fti.unmerpas.ac.id Open in urlscan Pro
2606:4700:3033::6815:55b1  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/	7 KB 3 KB	6487ms 6250ms	Document text/html	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a4420c5b0152c028a09c31561b365171355436ae641992b776b9058f627d1fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 76f35df27d4dafa9-NRT Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 24 Nov 2022 16:02:12 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gdXWb0Ksp637%2B0laGyEL2ybLRACk7r0MTTfA4MgcpqyhfVQXg5OdwqAm8xaeRlTACjdORv7bdraunPQU82Z6F5ECxZsHHk0Hw%2F0Trpq6W9c1RAAiuaBVyWcbFSasIP591sxK1P6S5xYu0chCtKodls%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding X-Cache HIT from Backend X-Content-Type-Options nosniff X-Endurance-Cache-Level 2 X-XSS-Protection 1; mode=block alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	api.css fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/	2 KB 2 KB	19ms 17ms	Stylesheet text/css	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/api.css Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63a602d76f364623cb6477ff9237f60df0bd2c5948658207974864c1c2275793 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 118662 Transfer-Encoding chunked X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag W/"630fc04c-77b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUxxkyjA88P9ubQRHV5ZP3EJtGk9vCyhY6QZaVNhJviZikwYvS3BmUFQATeREh6V%2BLKn78geX%2FO5bwRa5ODdfdGaj57q2JVjt%2BSFQaO7Dnai5duvChr4rhhGeWS4AemwGTNjOSux3b5fL9uUaY6F5ao%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 76f35e1988048a60-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	config.js Show response fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/js/	43 B 948 B	16ms 14ms	Script application/javascript	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/js/config.js Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e530ef443c682ca02cab15d939402ead8c7c060fcf676164efd4078508e510e6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT X-Content-Type-Options nosniff CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 132371 X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 43 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag "630fc04c-2b" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdWp9KpDfSXltbWECV3CZdt4Ve8aFpU0XQsAvvnBL59fGMvtNEkTdERNJjibZp44m9dK%2BS12da%2FAcTER%2FLaQeb3meDXObl%2F8WGWYmWZGECJtosbh01IJting%2FotubQvk70QJwrR6nPdOdyprUuq8lfg%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=315360000 Accept-Ranges bytes CF-RAY 76f35e198c420b00-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	style.css fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/	46 KB 9 KB	17ms 16ms	Stylesheet text/css	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/style.css Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b40eea5338ffb4de44b8ced4bb257cf7ca0296537f8ce4772323c38c961eea80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 132371 Transfer-Encoding chunked X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag W/"630fc04c-b798" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgrOvzNmY2KGu9hkerzkJ%2BJ%2B1tPgKDcRQ8L6cAvjICsmT%2Bze03nmkTE2DpsZEnFySYP9%2FWu62kqbmkciQQqyJJ8U4Dy5xzxZ6jWvtwcHVJNDzu2MFIn0KNtz0LkgGSDliqT%2FN1BhNaHmT6uZhLGf1Yc%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 76f35e198c0db003-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	pikaday.css fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/	3 KB 2 KB	16ms 14ms	Stylesheet text/css	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/pikaday.css Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0bf6bc6e7e66c9cfacaf824c257a091e908f00a134213c5c433e024729eddb3a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 132384 Transfer-Encoding chunked X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag W/"630fc04c-d37" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6PCdHYeWoNEBqN8A%2F3fFNcmaazNsJMnwN6We%2Fy4Qrb%2BuimqbnfioguBYRrQy7cXKE3Vf1dn0M4H3D5juCZdjnSEfKWIBjbyk3S7dZsfdRbvtrGgTaqtA9Vs7FlBoCCwoZtAnj4tjN1j1vxyRaEhNcY%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 76f35e1988c1e076-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.1/	82 KB 30 KB	84ms 2ms	Script text/javascript	2404:6800:4004:822::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Tue, 22 Nov 2022 08:36:29 GMT content-encoding gzip x-content-type-options nosniff age 199543 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29671 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 22 Nov 2023 08:36:29 GMT
GET H/1.1	200 OK	framework.min.js Show response fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/js/	33 KB 10 KB	30ms 29ms	Script application/javascript	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/js/framework.min.js Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 687c54662b84844c54be2a5a39421290e7ccc05bc8298983d304f28af7e11083 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 116121 Transfer-Encoding chunked X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag W/"630fc04c-8503" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o20GUj2M4c2asvFSBsPKmcgPxaXSl4kEV8tn7thSZh9%2Fwu0kQDQyfqcspijJSWP9%2Fo0cGdoH40b2nxPKQSEyy2faeYkDuXRGWmf5JwjWxlvEqwm%2BI7rdbvYhbVy0tJvQfb2rDrH6qv8gpxM0MQ75tRc%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=315360000 CF-RAY 76f35e198a3c80cc-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	bundle.min.js Show response fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/js/	402 KB 99 KB	14ms 12ms	Script application/javascript	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/js/bundle.min.js Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43c812e91778bed6e73a73a0fde5fda61b793930ada817126abc015587f53a50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 132371 Transfer-Encoding chunked X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag W/"630fc04c-648d1" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPSAzwLlnh0JHgYIHCGf2r0%2FALltprUZHgyD%2Fzt8%2FPg3Descdk0shQeO4ix4tZFVP9TiUMIBJuumAaInKGWA%2FvYPAX9Nu7YPyZrmm56NjhZZwHg5b7N%2BMKV10iEp9fqRk%2FuFrqQqHsXzdmdskDWENng%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=315360000 CF-RAY 76f35e19992eafa9-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	404 Not Found	icons.svg fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/images/icons/	0 0	230ms 230ms	Other text/html	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/images/icons/icons.svg Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT Content-Encoding gzip CF-Cache-Status EXPIRED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCgmWQAJsyX9ldjq6R%2BnUTAAP2YD1SwCj7p4PQhyVLzxGqRZk9YzV1Dip%2Bfk%2BsxHhx4%2F2YVDZ8S5N4jYqiPNYqIyNsbVB0Fnak4iEpEvG0C47HOPgRxfAgYTnfGjBCWonM8Q9pjOauSUNoTNFbtt7ZQ%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 76f35e1a2aa780cc-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H/1.1	404 Not Found	/ fti.unmerpas.ac.id/icewarpapi/	23 KB 0	5834ms 5834ms	XHR text/html	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/icewarpapi/ Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/js/framework.min.js Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 24 Nov 2022 16:02:18 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-XSS-Protection 1; mode=block Server cloudflare Vary Accept-Encoding X-Endurance-Cache-Level 2 Content-Type text/html; charset=UTF-8 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6l1tTaimMPcL38j3PDFpLk1ZAQia496WqtldxB%2B5XBc%2FqxE3nZLCUgrCNYR4pDGLiqoqKeP259MJ3QBxTqtGAN69rGqruwKvn8lk8bVuKe3ZPNItu6DWWqmJX4ookljahlM45t%2Byr5Vn3PZ3Cm1vpY%3D"}],"group":"cf-nel","max_age":604800} Cache-Control no-cache, must-revalidate, max-age=0 CF-RAY 76f35e1a39c4afa9-NRT Link <http://fti.unmerpas.ac.id/wp-json/>; rel="https://api.w.org/" Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200 OK	background.jpg fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/images/	1013 KB 1009 KB	9ms 9ms	Image image/jpeg	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/images/background.jpg Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7245d9fa1bfc1cabea3545d42b4333bec825f868a4f758cb66a02a0901dd12a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language jp-JP,jp;q=0.9 Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 116549 Transfer-Encoding chunked X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag W/"630fc04c-fd380" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jadWC07DpJI%2FiD4es2chV6lMxbQDNVkyf7%2BzWyUzRsl3CoIyRV6t2WsOrosHfp8i4CmKur0WnFJsG0%2BviplK84wMRSpjPtYty%2F%2B82L%2F%2FCySDE2PKtW13J8uLmePE4jPfmpujWO%2Fp8nMeNTk4lhqro%2Fg%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=315360000 CF-RAY 76f35e1a38a68a60-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	Roboto-Medium.woff2 fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/fonts/	62 KB 63 KB	222ms 222ms	Font font/woff2	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/fonts/Roboto-Medium.woff2 Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/style.css Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2fea2f2aa913b7aa163f45c897a463ba47a00fba670f747ead3d73c44c0d61bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/style.css Origin http://fti.unmerpas.ac.id accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT X-Content-Type-Options nosniff CF-Cache-Status REVALIDATED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 63800 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag "f938-5e78f17fef3dc" Vary Accept-Encoding X-Endurance-Cache-Level 2 Content-Type font/woff2 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMo3y6tvkzXm42gV%2Fm%2FrWFIwGe%2F9XEporpE9t7hVM2S3dvLt9t4Vn8gE8DLOPlIDkPCau26ey%2BzuLNHaYek86FWWzoNasxhGPe9ru%2FbOSq6c5Q1kAVxtMgxXkO1cYNDaK3lIG4d92hC5grvrrZXtrLs%3D"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 76f35e1a3cc1b003-NRT
GET H/1.1	200 OK	Roboto-Regular.woff2 fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/fonts/	62 KB 63 KB	232ms 232ms	Font font/woff2	2606:4700:3033::6815:55b1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/fonts/Roboto-Regular.woff2 Requested by Host: fti.unmerpas.ac.id URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/style.css Protocol HTTP/1.1 Server 2606:4700:3033::6815:55b1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65de8a3e5c4e0307b538ebe97df4dbcae0303b7a7afc5753aba95c218ae33a8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/css/style.css Origin http://fti.unmerpas.ac.id accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Thu, 24 Nov 2022 16:02:12 GMT X-Content-Type-Options nosniff CF-Cache-Status REVALIDATED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} X-Cache HIT from Backend Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 63156 X-XSS-Protection 1; mode=block Last-Modified Wed, 31 Aug 2022 20:10:52 GMT Server cloudflare ETag "f6b4-5e78f17fef7c4" Vary Accept-Encoding X-Endurance-Cache-Level 2 Content-Type font/woff2 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZWqoyIhB8sMEXHklCRcdkZNoKVzfK3C4vyb4HPd9n%2BL9csSgNV7Dkqdy3wKcERfeSmjKTtObr8c4cz7nHi%2FML6CNFqkNruU7IsTaGO849EBmSmC7kLmqG9J%2BQuPywMUw1Oc3UmE8LFpOF4I3drpL0k%3D"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 Accept-Ranges bytes CF-RAY 76f35e1a3cb20b00-NRT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Mailgun (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| config function| $ function| jQuery function| require object| hashChange function| __ object| Debugger object| _me

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://fti.unmerpas.ac.id/wp-admin/user/webgenkic/investopia/webmail/images/icons/icons.svg#facebook Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://fti.unmerpas.ac.id/icewarpapi/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fti.unmerpas.ac.id
2404:6800:4004:822::200a
2606:4700:3033::6815:55b1
0bf6bc6e7e66c9cfacaf824c257a091e908f00a134213c5c433e024729eddb3a
2a4420c5b0152c028a09c31561b365171355436ae641992b776b9058f627d1fa
2fea2f2aa913b7aa163f45c897a463ba47a00fba670f747ead3d73c44c0d61bd
43c812e91778bed6e73a73a0fde5fda61b793930ada817126abc015587f53a50
63a602d76f364623cb6477ff9237f60df0bd2c5948658207974864c1c2275793
65de8a3e5c4e0307b538ebe97df4dbcae0303b7a7afc5753aba95c218ae33a8e
687c54662b84844c54be2a5a39421290e7ccc05bc8298983d304f28af7e11083
7245d9fa1bfc1cabea3545d42b4333bec825f868a4f758cb66a02a0901dd12a9
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
b40eea5338ffb4de44b8ced4bb257cf7ca0296537f8ce4772323c38c961eea80
e530ef443c682ca02cab15d939402ead8c7c060fcf676164efd4078508e510e6