jmedsci.com Open in urlscan Pro
67.212.179.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/HVYFWGQ00WHJFDWFGDKWD00WFKGGWJLFWKJH00DFKGWFBBW
Effective URL:
https://jmedsci.com/plugins/generic/openAIRE/locale/nl_NL/tcf/auth/secure
Submission: On April 19 via manual (April 19th 2018, 9:46:21 pm UTC) from US

Summary HTTP 2 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 2 HTTP transactions. The main IP is 67.212.179.163, located in Chicago, United States and belongs to SINGLEHOP-LLC - SingleHop LLC, US. The main domain is jmedsci.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 3rd 2018. Valid for: 3 months.

This is the only time jmedsci.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	67.199.248.10 67.199.248.10		395224 (BITLY-AS) (BITLY-AS - Bitly Inc)
2 2	192.241.240.89 192.241.240.89		14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
1	104.196.146.236 104.196.146.236		15169 (GOOGLE) (GOOGLE - Google LLC)
1	67.212.179.163 67.212.179.163		32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
2	2

1 67.199.248.10 (United States) 1 redirects

ASN395224 (BITLY-AS - Bitly Inc, US)

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.241.240.89 (New York, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: server2.tiny.cc

tiny.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.196.146.236 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 236.146.196.104.bc.googleusercontent.com

www.infraies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.212.179.163 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: r118.tmd.cloud

jmedsci.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	tiny.cc 2 redirects tiny.cc	1 KB
1	jmedsci.com jmedsci.com	7 KB
1	infraies.com www.infraies.com	549 B
1	bit.ly 1 redirects bit.ly	414 B
2	4

	Domain	Requested by
2	tiny.cc	2 redirects
1	jmedsci.com
1	www.infraies.com
1	bit.ly	1 redirects
2	4

This site contains no links.

Subject Issuer	Validity	Valid
jmedsci.com cPanel, Inc. Certification Authority	`2018-03-03` - `2018-06-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://jmedsci.com/plugins/generic/openAIRE/locale/nl_NL/tcf/auth/secure
Frame ID: B47D65883FC801F7765A0C440E5217BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/HVYFWGQ00WHJFDWFGDKWD00WFKGGWJLFWKJH00DFKGWFBBW HTTP 301
http://tiny.cc/ii2nsy HTTP 301
https://tiny.cc/ii2nsy HTTP 303
http://www.infraies.com/wp-admin/includes/ Page URL
https://jmedsci.com/plugins/generic/openAIRE/locale/nl_NL/tcf/auth/secure Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

mod_fastcgi (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /mod_fastcgi(?:\/([\d.]+))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
headers server /mod_fastcgi(?:\/([\d.]+))?/i

Page Statistics

2
Requests

50 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

8 kB
Transfer

7 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/HVYFWGQ00WHJFDWFGDKWD00WFKGGWJLFWKJH00DFKGWFBBW HTTP 301
http://tiny.cc/ii2nsy HTTP 301
https://tiny.cc/ii2nsy HTTP 303
http://www.infraies.com/wp-admin/includes/ Page URL
https://jmedsci.com/plugins/generic/openAIRE/locale/nl_NL/tcf/auth/secure Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/HVYFWGQ00WHJFDWFGDKWD00WFKGGWJLFWKJH00DFKGWFBBW HTTP 301
http://tiny.cc/ii2nsy HTTP 301
https://tiny.cc/ii2nsy HTTP 303
http://www.infraies.com/wp-admin/includes/

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ www.infraies.com/wp-admin/includes/ Redirect Chain https://bit.ly/HVYFWGQ00WHJFDWFGDKWD00WFKGGWJLFWKJH00DFKGWFBBW http://tiny.cc/ii2nsy https://tiny.cc/ii2nsy http://www.infraies.com/wp-admin/includes/	171 B 549 B	699ms 104ms	Document text/html	104.196.146.236 Google LLC
General Check archive.org Show headers Download Go to Full URL http://www.infraies.com/wp-admin/includes/ Protocol HTTP/1.1 Server 104.196.146.236 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 236.146.196.104.bc.googleusercontent.com Software Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.24 OpenSSL/1.0.1f / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.infraies.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers Date Thu, 19 Apr 2018 21:46:09 GMT Content-Encoding gzip Last-Modified Sat, 14 Apr 2018 03:46:03 GMT Server Apache/2.4.7 (Ubuntu) mod_fastcgi/mod_fastcgi-SNAP-0910052141 mod_fcgid/2.3.9 PHP/5.5.9-1ubuntu4.24 OpenSSL/1.0.1f ETag "ab-569c6d3e514c0-gzip" Vary Accept-Encoding Content-Type text/html Connection close Accept-Ranges bytes Content-Length 158 Redirect headers Date Thu, 19 Apr 2018 21:45:55 GMT Server nginx X-Powered-By PHP/5.3.28 Transfer-Encoding chunked Content-Type text/html Location http://www.infraies.com/wp-admin/includes/ Set-Cookie main_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%223c4df4415b916013a6af4d67b9897147%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%22148.251.45.254%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A50%3A%22Mozilla%2F5.0+%28X11%3B+Linux+x86_64%29+AppleWebKit%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1524174355%3B%7D0f4a77a35aff2e831cfbc708da8c5458; expires=Fri, 20-Apr-2018 21:45:55 GMT; path=/; domain=.tiny.cc tyccii2nsy=1; expires=Sun, 19-Apr-2020 21:45:55 GMT tiny_client=462e7753296efaf0090cb2752b992003; expires=Sun, 19-Apr-2020 21:45:55 GMT Connection keep-alive X-Robots-Tag nofollow, noindex
GET H2	500	Primary Request secure Show response jmedsci.com/plugins/generic/openAIRE/locale/nl_NL/tcf/auth/	7 KB 7 KB	660ms 159ms	Document text/html	67.212.179.163 SingleHop LLC
General Check archive.org Show headers Download Go to Full URL https://jmedsci.com/plugins/generic/openAIRE/locale/nl_NL/tcf/auth/secure Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.212.179.163 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US), Reverse DNS r118.tmd.cloud Software Apache / Resource Hash `a8a284f377cb9f21c53e5553234ecb693dc4c2c38f3306b6cde4aead5e05e913` Request headers :path /plugins/generic/openAIRE/locale/nl_NL/tcf/auth/secure pragma no-cache accept-encoding gzip, deflate upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 cache-control no-cache :authority jmedsci.com referer http://www.infraies.com/wp-admin/includes/ :scheme https :method GET Upgrade-Insecure-Requests 1 Referer http://www.infraies.com/wp-admin/includes/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36 Response headers status 500 date Thu, 19 Apr 2018 21:46:09 GMT server Apache content-length 7309 content-type text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
jmedsci.com
tiny.cc
www.infraies.com
104.196.146.236
192.241.240.89
67.199.248.10
67.212.179.163
a8a284f377cb9f21c53e5553234ecb693dc4c2c38f3306b6cde4aead5e05e913