urlscan.io logo urlscan.io
SecurityTrails logo

kendari.aji.or.id Open in urlscan Pro
27.124.85.73  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kendari.aji.or.id/.report-re6
Effective URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid....
Submission: On February 03 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 27.124.85.73, located in Indonesia and belongs to IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID. The main domain is kendari.aji.or.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 4th 2019. Valid for: 3 months.
This is the only time kendari.aji.or.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Excel / PDF download (Online) Adobe (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 16 27.124.85.73 135450 (IDNIC-BST...)
16 2
Apex Domain
Subdomains		 Transfer
16 aji.or.id
kendari.aji.or.id
211 KB
16 1
Domain Requested by
16 kendari.aji.or.id 2 redirects kendari.aji.or.id
16 1

This site contains links to these domains. Also see Links.

Domain
localhost
Subject Issuer Validity Valid
kendari.aji.or.id
cPanel, Inc. Certification Authority		 2019-12-04 -
2020-03-03		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Frame ID: 827CDBA363DC51F07DAF5293C6DE5F02
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://kendari.aji.or.id/.report-re6 HTTP 301
    https://kendari.aji.or.id/.report-re6/ HTTP 302
    https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

88 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

210 kB
Transfer

206 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kendari.aji.or.id/.report-re6 HTTP 301
    https://kendari.aji.or.id/.report-re6/ HTTP 302
    https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
kendari.aji.or.id/.report-re6/
Redirect Chain
  • https://kendari.aji.or.id/.report-re6
  • https://kendari.aji.or.id/.report-re6/
  • https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
073d2f8d1008a7bb2d10a12e31a777315e8890294fead7247035560f151a1ac7
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
kendari.aji.or.id
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

Date
Mon, 03 Feb 2020 09:23:02 GMT
Server
Apache
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
X-Content-Type-Options
nosniff
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 03 Feb 2020 09:23:01 GMT
Server
Apache
Location
login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
X-Content-Type-Options
nosniff
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
cloudflare_002.html
kendari.aji.or.id/.report-re6/index_files/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/index_files/cloudflare_002.html
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
00e5d428cc22f1bc6ff5f9c591772b12ba52011ddce6f28e32004986ee2b133b
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1638
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
cloudflare.html
kendari.aji.or.id/.report-re6/index_files/ 		453 B
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/index_files/cloudflare.html
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
e4a34b05c559bb31588752d4abb0ca582c7afd04fa060e7c2ad18fb9aa44ccfb
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
453
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
facebox.css
kendari.aji.or.id/.report-re6/index_files/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/index_files/facebox.css
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
9a2a983c9ea36e030b6ee8f7f08a2d966fed84f445af2710fcc49dd98b37e832
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1151
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
jquery-1.js
kendari.aji.or.id/.report-re6/index_files/ 		89 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/index_files/jquery-1.js
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
91556
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
facebox.js
kendari.aji.or.id/.report-re6/index_files/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/index_files/facebox.js
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
b8afbfa2c28c52e9756d43f261a9530d982fee6a23e80f0aa0b69414393aeb81
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
9498
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
jquery.js
kendari.aji.or.id/.report-re6/index_files/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/index_files/jquery.js
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
016f9cfa001792db7ad2be1e1ea1424cea09f108f68e7efb1caf4c5e65ac1335
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
19229
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
javascript1.js
kendari.aji.or.id/.report-re6/index_files/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/index_files/javascript1.js
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
833f45ea1a974c239d9413064c835d49d6560814f3b53e6f117e94f186c7252b
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
3056
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
style.css
kendari.aji.or.id/.report-re6/index_files/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/index_files/style.css
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
26be4a965910ef41b8fa348c11fead1a07a6cb62094a15eb8451878eac130e2a
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4701
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
ph.png
kendari.aji.or.id/.report-re6/index_files/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kendari.aji.or.id/.report-re6/index_files/ph.png
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
1a9fab4bedbc84ba03211a888234f0adf0e1c30b2ee583c57dc5e6080399c11b
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6087
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
SpryValidationTextField.html
kendari.aji.or.id/.report-re6/index_files/ 		0
0
adobe_logo_new_1.jpg
kendari.aji.or.id/.report-re6/index_files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kendari.aji.or.id/.report-re6/index_files/adobe_logo_new_1.jpg
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
4adfdcf5a2644ae56f1c40e44fa2ecd712d08af7b10cda9c9b93e063a517c0dd
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
2995
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
cloudflare.min.html
kendari.aji.or.id/.report-re6/ajax.cloudflare.com/cdn-cgi/nexp/dok3v%3d919620257c/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kendari.aji.or.id/.report-re6/ajax.cloudflare.com/cdn-cgi/nexp/dok3v%3d919620257c/cloudflare.min.html
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:03 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Link
<https://kendari.aji.or.id/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=98
X-Content-Security-Policy
allow 'self';
bg.jpg
kendari.aji.or.id/.report-re6/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kendari.aji.or.id/.report-re6/bg.jpg
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
27b1459187d88c45eb97960643c1cbb0d518f448254d913b9fdbd86b55142149
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Jan 2020 01:29:50 GMT
Server
Apache
X-Frame-Options
DENY
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
55423
X-XSS-Protection
1; mode=block
X-Content-Security-Policy
allow 'self';
SpryValidationTextField.html
kendari.aji.or.id/.report-re6/index_files/ 		0
0
adobe_logo_new_1.html
kendari.aji.or.id/.report-re6/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kendari.aji.or.id/.report-re6/images/adobe_logo_new_1.html
Requested by
Host: kendari.aji.or.id
URL: https://kendari.aji.or.id/.report-re6/login.php?l=_JeHFUq_VJOXK0QWHtoGYDw1774256418&fid.13InboxLight.aspxn.1774256418&fid.125289964252813InboxLight99642_Product-email&email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
27.124.85.73 , Indonesia, ASN135450 (IDNIC-BSTI-AS-ID PT Berkah Solusi Teknologi Informasi, ID),
Reverse DNS
subnet.27.124.85.73.mlink.net.id
Software
Apache /
Resource Hash
a91668a315bce3364ec376442ac54ec933b5566b737fafc3c6b4f7c648b4c9ba
Security Headers
Name Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kendari.aji.or.id/.report-re6/index_files/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 09:23:03 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
DENY
Content-Type
text/html; charset=UTF-8
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
Keep-Alive
Link
<https://kendari.aji.or.id/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=5, max=96
X-Content-Security-Policy
allow 'self';

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kendari.aji.or.id
URL
https://kendari.aji.or.id/.report-re6/index_files/SpryValidationTextField.html
Domain
kendari.aji.or.id
URL
https://kendari.aji.or.id/.report-re6/index_files/SpryValidationTextField.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Excel / PDF download (Online) Adobe (Consumer)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| CloudFlare function| $ function| jQuery object| jQuery16209306630308235653 function| script function| click_to_download function| make_the_delay function| redirect_the function| now_download function| MM_reloadPage

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Security-Policy allow 'self';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block