minimalisjatiukir.com Open in urlscan Pro
216.18.208.226 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://minimalisjatiukir.com/toma/barclaypayment.php
Submission Tags: 6699724
Submission: On July 27 via api (July 27th 2020, 1:43:51 pm UTC) from NL

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 216.18.208.226, located in Los Angeles, United States and belongs to WEBNX, US. The main domain is minimalisjatiukir.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 21st 2020. Valid for: 3 months.

This is the only time minimalisjatiukir.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DPD (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
21	216.18.208.226 216.18.208.226		18450 (WEBNX) (WEBNX)
21	1

21 216.18.208.226 (Los Angeles, United States)

ASN18450 (WEBNX, US)

minimalisjatiukir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	minimalisjatiukir.com minimalisjatiukir.com	214 KB
21	1

	Domain	Requested by
21	minimalisjatiukir.com	minimalisjatiukir.com
21	1

This site contains no links.

Subject Issuer	Validity	Valid
minimalisjatiukir.com Let's Encrypt Authority X3	`2020-06-21` - `2020-09-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://minimalisjatiukir.com/toma/barclaypayment.php
Frame ID: 03E7B0562530F1F73A46E4A13A84DFB7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

214 kB
Transfer

857 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request barclaypayment.php Show response minimalisjatiukir.com/toma/	14 KB 3 KB	1227ms 159ms	Document text/html	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Full URL https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / PHP/5.6.40 Resource Hash `10fa60130c3c9c383a7a4d39a93c76031ee1b122dc5671cc1dfc7976d5989c55` Request headers :method GET :authority minimalisjatiukir.com :scheme https :path /toma/barclaypayment.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 x-powered-by PHP/5.6.40 set-cookie PHPSESSID=es5t63lrq2dsf94pmj2ijffnl6; path=/; secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Mon, 27 Jul 2020 13:43:33 GMT server LiteSpeed alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET H2	200	depede.js Show response minimalisjatiukir.com/toma/welcome/	2 KB 469 B	439ms 438ms	Script application/javascript	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Full URL https://minimalisjatiukir.com/toma/welcome/depede.js Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `48ee1f1499b6827288749606d44f893bbc3038b24208d475c16a87d370fe687f` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding br last-modified Tue, 09 Jun 2020 17:28:00 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 395 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	reset.css;jsessionid=746A4C1D6E2647F6E00F3E001135F499.live7e.css minimalisjatiukir.com/toma/welcome/	32 KB 4 KB	155ms 154ms	Stylesheet text/css	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Full URL https://minimalisjatiukir.com/toma/welcome/reset.css;jsessionid=746A4C1D6E2647F6E00F3E001135F499.live7e.css Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `edef66a2065dc21083c858393df0f2270317e409d4e2ded03589ec30e6a5c818` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding br last-modified Sun, 09 Feb 2020 16:15:18 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 3865 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	screen.css minimalisjatiukir.com/toma/welcome/	343 KB 43 KB	297ms 296ms	Stylesheet text/css	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Full URL https://minimalisjatiukir.com/toma/welcome/screen.css Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `0ced77df90855d6e7ada7c9d0618181b0c96e4f87ad23fd0c5674b530fa12460` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding br last-modified Wed, 22 Apr 2020 07:31:58 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 43925 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	logo.png minimalisjatiukir.com/toma/welcome/	6 KB 6 KB	153ms 153ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/logo.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `d1279be257d81aff851b00ab49ba9bf8699eae1613582f5b6a9fcb630d939094` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Sun, 09 Feb 2020 16:03:50 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 6337 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	suma1.png minimalisjatiukir.com/toma/welcome/	4 KB 3 KB	153ms 153ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/suma1.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `84773431654e50506287e03c379468caaa4261f6586434ceff34220ebc355cfa` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Tue, 09 Jun 2020 17:00:02 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 3138 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	suma.png minimalisjatiukir.com/toma/welcome/	5 KB 5 KB	166ms 164ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/suma.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `61423b9cb8ef2967661b0c65f08d9d3e1be45df901eb3226ac4ba4b960dfb7c2` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Tue, 09 Jun 2020 17:20:48 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 4900 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	blogo.png minimalisjatiukir.com/toma/welcome/	12 KB 11 KB	167ms 165ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/blogo.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `bb3314682a4e0ee4c89460a7410b9fc5d1b41d629d62e8ab055679dc0dce1de7` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Wed, 22 Apr 2020 07:03:50 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 11089 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	ilogo.gif minimalisjatiukir.com/toma/welcome/	4 KB 4 KB	171ms 169ms	Image image/gif	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/ilogo.gif Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `e86f711febfea65d435366b3383974830c0145cf22c90c0aaa823d7ca6c6520a` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Wed, 22 Apr 2020 07:04:06 GMT server LiteSpeed vary Accept-Encoding content-type image/gif status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 3742 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	mc_small.png minimalisjatiukir.com/toma/welcome/	862 B 919 B	171ms 170ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/mc_small.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `161cd4bc8e59d504839a8248c81bfa8fad578ca9b0530ab7c99f806a73c4e1c3` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Sun, 09 Feb 2020 16:15:18 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 885 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	visa_small.png minimalisjatiukir.com/toma/welcome/	2 KB 2 KB	281ms 280ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/visa_small.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `0655276f9d154c6d4c153939c0f2c3dfccb4c8945c011a01a1d6049e65b34b25` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Sun, 09 Feb 2020 16:15:20 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 1652 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	maestro_small.png minimalisjatiukir.com/toma/welcome/	2 KB 2 KB	281ms 280ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/maestro_small.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `cb2857dc78e90e87a97fefa96d800c022e3491994a4ab7a833c56efd4524a462` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Sun, 09 Feb 2020 16:15:18 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 1745 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	fil1.png minimalisjatiukir.com/toma/welcome/	982 B 1 KB	280ms 279ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/fil1.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `dae0a926d1c402a35e49d6d270fe617c6a1463504baefe3383dea027af783611` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Tue, 09 Jun 2020 17:24:18 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 1005 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	fil2.png minimalisjatiukir.com/toma/welcome/	988 B 1 KB	280ms 278ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/fil2.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `7c1d1d0b7ffe3ab0bb1ccba092225e3133d2a5e31274be61258f4627d389eb78` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Tue, 09 Jun 2020 17:24:36 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 1011 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	fil3.png minimalisjatiukir.com/toma/welcome/	2 KB 2 KB	281ms 279ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/fil3.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `450437ab40eb3c36b5d257576aab58ccfa0be5d9b903e4032292de41d79235ea` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Tue, 09 Jun 2020 17:24:48 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 1604 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	fil4.png minimalisjatiukir.com/toma/welcome/	856 B 937 B	281ms 280ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/fil4.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `43d32391c2de1f57d07d8e786c8c95b5a7b29218873ada350b9e84cdc96c8108` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Tue, 09 Jun 2020 17:24:58 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 879 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	civi2.png minimalisjatiukir.com/toma/welcome/	6 KB 5 KB	274ms 272ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/civi2.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `12e1c05feaf2f0c9d7311040474b90c754a6962a580bd59f15bdcf3df2989968` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding gzip last-modified Wed, 22 Apr 2020 07:01:54 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 4894 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	print.css minimalisjatiukir.com/toma/welcome/	133 B 211 B	158ms 156ms	Stylesheet text/css	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Full URL https://minimalisjatiukir.com/toma/welcome/print.css Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `dd8e3896584f14411d09bec0f4ea78f7cc922766361557ee6192aa6924d19306` Request headers Referer https://minimalisjatiukir.com/toma/barclaypayment.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:34 GMT last-modified Sun, 09 Feb 2020 16:15:18 GMT server LiteSpeed content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 133 expires Mon, 03 Aug 2020 13:43:34 GMT
GET H2	200	card.png minimalisjatiukir.com/toma/welcome/	3 KB 3 KB	157ms 155ms	Image image/png	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Show image Full URL https://minimalisjatiukir.com/toma/welcome/card.png Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `84482c137ed020e2d4a8b13b601897a4f5813c7eb853e164a4dd0eef2fb4e343` Request headers Referer https://minimalisjatiukir.com/toma/welcome/reset.css;jsessionid=746A4C1D6E2647F6E00F3E001135F499.live7e.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 27 Jul 2020 13:43:34 GMT content-encoding gzip last-modified Sun, 09 Feb 2020 16:15:18 GMT server LiteSpeed vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 2812 expires Mon, 03 Aug 2020 13:43:34 GMT
GET H2	200	screen.css minimalisjatiukir.com/toma/welcome/	343 KB 43 KB	161ms 160ms	Font text/css	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Full URL https://minimalisjatiukir.com/toma/welcome/screen.css Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `0ced77df90855d6e7ada7c9d0618181b0c96e4f87ad23fd0c5674b530fa12460` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://minimalisjatiukir.com/toma/welcome/screen.css Origin https://minimalisjatiukir.com Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding br last-modified Wed, 22 Apr 2020 07:31:58 GMT server LiteSpeed vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 43925 expires Mon, 03 Aug 2020 13:43:33 GMT
GET H2	200	fontawesome-webfont.woff2 minimalisjatiukir.com/toma/welcome/	75 KB 75 KB	266ms 265ms	Font font/woff2	216.18.208.226 WEBNX
General Check archive.org Show headers Download Go to Full URL https://minimalisjatiukir.com/toma/welcome/fontawesome-webfont.woff2 Requested by Host: minimalisjatiukir.com URL: https://minimalisjatiukir.com/toma/barclaypayment.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.18.208.226 Los Angeles, United States, ASN18450 (WEBNX, US), Reverse DNS Software LiteSpeed / Resource Hash `2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://minimalisjatiukir.com/toma/welcome/screen.css Origin https://minimalisjatiukir.com Response headers date Mon, 27 Jul 2020 13:43:33 GMT content-encoding br last-modified Sun, 09 Feb 2020 16:03:50 GMT server LiteSpeed vary Accept-Encoding content-type font/woff2 status 200 cache-control public, max-age=604800 accept-ranges bytes content-length 77165 expires Mon, 03 Aug 2020 13:43:33 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DPD (Transportation)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| validateAddress function| validateDidi

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

minimalisjatiukir.com
216.18.208.226
0655276f9d154c6d4c153939c0f2c3dfccb4c8945c011a01a1d6049e65b34b25
0ced77df90855d6e7ada7c9d0618181b0c96e4f87ad23fd0c5674b530fa12460
10fa60130c3c9c383a7a4d39a93c76031ee1b122dc5671cc1dfc7976d5989c55
12e1c05feaf2f0c9d7311040474b90c754a6962a580bd59f15bdcf3df2989968
161cd4bc8e59d504839a8248c81bfa8fad578ca9b0530ab7c99f806a73c4e1c3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
43d32391c2de1f57d07d8e786c8c95b5a7b29218873ada350b9e84cdc96c8108
450437ab40eb3c36b5d257576aab58ccfa0be5d9b903e4032292de41d79235ea
48ee1f1499b6827288749606d44f893bbc3038b24208d475c16a87d370fe687f
61423b9cb8ef2967661b0c65f08d9d3e1be45df901eb3226ac4ba4b960dfb7c2
7c1d1d0b7ffe3ab0bb1ccba092225e3133d2a5e31274be61258f4627d389eb78
84482c137ed020e2d4a8b13b601897a4f5813c7eb853e164a4dd0eef2fb4e343
84773431654e50506287e03c379468caaa4261f6586434ceff34220ebc355cfa
bb3314682a4e0ee4c89460a7410b9fc5d1b41d629d62e8ab055679dc0dce1de7
cb2857dc78e90e87a97fefa96d800c022e3491994a4ab7a833c56efd4524a462
d1279be257d81aff851b00ab49ba9bf8699eae1613582f5b6a9fcb630d939094
dae0a926d1c402a35e49d6d270fe617c6a1463504baefe3383dea027af783611
dd8e3896584f14411d09bec0f4ea78f7cc922766361557ee6192aa6924d19306
e86f711febfea65d435366b3383974830c0145cf22c90c0aaa823d7ca6c6520a
edef66a2065dc21083c858393df0f2270317e409d4e2ded03589ec30e6a5c818

minimalisjatiukir.com Open in urlscan Pro 216.18.208.226 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

214 kBTransfer

857 kBSize

0 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Indicators

minimalisjatiukir.com Open in urlscan Pro
216.18.208.226 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

214 kB
Transfer

857 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!