urlscan.io logo urlscan.io
SecurityTrails logo

imatoku-medic.com Open in urlscan Pro
183.90.246.6  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://imatoku-medic.com/wp/wp2/stanford/
Submission: On November 25 via manual from US — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 183.90.246.6, located in Kamiuenocho, Japan and belongs to XSERVER Xserver Inc., JP. The main domain is imatoku-medic.com.
This is the only time imatoku-medic.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious1 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
1 183.90.246.6 131965 (XSERVER X...)
9 34.82.201.164 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.253.18.46 16509 (AMAZON-02)
13 5
1    183.90.246.6 (Kamiuenocho, Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv1505.xserver.jp
imatoku-medic.com
9    34.82.201.164 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 164.201.82.34.bc.googleusercontent.com
login-assets.stanford.edu
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:10::ac43:5d8 (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
1    34.253.18.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-18-46.eu-west-1.compute.amazonaws.com
rum-collector-2.pingdom.net
Apex Domain
Subdomains		 Transfer
9 stanford.edu
login-assets.stanford.edu — Cisco Umbrella Rank: 582232
82 KB
2 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 6067
rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5420
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
6 KB
1 imatoku-medic.com
imatoku-medic.com
3 KB
13 4
Domain Requested by
9 login-assets.stanford.edu imatoku-medic.com
login-assets.stanford.edu
1 rum-collector-2.pingdom.net rum-static.pingdom.net
1 rum-static.pingdom.net imatoku-medic.com
1 cdnjs.cloudflare.com imatoku-medic.com
1 imatoku-medic.com
13 5

This site contains links to these domains. Also see Links.

Domain
www.stanford.edu
Subject Issuer Validity Valid
login.stanford.edu
InCommon RSA Server CA 2		 2023-10-24 -
2024-10-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
pingdom.net
Cloudflare Inc ECC CA-3		 2023-10-14 -
2024-10-13		 a year crt.sh

This page contains 1 frames:

Primary Page: http://imatoku-medic.com/wp/wp2/stanford/
Frame ID: 7BE6D6F4A3C27C51674E57E251ACDCCA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Stanford Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

85 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

94 kB
Transfer

297 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
imatoku-medic.com/wp/wp2/stanford/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Server
183.90.246.6 Kamiuenocho, Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS
sv1505.xserver.jp
Software
nginx /
Resource Hash
f7370753a9b05d5c9c59d3c0d2de426bb356344acfac07689d2bb4d8974a2ac5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 25 Nov 2023 05:37:57 GMT
ETag
W/"1d91-60ae6fca9b480"
Last-Modified
Fri, 24 Nov 2023 14:44:18 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
jquery-1.11.1.min.js
login-assets.stanford.edu/assets/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-assets.stanford.edu/assets/js/jquery-1.11.1.min.js
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
87981e8062814ca279922ee55276ad14bbdc29649f98e34b2d83c3afb5052a51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"1762c-609f46ae00380-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
33231
bootstrap.min.css
login-assets.stanford.edu/assets/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-assets.stanford.edu/assets/css/bootstrap.min.css
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"1d975-609f46ae00380-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
19749
su-identity.css
login-assets.stanford.edu/assets/css/ 		2 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-assets.stanford.edu/assets/css/su-identity.css
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
e4f7f7d463fc8649d9e4a738d2f5166186489d497422bd8d14774ce5d3c92e2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"792-609f46ae00380-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
633
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 05:37:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1243332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nEhXh79MjeI1bQQ%2BgSvroOaggl7dGVFtc3oedxI0BGGNqlfgdJUepP2OhdTsW9FsbHFt0YKANmXwpBp9z%2Ba0GBW2x0ga4UbVxOTRd6wpEllra3s0BdEEKCgFKHB4LD079%2BM5AOD%2FbMRuBASb5ajjSzAK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82b78aef5c6d8a7e-NRT
expires
Thu, 14 Nov 2024 05:37:57 GMT
login.js
login-assets.stanford.edu/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login-assets.stanford.edu/assets/js/login.js
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
dd150b70b15fe81abffa83f87532feb19f58075f7e9a7e06dd04e77470f8bd1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"1219-609f46ae00380-gzip"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
1483
login.css
login-assets.stanford.edu/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login-assets.stanford.edu/assets/css/login.css
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
e4c4621aaa91d1378aaa10814f327ae6781afa59acb2586783e1aaf0f94269c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"3386-609f46ae00380-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=100
Content-Length
2771
brandbar-stanford-logo@2x.png
login-assets.stanford.edu/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-assets.stanford.edu/assets/images/brandbar-stanford-logo@2x.png
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
0120e4058ba668bbcd8694b55354463cc6e4fadb1cafd7c74c62e5d06c596888
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"16a0-609f46ae00380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
5792
login-header@2x.png
login-assets.stanford.edu/assets/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-assets.stanford.edu/assets/images/login-header@2x.png
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
2da63444e21dc7eeaf585e02e70a228058b0df804b00ae54256a87b63ed58183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"212d-609f46ae00380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
8493
footer-stanford-logo@2x.png
login-assets.stanford.edu/assets/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-assets.stanford.edu/assets/images/footer-stanford-logo@2x.png
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
4bb0e4a92748086660926033d73361c096a62f418f3040c0aa964f471121804b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"1d25-609f46ae00380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
7461
pa-5bedd10fdb2aac001600008c.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5bedd10fdb2aac001600008c.js
Requested by
Host: imatoku-medic.com
URL: http://imatoku-medic.com/wp/wp2/stanford/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8bb3e8cfa031076956e644ae0b2bbe7ffe75b7e29dfc800e6de273af87e66e0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 05:37:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 14 Oct 2022 06:22:28 GMT
server
cloudflare
etag
W/"63490024-1852"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
82b78af4db01c9ef-NRT
expires
Sat, 25 Nov 2023 05:42:59 GMT
rt-arrow.png
login-assets.stanford.edu/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login-assets.stanford.edu/assets/images/rt-arrow.png
Requested by
Host: login-assets.stanford.edu
URL: https://login-assets.stanford.edu/assets/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.82.201.164 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
164.201.82.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
af42d4284e0d2ca792f28f2881815b4a9e91744b8da8a6be50472aefa2da5bb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://login-assets.stanford.edu/assets/css/login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 25 Nov 2023 05:37:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Sun, 12 Nov 2023 13:20:30 GMT
Server
Apache
ETag
"47a-609f46ae00380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=99
Content-Length
1146
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rum-collector-2.pingdom.net/img/beacon.gif?id=5bedd10fdb2aac001600008c&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=13&cE=22&dLE=13&dLS=1&fS=0&hS=-1&rE=-1&rS=-1&reS=22&resS=32&resE=34&uEE=-1&uES=-1&dL=39&dI=924&dCLES=924&dCLEE=928&dC=1937&lES=1937&lEE=1940&s=nt&title=Stanford%20Login&path=http%3A%2F%2Fimatoku-medic.com%2Fwp%2Fwp2%2Fstanford%2F&ref=&sId=2wziiw9q&sST=1700890679&sIS=1&rV=0&v=1.4.1
Requested by
Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-5bedd10fdb2aac001600008c.js
Protocol
HTTP/1.1
Server
34.253.18.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-18-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
http://imatoku-medic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 25 Nov 2023 05:38:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on November 25th 2023, 5:46:51 am UTC — From United States

Threats: Phishing
Comment: This page is a visual copy of Stanford University's SSO login page.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| showPasscode function| showBackupFull function| hideBackupFull function| sf function| createCookie function| readCookie function| eraseCookie function| StickyFooter function| removeSpaces object| jQuery1111027674668229403454

0 Cookies