www.kjmenergyinternational.org Open in urlscan Pro
199.193.6.12  Malicious Activity! Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://etudehouse.co.id/rss.php Page URL
2. https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	rss.php Show response etudehouse.co.id/	308 B 460 B	218ms 110ms	Document text/html	192.252.214.180 Total Server Solu...
General Check archive.org Show headers Download Go to Full URL http://etudehouse.co.id/rss.php Protocol HTTP/1.1 Server 192.252.214.180 Atlanta, United States, ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US), Reverse DNS umum.eazysmart.com Software Apache / Resource Hash 294f56efa0521b5df5ac2d3edf05613f1d36f833361f54a64a1094eeab812667 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host etudehouse.co.id Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:22:36 GMT Server Apache Connection close Content-Length 308 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request / Show response www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/	13 KB 13 KB	492ms 162ms	Document text/html	199.193.6.12 Namecheap
General Check archive.org Show headers Download Go to Full URL https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.193.6.12 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US), Reverse DNS server1.revolutionhoster.com Software Apache / Resource Hash 26acdc20106f66d5fbf8efdc3c23294c1545ed3b7825e2e8916fdcb3bb8bde94 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.kjmenergyinternational.org Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer http://etudehouse.co.id/rss.php Connection keep-alive Cache-Control no-cache Upgrade-Insecure-Requests 1 Referer http://etudehouse.co.id/rss.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:43 GMT Last-Modified Tue, 13 Mar 2018 15:05:18 GMT Server Apache Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 12933
GET H/1.1	200 OK	pm_fp.js Show response www3.citizensbankonline.com/efs/efs/jsp-ns/	24 KB 7 KB	552ms 108ms	Script application/x-javascript	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/pm_fp.js Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash ae571edfb75648a099b4bb67a1b33cf1be1133eac6d74e92a786f0303fc08298 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "42049f-6022-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes X-OLB-REQ-RECEIVED t=1520958585375473 Keep-Alive timeout=15, max=91 Content-Length 6921 X-OLB-REQ-DURATION D=2408
GET H/1.1	200 OK	jquery-ui-1.10.1.custom.min.css www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/css/custom-theme/	22 KB 5 KB	553ms 109ms	Stylesheet text/css	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/css/custom-theme/jquery-ui-1.10.1.custom.min.css Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 021698a397aac6d81d6db23a8bebc9ba0d134cb92a09d529bcaf749e10a916a3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "4204e9-5876-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type text/css Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes X-OLB-REQ-RECEIVED t=1520958585373333 Keep-Alive timeout=15, max=79 Content-Length 4387 X-OLB-REQ-DURATION D=6126
GET H/1.1	200 OK	jquery.min.js Show response www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/	90 KB 33 KB	558ms 114ms	Script application/x-javascript	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/jquery.min.js Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "4204fc-169d9-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes X-OLB-REQ-RECEIVED t=1520958585374330 Keep-Alive timeout=15, max=97 Content-Length 32784 X-OLB-REQ-DURATION D=10182
GET H/1.1	200 OK	jquery.hoverIntent.js Show response www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/	1 KB 1 KB	549ms 106ms	Script application/x-javascript	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery.hoverIntent.js Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 5f5174ecbf3d9d3a7154c20eba9fc818d9a208e4100a0f43a1f948a4331a92cc Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "4204dc-499-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes X-OLB-REQ-RECEIVED t=1520958585374574 Keep-Alive timeout=15, max=95 Content-Length 508 X-OLB-REQ-DURATION D=1357
GET H/1.1	200 OK	jquery-ui-1.10.1.custom.min.js Show response www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/	111 KB 31 KB	678ms 227ms	Script application/x-javascript	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/jquery-ui/js/jquery-ui-1.10.1.custom.min.js Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 5f8037c239f9d2e0896271b362703842ea844b7dfca6068a371f8f39c79da2aa Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "4204fd-1bdf3-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes X-OLB-REQ-RECEIVED t=1520958585385228 Keep-Alive timeout=15, max=97 Content-Length 31375 X-OLB-REQ-DURATION D=8600
GET H/1.1	200 OK	capslock.jquery.js Show response www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/caps_lock/	3 KB 2 KB	655ms 105ms	Script application/x-javascript	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/caps_lock/capslock.jquery.js Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 40cc631b457d31330d5a322e1cd49c50b72f41269791e3654f443c9e8e6c1de8 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "420500-cb2-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes X-OLB-REQ-RECEIVED t=1520958585480606 Keep-Alive timeout=15, max=96 Content-Length 1209 X-OLB-REQ-DURATION D=1084
GET H/1.1	200 OK	styles-2013.css www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/	16 KB 4 KB	546ms 105ms	Stylesheet text/css	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 74fc4318944ac7fdfd5b1bacf28c7ed8aff21c02b76df7bbd0c88de77acb0c42 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "4204a5-40cd-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type text/css Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes X-OLB-REQ-RECEIVED t=1520958585373430 Keep-Alive timeout=15, max=72 Content-Length 3590 X-OLB-REQ-DURATION D=1686
GET H/1.1	200 OK	hinticon.png www3.citizensbankonline.com/efs/efs/grafx/	1 KB 2 KB	108ms 108ms	Image image/png	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/hinticon.png Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash f94fc49d5ff852c411e3da487bd4f63aed16a07642fd0b1231887e8ac3d9b05f Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT X-OLB-REQ-RECEIVED t=1520958585829935 Last-Modified Sat, 16 Dec 2017 05:43:02 GMT ETag "2068e-4c3-5606e9724e580" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=99 Content-Length 1219 X-OLB-REQ-DURATION D=689
GET H/1.1	200 OK	ehl.gif www3.citizensbankonline.com/efs/efs/grafx/	88 B 473 B	106ms 106ms	Image image/gif	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/ehl.gif Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash f38ccfb82832d5d520a762b30713c43d178f8e9b6e0f9f51970611f06636d6aa Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT X-OLB-REQ-RECEIVED t=1520958585830593 Last-Modified Sat, 16 Dec 2017 05:43:02 GMT ETag "20593-58-5606e9724e580" X-Frame-Options SAMEORIGIN Content-Type image/gif Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=92 Content-Length 88 X-OLB-REQ-DURATION D=447
GET H/1.1	200 OK	common.js Show response www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/	5 KB 2 KB	111ms 111ms	Script application/x-javascript	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/scripts/common.js Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 88146e8caa732ee54c82fcb58a0c95d5a0bcd44df238a3ebe91a6cb0ed764c7b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT Content-Encoding gzip Vary Accept-Encoding Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "4204da-1302-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes X-OLB-REQ-RECEIVED t=1520958585720935 Keep-Alive timeout=15, max=100 Content-Length 1613 X-OLB-REQ-DURATION D=1085
GET H/1.1	200 OK	arrow-collapse.png www3.citizensbankonline.com/efs/efs/grafx/	1 KB 1 KB	105ms 105ms	Image image/png	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/arrow-collapse.png Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 34a0f68c279cbb29c79717498dbe63d577a1f94ae9c57aa886a5af279c56b9be Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT X-OLB-REQ-RECEIVED t=1520958585831401 Last-Modified Sat, 16 Dec 2017 05:43:01 GMT ETag "200e6-40c-5606e9715a340" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=92 Content-Length 1036 X-OLB-REQ-DURATION D=471
GET H/1.1	200 OK	lock-grn.png www3.citizensbankonline.com/efs/efs/grafx/	1 KB 2 KB	104ms 104ms	Image image/png	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/lock-grn.png Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 7574983a9af6d447856f9965e1d156c0027cead27de40ea7af026da3574fc566 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT X-OLB-REQ-RECEIVED t=1520958585832316 Last-Modified Sat, 16 Dec 2017 05:43:01 GMT ETag "20109-51b-5606e9715a340" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=72 Content-Length 1307 X-OLB-REQ-DURATION D=398
GET H/1.1	200 OK	splitter.png www3.citizensbankonline.com/efs/efs/grafx/	2 KB 2 KB	105ms 104ms	Image image/png	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/splitter.png Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 089d475a97a845f1fa56d66ce227f9a70170aa893249052a7089c307c614daf1 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT X-OLB-REQ-RECEIVED t=1520958585833571 Last-Modified Sat, 16 Dec 2017 05:43:01 GMT ETag "2000a-6f1-5606e9715a340" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=71 Content-Length 1777 X-OLB-REQ-DURATION D=378
GET H/1.1	200 OK	citizens-logo-sm.png www3.citizensbankonline.com/efs/efs/grafx/	3 KB 3 KB	104ms 104ms	Image image/png	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Show image Full URL https://www3.citizensbankonline.com/efs/efs/grafx/citizens-logo-sm.png Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 61ab87df5a701ac0749d98660ebbdca021127991d12c2f79cdd723f8a96ecd5a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Response headers Date Tue, 13 Mar 2018 16:29:45 GMT X-OLB-REQ-RECEIVED t=1520958585832846 Last-Modified Sat, 16 Dec 2017 05:43:02 GMT ETag "2054a-ae9-5606e9724e580" X-Frame-Options SAMEORIGIN Content-Type image/png Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=90 Content-Length 2793 X-OLB-REQ-DURATION D=422
GET H/1.1	200 OK	citizen_roman.woff www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/	31 KB 32 KB	516ms 104ms	Font application/octet-stream	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_roman.woff Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css Origin https://www.kjmenergyinternational.org Response headers Date Tue, 13 Mar 2018 16:29:46 GMT X-OLB-REQ-RECEIVED t=1520958586244587 Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "4204b2-7ce0-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type text/plain Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=87 Content-Length 31968 X-OLB-REQ-DURATION D=892
GET H/1.1	200 OK	citizen_bold.woff www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/	29 KB 29 KB	520ms 105ms	Font application/octet-stream	174.128.65.144 RBS Citizens
General Check archive.org Show headers Download Go to Full URL https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/font/citizen_bold.woff Requested by Host: www.kjmenergyinternational.org URL: https://www.kjmenergyinternational.org//templates/beez/css/Verify.citizensbank.com/ Protocol HTTP/1.1 Server 174.128.65.144 Riverside, United States, ASN63335 (CITIZENS-BANK-AS - RBS Citizens, NA, US), Reverse DNS Software / Resource Hash 5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36 Referer https://www3.citizensbankonline.com/efs/efs/jsp-ns/inc/css/styles-2013.css Origin https://www.kjmenergyinternational.org Response headers Date Tue, 13 Mar 2018 16:29:46 GMT X-OLB-REQ-RECEIVED t=1520958586248868 Last-Modified Sat, 16 Dec 2017 05:47:33 GMT ETag "4204c0-7278-5606ea74c0740" X-Frame-Options SAMEORIGIN Content-Type text/plain Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=15, max=65 Content-Length 29304 X-OLB-REQ-DURATION D=621

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Citizens Bank (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| SEP string| PAIR function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| FingerPrint function| Hashtable function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| add_deviceprint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| $ function| jQuery function| DP_jQuery_1520958585770 object| theBody function| isNumeric function| needHelp function| isSpecialChar function| validateIE7 function| setFieldState function| hasErrors function| getValidateMessageListCheckSpaces function| getValidateMessageList function| getBasicFieldErrorMessages function| getBasicFieldSuccessMessages function| isIE7 function| isUnsupported function| setupToolTip function| setupNonStickyToolTip function| initPasswordToolTip function| initPasswordCapsLock function| validatePasswordRules function| validateField function| isEmpty function| validateGoodPasswordRules

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

etudehouse.co.id
www.kjmenergyinternational.org
www3.citizensbankonline.com
174.128.65.144
192.252.214.180
199.193.6.12
021698a397aac6d81d6db23a8bebc9ba0d134cb92a09d529bcaf749e10a916a3
089d475a97a845f1fa56d66ce227f9a70170aa893249052a7089c307c614daf1
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
26acdc20106f66d5fbf8efdc3c23294c1545ed3b7825e2e8916fdcb3bb8bde94
294f56efa0521b5df5ac2d3edf05613f1d36f833361f54a64a1094eeab812667
34a0f68c279cbb29c79717498dbe63d577a1f94ae9c57aa886a5af279c56b9be
40cc631b457d31330d5a322e1cd49c50b72f41269791e3654f443c9e8e6c1de8
5bb2d438470a02799577010a14310fa8ac3ed7ea77ca15435aaaa154e407b3e6
5f5174ecbf3d9d3a7154c20eba9fc818d9a208e4100a0f43a1f948a4331a92cc
5f8037c239f9d2e0896271b362703842ea844b7dfca6068a371f8f39c79da2aa
61ab87df5a701ac0749d98660ebbdca021127991d12c2f79cdd723f8a96ecd5a
74fc4318944ac7fdfd5b1bacf28c7ed8aff21c02b76df7bbd0c88de77acb0c42
7574983a9af6d447856f9965e1d156c0027cead27de40ea7af026da3574fc566
88146e8caa732ee54c82fcb58a0c95d5a0bcd44df238a3ebe91a6cb0ed764c7b
ae571edfb75648a099b4bb67a1b33cf1be1133eac6d74e92a786f0303fc08298
c8b1f6c22756521c86a5b0053b8565b49436f7fa19d1bb7cdf00a7808df28d42
f38ccfb82832d5d520a762b30713c43d178f8e9b6e0f9f51970611f06636d6aa
f94fc49d5ff852c411e3da487bd4f63aed16a07642fd0b1231887e8ac3d9b05f