sitta.org Open in urlscan Pro
184.168.139.1  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.pkm.gda.pl/modules/mude/ Page URL
2. http://sitta.org/newsitta/modules/heel/job/uhc/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response www.pkm.gda.pl/modules/mude/	314 B 567 B	132ms 41ms	Document text/html	95.142.253.44 VOLTA-AS
General Check archive.org Show headers Download Go to Full URL http://www.pkm.gda.pl/modules/mude/ Protocol HTTP/1.1 Server 95.142.253.44 Kielno, Poland, ASN39816 (VOLTA-AS, PL), Reverse DNS 95-142-253-44.metrolink.pl Software Apache/2.2.16 (Debian) / Resource Hash 6d946fe6362153bf44e6e81fc4514aa011f2aed3028457a661eb9509b2d3aa71 Request headers Host www.pkm.gda.pl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:35 GMT Server Apache/2.2.16 (Debian) Last-Modified Wed, 14 Oct 2020 23:22:10 GMT ETag "57d54-13a-5b1a9ccf8cc80" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 228 Keep-Alive timeout=15, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	Primary Request / Show response sitta.org/newsitta/modules/heel/job/uhc/	39 KB 7 KB	485ms 452ms	Document text/html	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash 61d0a490839296c0c000ad4319b72461bf138de5e97623158665ede3daf09636 Request headers Host sitta.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://www.pkm.gda.pl/modules/mude/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://www.pkm.gda.pl/modules/mude/ Response headers Date Thu, 15 Oct 2020 14:09:32 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Content-Length 6977 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	App-UHOne.css sitta.org/newsitta/modules/heel/job/uhc/assets/files/	527 KB 62 KB	250ms 249ms	Stylesheet text/css	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash 705beaae11c07177f4e5948f20640c6f9a1552f1602ac51f83b5e181edd5d511 Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:33 GMT Content-Encoding gzip Last-Modified Sat, 25 Apr 2020 05:04:32 GMT Server Apache ETag "83ae6-5a4166ad2f800-gzip" Vary Accept-Encoding Content-Type text/css Cache-Control max-age=86400 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 63564 Expires Fri, 16 Oct 2020 14:09:33 GMT
GET H2	200	jquery.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-beta1/	256 KB 64 KB	19ms 17ms	Script application/javascript	2606:4700::6811:4f6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.0.0-beta1/jquery.js Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 78f27c3d7cb5d766466703adc7f7ad7706b7fb05514eec39be0aa253449bd0f8 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 14:09:33 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 669498 x-via cfworker/kv status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 64839 cf-request-id 05ce3149b0000005f1df3ae000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare etag "5eb03ec4-40023" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602770973"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5e2a1e55ec7d05f1-FRA expires Tue, 05 Oct 2021 14:09:33 GMT
GET H2	200	jquery.validate.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/	45 KB 11 KB	18ms 16ms	Script application/javascript	2606:4700::6811:4f6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/jquery.validate.js Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2aecc3e7494318d2398eafe2a6de21c03a52264ddf86c7934758ddbda06864bb Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 14:09:33 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1270959 x-via cfworker/kv status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10622 cf-request-id 05ce3149af000005f1b2372000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare etag "5eb03ec2-b4b9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602770973"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5e2a1e55ec8305f1-FRA expires Tue, 05 Oct 2021 14:09:33 GMT
GET H2	200	additional-methods.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/	38 KB 9 KB	15ms 14ms	Script application/javascript	2606:4700::6811:4f6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/additional-methods.js Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d95e0e21c160558eb3d2bacd76779048cb600cc04e15264e0835f4f86b4b375 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 14:09:33 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1353241 x-via cfworker/kv status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9078 cf-request-id 05ce3149af000005f1fdbc2000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare etag "5eb03ec2-985d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602770973"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5e2a1e55ec8505f1-FRA expires Tue, 05 Oct 2021 14:09:33 GMT
GET H2	200	jquery.maskedinput.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/	10 KB 2 KB	22ms 21ms	Script application/javascript	2606:4700::6811:4f6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.js Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 14:09:33 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1267221 x-via cfworker/kv status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2306 cf-request-id 05ce3149af000005f1f98f9000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare etag "5eb03ec3-284d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602770973"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5e2a1e55ec8605f1-FRA expires Tue, 05 Oct 2021 14:09:33 GMT
GET H2	200	jquery.payment.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.3.2/	17 KB 3 KB	31ms 30ms	Script application/javascript	2606:4700::6811:4f6b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.3.2/jquery.payment.js Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60499c4335239d51fa6ef40bd909ba8e62a2a468b16b74f0fd9fadac1eee4bbf Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 15 Oct 2020 14:09:33 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4469923 x-via cfworker/kv status 200 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3067 cf-request-id 05ce3149b1000005f1b1ac5000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare etag "5eb03ec3-421b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602770973"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5e2a1e55ec8705f1-FRA expires Tue, 05 Oct 2021 14:09:33 GMT
GET H/1.1	200 OK	ajax-loader.gif sitta.org/newsitta/modules/heel/job/uhc/assets/files/	8 KB 9 KB	398ms 373ms	Image image/gif	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/ajax-loader.gif Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash d8c95fcdd1ff338e621f55dee7f021596d651f80d8d9fb6dae6bfb60fafbb58d Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:33 GMT Last-Modified Sat, 25 Apr 2020 05:04:32 GMT Server Apache ETag "21dc-5a4166ad2f800" Content-Type image/gif Cache-Control max-age=5184000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 8668 Expires Mon, 14 Dec 2020 14:09:33 GMT
GET H/1.1	200 OK	a.jfif sitta.org/newsitta/modules/heel/job/uhc/assets/files/	30 KB 30 KB	201ms 200ms	Image image/jpeg	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/a.jfif Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash 9801a648d331baef84577c7fa5a18bdfff5fdf682ed9d1d3a8e36b976e5e2d38 Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:33 GMT Last-Modified Sat, 25 Apr 2020 05:04:32 GMT Server Apache ETag "78ac-5a4166ad2f800" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 30892
GET H/1.1	200 OK	FileAttachment.svg sitta.org/newsitta/modules/heel/job/uhc/assets/files/	691 B 963 B	200ms 200ms	Image image/svg+xml	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/FileAttachment.svg Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash ab0b7b542e351cb3cbebeabc7c9bf9a4c0cb821d9d93307002e6a1b3c84f1699 Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:33 GMT Last-Modified Sat, 25 Apr 2020 05:04:32 GMT Server Apache ETag "2b3-5a4166ad2f800" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 691
GET H/1.1	200 OK	a.png sitta.org/newsitta/modules/heel/job/uhc/assets/files/	4 KB 4 KB	410ms 371ms	Image image/png	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/a.png Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash 3c9b6207b502891d16f29e370ff22a36091d5b39f2641434f215056c1dffe5ba Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:33 GMT Last-Modified Sat, 25 Apr 2020 05:04:32 GMT Server Apache ETag "edf-5a4166ad2f800" Content-Type image/png Cache-Control max-age=5184000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3807 Expires Mon, 14 Dec 2020 14:09:33 GMT
GET H/1.1	200 OK	comodo_secure_seal_113x59_transp.png sitta.org/newsitta/modules/heel/job/uhc/assets/files/	9 KB 9 KB	419ms 380ms	Image image/png	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/comodo_secure_seal_113x59_transp.png Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/ Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash 24c94b4ab339a9c7c23474bcef3443422d2b99b5d8d2d7d3911296c3ffef4cf2 Request headers Referer http://sitta.org/newsitta/modules/heel/job/uhc/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:33 GMT Last-Modified Sat, 25 Apr 2020 05:04:32 GMT Server Apache ETag "2411-5a4166ad2f800" Content-Type image/png Cache-Control max-age=5184000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9233 Expires Mon, 14 Dec 2020 14:09:33 GMT
GET H/1.1	404 Not Found	UHCSans-Medium.woff sitta.org/newsitta/modules/heel/job/uhc/fonts/UHCfonts/	0 0	388ms 375ms	Font text/html	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://sitta.org/newsitta/modules/heel/job/uhc/fonts/UHCfonts/UHCSans-Medium.woff Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash Request headers Origin http://sitta.org Referer http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:33 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	UHCSans-Regular.woff sitta.org/newsitta/modules/heel/job/uhc/fonts/UHCfonts/	0 0	932ms 919ms	Font text/html	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://sitta.org/newsitta/modules/heel/job/uhc/fonts/UHCfonts/UHCSans-Regular.woff Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash Request headers Origin http://sitta.org Referer http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:33 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	UHCSans-Medium.ttf sitta.org/newsitta/modules/heel/job/uhc/fonts/UHCfonts/	0 0	202ms 202ms	Font text/html	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://sitta.org/newsitta/modules/heel/job/uhc/fonts/UHCfonts/UHCSans-Medium.ttf Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash Request headers Origin http://sitta.org Referer http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:34 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	UHCSans-Regular.ttf sitta.org/newsitta/modules/heel/job/uhc/fonts/UHCfonts/	0 0	213ms 213ms	Font text/html	184.168.139.1 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://sitta.org/newsitta/modules/heel/job/uhc/fonts/UHCfonts/UHCSans-Regular.ttf Requested by Host: sitta.org URL: http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css Protocol HTTP/1.1 Server 184.168.139.1 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS p3nlhg182c1182.shr.prod.phx3.secureserver.net Software Apache / Resource Hash Request headers Origin http://sitta.org Referer http://sitta.org/newsitta/modules/heel/job/uhc/assets/files/App-UHOne.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 15 Oct 2020 14:09:34 GMT Server Apache Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Transfer-Encoding chunked Content-Type text/html

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UnitedHealth Group (Healthcare)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| ForwardValues function| movetoNext

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
sitta.org
www.pkm.gda.pl
184.168.139.1
2606:4700::6811:4f6b
95.142.253.44
1d95e0e21c160558eb3d2bacd76779048cb600cc04e15264e0835f4f86b4b375
24c94b4ab339a9c7c23474bcef3443422d2b99b5d8d2d7d3911296c3ffef4cf2
2aecc3e7494318d2398eafe2a6de21c03a52264ddf86c7934758ddbda06864bb
3c9b6207b502891d16f29e370ff22a36091d5b39f2641434f215056c1dffe5ba
60499c4335239d51fa6ef40bd909ba8e62a2a468b16b74f0fd9fadac1eee4bbf
61d0a490839296c0c000ad4319b72461bf138de5e97623158665ede3daf09636
6d946fe6362153bf44e6e81fc4514aa011f2aed3028457a661eb9509b2d3aa71
705beaae11c07177f4e5948f20640c6f9a1552f1602ac51f83b5e181edd5d511
78f27c3d7cb5d766466703adc7f7ad7706b7fb05514eec39be0aa253449bd0f8
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
9801a648d331baef84577c7fa5a18bdfff5fdf682ed9d1d3a8e36b976e5e2d38
ab0b7b542e351cb3cbebeabc7c9bf9a4c0cb821d9d93307002e6a1b3c84f1699
d8c95fcdd1ff338e621f55dee7f021596d651f80d8d9fb6dae6bfb60fafbb58d