tekim.umj.ac.id
Open in
urlscan Pro
103.206.245.67
Malicious Activity!
Public Scan
Effective URL: http://tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/nkz/tsb/?8yd8d8kb8r0
Submission: On April 16 via manual from US
Summary
This is the only time tekim.umj.ac.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Weightloss Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 69.61.26.122 69.61.26.122 | 22653 (GLOBALCOM...) (GLOBALCOMPASS) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:819::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:824::2002 | 15169 (GOOGLE) (GOOGLE) | |
3 | 172.217.21.194 172.217.21.194 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:80b::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 212.85.127.209 212.85.127.209 | 12824 (HOMEPL-AS) (HOMEPL-AS) | |
2 2 | 192.241.240.89 192.241.240.89 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
2 | 103.206.245.67 103.206.245.67 | 131111 (CEPATNET-...) (CEPATNET-AS-ID PT Mora Telematika Indonesia) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:84e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 11 |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
adservice.google.de | |
adservice.google.com |
ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver008083.home.pl
www.autyzmwpolsce.pl |
ASN14061 (DIGITALOCEAN-ASN, US)
PTR: server2.tiny.cc
tiny.cc |
ASN131111 (CEPATNET-AS-ID PT Mora Telematika Indonesia, ID)
PTR: ip-245-67.moratelindo.co.id
tekim.umj.ac.id |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
googlesyndication.com
tpc.googlesyndication.com pagead2.googlesyndication.com |
11 KB |
3 |
doubleclick.net
securepubads.g.doubleclick.net |
86 KB |
2 |
umj.ac.id
tekim.umj.ac.id |
2 KB |
2 |
tiny.cc
2 redirects
tiny.cc |
1 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
32 KB |
1 |
autyzmwpolsce.pl
1 redirects
www.autyzmwpolsce.pl |
201 B |
1 |
google.com
adservice.google.com |
245 B |
1 |
google.de
adservice.google.de |
171 B |
1 |
googletagmanager.com
www.googletagmanager.com |
29 KB |
1 |
googletagservices.com
www.googletagservices.com |
15 KB |
1 |
soo.gd
soo.gd |
2 KB |
18 | 12 |
Domain | Requested by | |
---|---|---|
3 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
3 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net |
2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
2 | tekim.umj.ac.id |
soo.gd
|
2 | tiny.cc | 2 redirects |
2 | www.google-analytics.com |
www.googletagmanager.com
soo.gd |
1 | cdnjs.cloudflare.com |
tekim.umj.ac.id
|
1 | www.autyzmwpolsce.pl | 1 redirects |
1 | adservice.google.com |
www.googletagservices.com
|
1 | adservice.google.de |
www.googletagservices.com
|
1 | www.googletagmanager.com |
soo.gd
|
1 | www.googletagservices.com |
soo.gd
|
1 | soo.gd | |
18 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.soo.gd Let's Encrypt Authority X3 |
2020-04-12 - 2020-07-11 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-04-01 - 2020-06-24 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1O1 |
2020-03-24 - 2020-06-16 |
3 months | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/nkz/tsb/?8yd8d8kb8r0
Frame ID: 38852E0A3EBF17EAFEE7110C314E42B9
Requests: 32 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F1EE259968BF2EDA216F29760B758C81
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://soo.gd/nm4h Page URL
-
http://www.autyzmwpolsce.pl/openurl.php?bid=19&url=http://tiny.cc/9bc2mz
HTTP 302
http://tiny.cc/9bc2mz HTTP 301
https://tiny.cc/9bc2mz HTTP 303
http://tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/qptta/dvz/?deal=ag... Page URL
- http://tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/nkz/tsb/?8yd8d8kb8r0 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://soo.gd/nm4h Page URL
-
http://www.autyzmwpolsce.pl/openurl.php?bid=19&url=http://tiny.cc/9bc2mz
HTTP 302
http://tiny.cc/9bc2mz HTTP 301
https://tiny.cc/9bc2mz HTTP 303
http://tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/qptta/dvz/?deal=agb1ddgy0t125 Page URL
- http://tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/nkz/tsb/?8yd8d8kb8r0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- http://www.autyzmwpolsce.pl/openurl.php?bid=19&url=http://tiny.cc/9bc2mz HTTP 302
- http://tiny.cc/9bc2mz HTTP 301
- https://tiny.cc/9bc2mz HTTP 303
- http://tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/qptta/dvz/?deal=agb1ddgy0t125
- http://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
nm4h
soo.gd/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
42 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
79 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
44 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 245 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_2020040702.js
securepubads.g.doubleclick.net/gpt/ |
167 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
395 B 712 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl_rendering_2020040702.js
securepubads.g.doubleclick.net/gpt/ |
64 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/qptta/dvz/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
7 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F1EE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gen_204
pagead2.googlesyndication.com/pagead/ |
0 227 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
tekim.umj.ac.id/wp-content/plugins/apikey/listing_email/reviews_write.php/nkz/tsb/ |
1 MB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Redirect Chain
|
95 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
32 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
91 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
62 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
71 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
91 KB 0 |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
75 KB 0 |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
36 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
35 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
47 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
45 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
66 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Weightloss Scam (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
soo.gd
tekim.umj.ac.id
tiny.cc
tpc.googlesyndication.com
www.autyzmwpolsce.pl
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
103.206.245.67
172.217.21.194
192.241.240.89
212.85.127.209
2606:4700::6810:84e5
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:816::2002
2a00:1450:4001:818::2008
2a00:1450:4001:819::200e
2a00:1450:4001:824::2002
69.61.26.122
0011fd01a0d7c94f16540e0312f43148d47c9c4f1ac0ec768d4e22309fae5b98
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
15e3d6ecbb830ae7b4e0add2bda4275e4a1514e763d97751b13327a2b7ac1a87
22c54c8c9b3cefd3ae2fdd10514f917a66974b4b51b020c0105abb325952877b
287d016421fc693c418f910792b9d66b0af35cb41b0f165e8afd512c77043ab7
2c00339b175d5c10e5c82b2081cde9caef9f26e9da0a98e7ffe78ab1da8bac47
3fa9325f3bc95c7c2a88a30571b67cfc7904c6402edc8b4fda9ab7caf39d1192
48a999b97ef4417527b64d2c033f69b29fbe69c49125d928a79c2912043fd27e
5b5b95ceabcd121c2efd989911f7c906e753a38f8876300a1b82921c78806088
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6dbb60378dcae88527197706899f71585572b5e01ca3b469cb4a68479c30a210
740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
940552a0d787f4ffa516c6e73dc8cfb84e8ef1d521592f83dba0552c0c25a933
a272436960ee110f810be6998264bd3597be3866187788ab31699797e1e5b0be
aba596b7a72ffd61e8258da8ffbd3b4797cda31728fab525572a78f802ad89f9
cd404282f2feebbe097b83180489d71ff81e92b0b735135d2b138acdff00a2f2
d4face6c75f425c2ff01d9db2b080f8a494035d006b34b4d7ce3171e508e9f95
d5a22c4bfda1f7b5194ee24fc1db5eea3abac22e395097f244e58bfb037c7951
dad7f515accda98057a527c6d2bf039723b90b4c892273a9740a2a56f12501c9
e9e29c9c11075c1eb69393884562075299925e1de7672fcc29b01356634ca1c3
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872