alpha.xelenz.education Open in urlscan Pro
3.7.184.189 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://alpha.xelenz.education/wp-admin/educators/main
Effective URL:
https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=165...
Submission: On July 06 via manual (July 6th 2022, 3:34:26 pm UTC) from US — Scanned from US

Summary HTTP 26 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 26 HTTP transactions. The main IP is 3.7.184.189, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is alpha.xelenz.education.
TLS certificate: Issued by R3 on May 20th 2022. Valid for: 3 months.

This is the only time alpha.xelenz.education was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Educators Credit Union (Financial)

Domain & IP information

	IP Address	AS Autonomous System
2 20	3.7.184.189 3.7.184.189	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:202... 2600:9000:202c:2800:4:819e:800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.127.190 104.17.127.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
26	5

20 3.7.184.189 (Mumbai, India) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com

alpha.xelenz.education	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:202c:2800:4:819e:800:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.orb.alkamitech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.127.190 (None, )

ASN13335 (CLOUDFLARENET, US)

onlinebanking.ecu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200a (New York, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	xelenz.education 2 redirects alpha.xelenz.education	137 KB
3	ecu.com onlinebanking.ecu.com — Cisco Umbrella Rank: 401193	18 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 429	48 KB
2	alkamitech.com assets.orb.alkamitech.com — Cisco Umbrella Rank: 27875	51 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 307	31 KB
26	5

	Domain	Requested by
20	alpha.xelenz.education	2 redirects alpha.xelenz.education
3	onlinebanking.ecu.com	alpha.xelenz.education
2	cdn.jsdelivr.net	alpha.xelenz.education
2	assets.orb.alkamitech.com	alpha.xelenz.education assets.orb.alkamitech.com
1	ajax.googleapis.com	alpha.xelenz.education
26	5

This site contains links to these domains. Also see Links.

Domain
www.ecu.com
www04.timetrade.com
www.apple.com
play.google.com
www.facebook.com
twitter.com
www.youtube.com
www.pinterest.com

Subject Issuer	Validity	Valid
alpha.xelenz.education R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.orb.alkamitech.com Entrust Certification Authority - L1K	`2022-01-03` - `2023-01-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
onlinebanking.ecu.com Entrust Certification Authority - L1M	`2022-06-07` - `2023-06-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Frame ID: 9F91C1F38A8D5C18C982B3E11695CD3D
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://alpha.xelenz.education/wp-admin/educators/main HTTP 301
https://alpha.xelenz.education/wp-admin/educators/main/ HTTP 302
https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=e... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

26
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

284 kB
Transfer

1390 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ecu.com/combined-rates
Title: Rates

Search URL Search Domain Scan URL

URL: https://www04.timetrade.com/app/educu/workflows/educu-PAL/schedule

Search URL Search Domain Scan URL

URL: https://www.ecu.com/inside/locations/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.ecu.com/branch-locations
Title: Find a Branch or ATM

Search URL Search Domain Scan URL

URL: https://www.apple.com/ios/app-store

Search URL Search Domain Scan URL

URL: https://play.google.com/store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/myEducatorsCU

Search URL Search Domain Scan URL

URL: https://twitter.com/myEducatorsCU

Search URL Search Domain Scan URL

URL: https://www.youtube.com/EducatorsCU

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/myeducatorscu/

Search URL Search Domain Scan URL

URL: https://www.ecu.com/wp-content/uploads/2015/10/Privacy-Notice.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://alpha.xelenz.education/wp-admin/educators/main HTTP 301
https://alpha.xelenz.education/wp-admin/educators/main/ HTTP 302
https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
alpha.xelenz.education/wp-admin/educators/main/
Redirect Chain

https://alpha.xelenz.education/wp-admin/educators/main
https://alpha.xelenz.education/wp-admin/educators/main/
https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960

51 KB
7 KB

333ms
332ms

Document
text/html

3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e5895f5341963193228e9f0c1477a3ba414148d4b8785a6078801b2bc02959ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7114
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Jul 2022 15:34:20 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=98
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Jul 2022 15:34:20 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.29 (Ubuntu)
location: login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960

GET
H2 200 font-icons.css
assets.orb.alkamitech.com/production/icons/Educators/font/ 116 KB
9 KB 128ms
42ms Stylesheet
text/css 2600:9000:202c:2800:4:819e:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.orb.alkamitech.com/production/icons/Educators/font/font-icons.css
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:2800:4:819e:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd9e388c4bf3fa35c69954adfcfad65a60fd47f96ff6bf48048fb4c285c0541a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: PnBXT.VPInOub2_q3AndwJyTlAv6e.5t
content-encoding: gzip
etag: "8d872a9322e850905dc93ac21fcd0eba"
x-amz-cf-pop: EWR52-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 8475
last-modified: Mon, 27 Jun 2022 20:39:11 GMT
server: AmazonS3
date: Wed, 06 Jul 2022 15:34:21 GMT
content-type: text/css; charset=utf-8
via: 1.1 c9b8615e0529e4075f3b458a6fe96d44.cloudfront.net (CloudFront)
cache-control: max-age=630720000, no-cache, no-transform, public
accept-ranges: bytes
x-amz-cf-id: vMe0HfLHA7bHGgP6Xa4ZbrgfqPIGeO5ZYnVDxi_MhW7uc-qzmP_eOw==
expires: Sun, 22 Jun 2042 20:38:16 GMT

GET
H/1.1 200
OK yui-reset.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 793 B
772 B 223ms
220ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/yui-reset.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 590fcd2ea2a3de691c86ecf564fff1fcb0982271cf723ae4d6e2453c9e6f5434

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "319-5e31728e74958-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 437

GET
H/1.1 200
OK jquery-ui.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 31 KB
8 KB 446ms
220ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/jquery-ui.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e1a457fcc3c6c0d23336df97c1e5594395410bbb67e79719498c53e3551c838f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "7a6f-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7599

GET
H/1.1 200
OK jquery.daterangepicker.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 3 KB
1 KB 632ms
220ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/jquery.daterangepicker.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ab9c55dea4e2d8b7e988cb51b7f82d7dda04336a90e7b9400ac417198590077b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "a4d-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 816

GET
H/1.1 200
OK ext-all.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 123 KB
18 KB 653ms
239ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/ext-all.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8e9901c7a56cf78e86b90384c8a18329a0bc96c06f0ba87b239a0f4413b199eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1ebbe-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17814

GET
H/1.1 200
OK base.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 197 KB
32 KB 665ms
251ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/base.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ad401a67d0afec08fb36bdd814985e6a4f90949191a150e9e640ed5df95d5e97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "31476-5e31728e72a18-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 32717

GET
H/1.1 200
OK grid.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 6 KB
2 KB 666ms
241ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/grid.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f9cdc3eed2e549dc825b5354ebcad5f4e6ee57547604c0b54346390051be741c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1844-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1551

GET
H/1.1 200
OK sidebar.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 3 KB
1 KB 663ms
237ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/sidebar.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4ce72ae45e1aafaa5cd4cc684c0000459c6d154c31450aad92bbd51a34107c93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "ac2-5e31728e74958-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 871

GET
H/1.1 200
OK iris.shim.desktop.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 673 B
706 B 668ms
222ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/iris.shim.desktop.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 59f12ecd0c381fee3367ffac176a581a966727684a5ce94390b4390b2fc06ca4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2a1-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 371

GET
H/1.1 200
OK iris.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 95 KB
14 KB 853ms
221ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/iris.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e4b9f0c0a5e74bbbde3c314a73fd18b1f5038cbda33e1e58e597dbee8f63d9e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "17c9e-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 13668

GET
H/1.1 200
OK iris-foundation.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 50 KB
7 KB 899ms
234ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/iris-foundation.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "c86e-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6980

GET
H/1.1 200
OK iris-components.shim.desktop.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 1 KB
926 B 897ms
231ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/iris-components.shim.desktop.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: be0b525336c526e14ac9fd25f5055f4f356c1ed0d2c19f41372e5832e00aa636

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "56b-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 591

GET
H/1.1 200
OK iris-components.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 187 KB
19 KB 892ms
223ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/iris-components.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 85392c1de142face2c43f99a314465b26754b0c3b84a66c744802e4268fee931

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2ed06-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 18718

GET
H/1.1 200
OK isotope.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 14 KB
3 KB 1078ms
220ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/isotope.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c45f05122a7423fd896b64d851a5a77e4abbc1da87792588e5f81c5976717ca0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "390c-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2625

GET
H/1.1 200
OK theme.desktop.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 43 KB
7 KB 1090ms
220ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/theme.desktop.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1c6409b9d51aa164948a53e968a2f9bb5c81186ff45f05e2de04f685b6347883

Request headers

Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Origin: https://alpha.xelenz.education
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "aa40-5e31728e74958-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7313

GET
H/1.1 200
OK fi.desktop.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 59 KB
11 KB 1122ms
229ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/fi.desktop.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5ca919797ea60615bb21b01a198194c5ff03076a7272b2003fc6c07668d12953

Request headers

Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Origin: https://alpha.xelenz.education
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "ed46-5e31728e739b8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 11239

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/ 158 KB
25 KB 59ms
27ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/css/bootstrap.min.css

Requested by

Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://alpha.xelenz.education/
Origin: https://alpha.xelenz.education
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 15:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2975599
x-jsd-version: 4.6.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19122-FRA, cache-cdg20780-CDG
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"278e1-H7g/xZXPKL+TYth2EOrfo7e7vlk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXWQFjKwoy7ZEbQC313xSBavJRuUy3qk5arP8CHBs9yviUw4LXISk78nrInAuztokdLQMYC%2FDgl7DVUTZXukj9M5PFNwQwDxyA66cMTLzYvP3bD8G5boBQL8kTy7hYtmydhl48vFJpLsm%2FiEBK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7269676b7b6ed153-BUF
access-control-expose-headers: *

GET
H2 200 Logo
onlinebanking.ecu.com/Image/ 9 KB
9 KB 331ms
133ms Image
image/png 104.17.127.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.ecu.com/Image/Logo?CacheIdentifier=

Requested by

Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.127.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6ffe73271ddb32a8d74bffb2450d0272b40ab5aef57b1120c7a88d0124f456b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 15:34:21 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-svr: WEB164378
cf-ray: 7269676caf588c89-EWR
content-length: 9023
cf-request-id: 1275bef7fd00008c894c39c000000001
last-modified: Wed, 06 Jul 2022 15:34:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cache-control: private, max-age=604800, s-maxage=0
x-robots-tag: none
expires: Wed, 13 Jul 2022 15:34:20 GMT

GET
H2 200 app-store-badge.svg
onlinebanking.ecu.com/Isotope/Images/ 11 KB
4 KB 260ms
63ms Image
image/svg+xml 104.17.127.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.ecu.com/Isotope/Images/app-store-badge.svg

Requested by

Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.127.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 15:34:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 06 Jun 2022 07:47:44 GMT
server: cloudflare
etag: W/"c68b4ab57979d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
x-svr: WEB1639201
cf-ray: 7269676caf5f8c89-EWR
cf-request-id: 1275bef7f700008c895db46000000001

GET
H2 200 google-play-badge.svg
onlinebanking.ecu.com/Isotope/Images/ 9 KB
4 KB 299ms
103ms Image
image/svg+xml 104.17.127.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.ecu.com/Isotope/Images/google-play-badge.svg

Requested by

Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.127.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 15:34:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 06 Jun 2022 07:47:44 GMT
server: cloudflare
etag: W/"424d50b57979d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
x-svr: WEB1654244
cf-ray: 7269676caf618c89-EWR
cf-request-id: 1275bef7fe00008c89fc34e000000001

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 86ms
20ms Script
text/javascript 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 02:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 02:05:07 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/ 81 KB
23 KB 27ms
22ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.1/dist/js/bootstrap.bundle.min.js

Requested by

Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://alpha.xelenz.education/
Origin: https://alpha.xelenz.education
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 15:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 136795
x-jsd-version: 4.6.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19167-FRA, cache-itm18843-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"14535-A2PLWLentg73+/gri862MFIyUBo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2%2FAkXWSaVVmobm7%2FGTZXgNYeRVuGN9yk96nN2EY9QFJxfdQCCYV1wYRew%2Bdz7JZVI6dCN2%2FNj1ljziqENJrsqKmHTlRSzSha1eO0szykQU0bQpEgYcxGFBDR4OSvhcz0tBoQYKluqq3u1hpzak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 7269676b7b70d153-BUF

GET
H/1.1 200
OK script.js Show response
alpha.xelenz.education/wp-admin/educators/main/assets/ 5 KB
2 KB 226ms
226ms Script
application/javascript 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/script.js
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: be2abe72cbcb0d7577cca9200829db1861c30b0697efec6e0bf96e640a59de75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1594-5e31728e74958-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1413

GET
H/1.1 200
OK print.min.css
alpha.xelenz.education/wp-admin/educators/main/assets/ 8 KB
2 KB 230ms
229ms Stylesheet
text/css 3.7.184.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://alpha.xelenz.education/wp-admin/educators/main/assets/print.min.css?1657121960
Requested by: Host: alpha.xelenz.education
URL: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.7.184.189 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-7-184-189.ap-south-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a277dd9a22a97f512f9024dbe82acb5468a168ec43bad3146b2cda9d93afd2fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://alpha.xelenz.education/wp-admin/educators/main/login.php?NESIN=990792811e949ec9144f8e1c27bff275&p=educators&session=1657121960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 15:34:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jul 2022 23:24:53 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1e03-5e31728e74958-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1856

GET
H2 200 Alkami.woff2
assets.orb.alkamitech.com/production/icons/Educators/font/ 41 KB
42 KB 98ms
53ms Font
font/woff2 2600:9000:202c:2800:4:819e:800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.orb.alkamitech.com/production/icons/Educators/font/Alkami.woff2
Requested by: Host: assets.orb.alkamitech.com
URL: https://assets.orb.alkamitech.com/production/icons/Educators/font/font-icons.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:2800:4:819e:800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8037eaa657798878ac5ff42f851a9615bb5419a34ea05d798f38e797456cc6b

Request headers

Referer: https://assets.orb.alkamitech.com/production/icons/Educators/font/font-icons.css
Origin: https://alpha.xelenz.education
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 15:34:22 GMT
content-encoding: gzip
x-amz-cf-pop: EWR52-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 42117
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 17:03:34 GMT
server: AmazonS3
etag: "4e2a306ecfc0b0b8c4ccdc548c6a6b7a"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
x-amz-version-id: z5Bc6npclgpTmojltKYM.dO6sw9DuxG6
via: 1.1 2f5727cd85b40e905349d2b5268f3dbc.cloudfront.net (CloudFront)
cache-control: max-age=630720000, no-cache, no-transform, public
accept-ranges: bytes
content-type: font/woff2
x-amz-cf-id: m0E8gSq9Xft910Y03lWChbRO5aC15teYNR4m3HbOUvUj6BpFS2B9pA==
expires: Tue, 24 Jun 2042 17:02:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Educators Credit Union (Financial)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			alpha.xelenz.education/	1969-12-31 23:59:59	Name: PHPSESSID Value: mm2nnm9avrrvuecp01f3ek3tk6
			.ecu.com/	1970-01-20 04:18:43	Name: __cf_bm Value: tsJNXCbOVamQdKmRRHlhGuXDgzuBVh.h3voyMR9kO24-1657121661-0-AV6HNhTRzqtfAzJjGYWJqi4allb20bVEs4UGxF3AjNsAtqr7RYo+4a8KqRX5ZSPqupPMdufE3l6chRDQWziRA9o=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alpha.xelenz.education
assets.orb.alkamitech.com
cdn.jsdelivr.net
onlinebanking.ecu.com
104.17.127.190
2600:9000:202c:2800:4:819e:800:93a1
2606:4700::6810:5514
2607:f8b0:4006:80d::200a
3.7.184.189
037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
1c6409b9d51aa164948a53e968a2f9bb5c81186ff45f05e2de04f685b6347883
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
4ce72ae45e1aafaa5cd4cc684c0000459c6d154c31450aad92bbd51a34107c93
590fcd2ea2a3de691c86ecf564fff1fcb0982271cf723ae4d6e2453c9e6f5434
59f12ecd0c381fee3367ffac176a581a966727684a5ce94390b4390b2fc06ca4
5ca919797ea60615bb21b01a198194c5ff03076a7272b2003fc6c07668d12953
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
85392c1de142face2c43f99a314465b26754b0c3b84a66c744802e4268fee931
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
8e9901c7a56cf78e86b90384c8a18329a0bc96c06f0ba87b239a0f4413b199eb
a277dd9a22a97f512f9024dbe82acb5468a168ec43bad3146b2cda9d93afd2fe
a6ffe73271ddb32a8d74bffb2450d0272b40ab5aef57b1120c7a88d0124f456b
ab9c55dea4e2d8b7e988cb51b7f82d7dda04336a90e7b9400ac417198590077b
ad401a67d0afec08fb36bdd814985e6a4f90949191a150e9e640ed5df95d5e97
bd9e388c4bf3fa35c69954adfcfad65a60fd47f96ff6bf48048fb4c285c0541a
be0b525336c526e14ac9fd25f5055f4f356c1ed0d2c19f41372e5832e00aa636
be2abe72cbcb0d7577cca9200829db1861c30b0697efec6e0bf96e640a59de75
c45f05122a7423fd896b64d851a5a77e4abbc1da87792588e5f81c5976717ca0
d8037eaa657798878ac5ff42f851a9615bb5419a34ea05d798f38e797456cc6b
e1a457fcc3c6c0d23336df97c1e5594395410bbb67e79719498c53e3551c838f
e4b9f0c0a5e74bbbde3c314a73fd18b1f5038cbda33e1e58e597dbee8f63d9e0
e5895f5341963193228e9f0c1477a3ba414148d4b8785a6078801b2bc02959ca
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9cdc3eed2e549dc825b5354ebcad5f4e6ee57547604c0b54346390051be741c

alpha.xelenz.education Open in urlscan Pro 3.7.184.189 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

284 kBTransfer

1390 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

alpha.xelenz.education Open in urlscan Pro
3.7.184.189 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

284 kB
Transfer

1390 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!