connection
close
X-Powered-By
PHP/7.4.14
Cache-Control
private, must-revalidate
Location
http://heygamersnort.at
pragma
no-cache
expires
-1
Set-Cookie
XSRF-TOKEN=eyJpdiI6Im1Lbm9vNlBKakhIZG5CamxRMFljTHc9PSIsInZhbHVlIjoieitlNExXNVloWVhvdit5WUsrNFZJYzh4VVdJd1hPY216c2VIa2RsRVNwRDYyV0JyRlZDUGN2SVRKNFE0OVVoaithV1ZxaXh4RGtnRlA1RitKaDA1NHZFSW5XL2w2R0V6U0ZGWUtvMkJaRDFhMFMzb0o2LzN3NmFUeUJjQi9qODciLCJtYWMiOiIxMGFmM2UxYjlkMGRkMTUxODZjYmY1MzMxMjUyMTQ3YTU1ZjNiMmZiMmIzODg2ZDE2ODkyZThhNTY2YWQ5YjU5In0%3D; expires=Sat, 27-Feb-2021 18:52:54 GMT; Max-Age=86400; path=/; samesite=lax hotdollar20_session=eyJpdiI6Im5FNzVZTGJ1MVJQbG1BdDYxMlp3Rnc9PSIsInZhbHVlIjoia2NMUzZiZ2ptMmxDUGxYQzVJZjJ0VTBQVnhUUnlsTEErdmpzc1FsMGlpVzV6T1dJUFd4V0F0OTdReTI3L21PUXE4cm9KVHlJQVczVnBiUGROTVhwV0M3SWthTUhka3cwYWJwbThmRG90L0t2VkFXVi9jUWROc3dPRkw1eHV3UEYiLCJtYWMiOiIyNTcxOTE5ODM0NTVjMTIwNGJkZjcyNWFlYTBlZWFkM2JhNzkxOGZmNGI0ZWJjZjQwY2Y3OGZmMjE3NDVhMjg5In0%3D; expires=Sat, 27-Feb-2021 18:52:54 GMT; Max-Age=86400; path=/; httponly; samesite=lax visit=eyJpdiI6IlN3RDVFbnlqbEZnNDFRM2NEWlBUT3c9PSIsInZhbHVlIjoiVkVxZ3JXNjB6bG1NOEIycnVjM3RWaUlub1hDYWFCNzVHTVg5V29WT081L1ZmVUpmVkNLUEFiZnlEQkhoOTV2M3VRNVU0SE9PVC9nYU5HbVJzVXIxZXJvUjhOUmRkTjN2Q1o1NFdCdXprOXZiQkV0RHV4Yzl3NFF5V0diTksrK1BBcEo2UXJPdzAzUmhBNE1CWitWMWJranowRi82RU9HRVdQOUswbDlrNzN2UEd0TGFXdnE3OVhXK3J6Rm41cDA1dy9SZTloVGVXWGVlUm9kRXN5QnVUdmttcFdQdkhHdUZUaklNTGFmSXAzUnJoY2JldTlFYkZuUm41aERyUEZPU3Z0MldCd2hmMmxaa3ZBU3F0V1dYSVZ5am8xbDJWZkJEamt1dTBxMTZXTzYxclhGSHpoZWt3cjZZQ1VXdEVuenI3NU90UEhwSkJIb0FJVFJ2bnhGV0dlakovM05pSHN5aGRQZHlTQXd6eTRiNFdYK0xmTUpKckxuNUNKVi9oRkFRZ0pSREZJbm5GdE9HSmRVbm51Uk5KQUJEWVU4VlZyZkVocncxVnZ6d0dKb2tCeTRWNFFaY2NBd3F4cmMwSndieTB4R3VCU1lNb0k1S1VmUm1ZV0x2OFpiWEdGRmZRZmZtM3czVTVsN0MyMlU9IiwibWFjIjoiZDRmYjNjOWViNzBmNWQyZTViYWRmMjJhMGM3NTU3YmYyNDBkZGY2NzI1MWZiNjg3OWUxYzU4NTQyNDQ0OTAwNCJ9; path=/; httponly; samesite=lax
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

3 Cookies

Domain/Path Name / Value
heygamersnort.at/ Name: hotdollar20_session
Value: eyJpdiI6IjdtN1c0bEZhQkdscmMyYlJwWjU5cXc9PSIsInZhbHVlIjoiQmlVRnFrUGEwOXh6WUNYM2VRVEtHajBVbzRjaHhSYmM3RzNZdGdCYzJJVzA0Slo1Tk1TNFBZdW1jU3hsTElaMEEvYWZnRS9pNHJ4TkhxazBPbVNIamY4bC9abW4rR3ZvYmtENXRWbU5pdTB1R09mUzZUYU45MGlKa1dERmxKR1EiLCJtYWMiOiI3NTMxNGM4ZWZjZTZiZjk2YjlmYWJkZTZjNzk3MTJmYTVlYzUyZThkODI1NjAyMmFkYmY2ZjYzYTQxMTYzOTdjIn0%3D
heygamersnort.at/ Name: XSRF-TOKEN
Value: eyJpdiI6IjczUU5XbXpid1ZWSlNsQzg4TWI4Z0E9PSIsInZhbHVlIjoiK1AzVUs3UWhIS2VRSGsxdjdiSXEwdXNsV1F4SDdLbkIyaTJzMmVkM2t2aElUQk9BTStuT3BVaFlsRC9FRmZOdmRMU3FqTlBzZnVJYmVEUGVDejVuTWx2UTQrUXZicEVMY0J0YS9mQWFDbktWbVEvcFpMSmtURjhPUTJ5bE5ocTIiLCJtYWMiOiJiZGM5ODlkZmNiNzI0YjAzNWM0MjJkNTcxYWY4MDZjODI2OGMxMjg5MmJmYzUyODU3MzM1NzE4NGE3YzRkYWI3In0%3D
heygamersnort.at/ Name: visit
Value: eyJpdiI6IlN3RDVFbnlqbEZnNDFRM2NEWlBUT3c9PSIsInZhbHVlIjoiVkVxZ3JXNjB6bG1NOEIycnVjM3RWaUlub1hDYWFCNzVHTVg5V29WT081L1ZmVUpmVkNLUEFiZnlEQkhoOTV2M3VRNVU0SE9PVC9nYU5HbVJzVXIxZXJvUjhOUmRkTjN2Q1o1NFdCdXprOXZiQkV0RHV4Yzl3NFF5V0diTksrK1BBcEo2UXJPdzAzUmhBNE1CWitWMWJranowRi82RU9HRVdQOUswbDlrNzN2UEd0TGFXdnE3OVhXK3J6Rm41cDA1dy9SZTloVGVXWGVlUm9kRXN5QnVUdmttcFdQdkhHdUZUaklNTGFmSXAzUnJoY2JldTlFYkZuUm41aERyUEZPU3Z0MldCd2hmMmxaa3ZBU3F0V1dYSVZ5am8xbDJWZkJEamt1dTBxMTZXTzYxclhGSHpoZWt3cjZZQ1VXdEVuenI3NU90UEhwSkJIb0FJVFJ2bnhGV0dlakovM05pSHN5aGRQZHlTQXd6eTRiNFdYK0xmTUpKckxuNUNKVi9oRkFRZ0pSREZJbm5GdE9HSmRVbm51Uk5KQUJEWVU4VlZyZkVocncxVnZ6d0dKb2tCeTRWNFFaY2NBd3F4cmMwSndieTB4R3VCU1lNb0k1S1VmUm1ZV0x2OFpiWEdGRmZRZmZtM3czVTVsN0MyMlU9IiwibWFjIjoiZDRmYjNjOWViNzBmNWQyZTViYWRmMjJhMGM3NTU3YmYyNDBkZGY2NzI1MWZiNjg3OWUxYzU4NTQyNDQ0OTAwNCJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

heygamersnort.at
kgdmcollegeacs.com
115.124.106.45
186.74.208.84
11f14444443dcc79a46f865ed216781d8f1e7a3f0f8cba6cc199ad99f3fac553
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855