jaluzi-tut.by Open in urlscan Pro
2a0a:7d80:1:7::100:48  Malicious Activity! Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response jaluzi-tut.by/bx/jmu/	4 KB 2 KB	174ms 33ms	Document text/html	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / Resource Hash f54232a94895d1c0b7515ba5596568ebd49d2c83a2454b3845a3578487b5372f Request headers Host jaluzi-tut.by Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Server nginx/1.16.1 Date Mon, 03 Feb 2020 13:01:14 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Mon, 03 Feb 2020 12:34:53 GMT Content-Encoding gzip
GET H/1.1	200 OK	idm_uio.css jaluzi-tut.by/bx/jmu/index_files/	8 KB 3 KB	33ms 32ms	Stylesheet text/css	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/bx/jmu/index_files/idm_uio.css Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / Resource Hash d8ac8d9fb11ec49917089987b2472be6cc9be470bb59fe952180a13dd223d174 Request headers Referer http://jaluzi-tut.by/bx/jmu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Content-Encoding gzip Last-Modified Mon, 03 Feb 2020 12:34:53 GMT Server nginx/1.16.1 ETag W/"5e38136d-1f02" Transfer-Encoding chunked Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=8380800 Connection keep-alive Expires Sun, 10 May 2020 13:01:14 GMT
GET H/1.1	200 OK	idm_mobile.css jaluzi-tut.by/bx/jmu/index_files/	4 KB 1 KB	57ms 28ms	Stylesheet text/css	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/bx/jmu/index_files/idm_mobile.css Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / Resource Hash d62a29f007a1d9bb7be14b98fbf95065bfc9fc284ebb34682f867402083ce34f Request headers Referer http://jaluzi-tut.by/bx/jmu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Content-Encoding gzip Last-Modified Mon, 03 Feb 2020 12:34:53 GMT Server nginx/1.16.1 ETag W/"5e38136d-102f" Transfer-Encoding chunked Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=8380800 Connection keep-alive Expires Sun, 10 May 2020 13:01:14 GMT
GET H/1.1	200 OK	jquery.js.download Show response jaluzi-tut.by/bx/jmu/index_files/	86 KB 35 KB	66ms 34ms	Script application/javascript	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/bx/jmu/index_files/jquery.js.download Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Referer http://jaluzi-tut.by/bx/jmu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Content-Encoding gzip Last-Modified Mon, 03 Feb 2020 12:34:53 GMT Server nginx/1.16.1 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	scripts.js.download Show response jaluzi-tut.by/bx/jmu/index_files/	3 KB 1 KB	66ms 33ms	Script application/javascript	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/bx/jmu/index_files/scripts.js.download Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / Resource Hash 03675e0468a49bd391f9a5884df58ae0733a0e1ab1c2b5933c35abf407dded93 Request headers Referer http://jaluzi-tut.by/bx/jmu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Content-Encoding gzip Last-Modified Mon, 03 Feb 2020 12:34:53 GMT Server nginx/1.16.1 Connection keep-alive Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	idm.js.download Show response jaluzi-tut.by/bx/jmu/index_files/	23 B 251 B	66ms 34ms	Script application/javascript	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/bx/jmu/index_files/idm.js.download Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / Resource Hash 4f4d7fe1e003476ba160a85d9fa576c3d4130810e16d197ac3c6dfb633fca78f Request headers Referer http://jaluzi-tut.by/bx/jmu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Last-Modified Mon, 03 Feb 2020 12:34:53 GMT Server nginx/1.16.1 Connection keep-alive Accept-Ranges bytes Content-Length 23 Content-Type application/javascript
GET H/1.1	200 OK	loginpage.js.download Show response jaluzi-tut.by/bx/jmu/index_files/	801 B 1 KB	73ms 37ms	Script application/javascript	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/bx/jmu/index_files/loginpage.js.download Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / Resource Hash f36f71a3d0e791bb7695901c0c4011e82c3d77b973f9b30d7c7bf9943f3ee29c Request headers Referer http://jaluzi-tut.by/bx/jmu/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Last-Modified Mon, 03 Feb 2020 12:34:53 GMT Server nginx/1.16.1 Connection keep-alive Accept-Ranges bytes Content-Length 801 Content-Type application/javascript
GET H/1.1	200 OK	login_page.png login.jmu.edu/images/headers/	4 KB 5 KB	392ms 96ms	Image image/png	134.126.6.131 JMUNET
General Check archive.org Show headers Download Go to Show image Full URL https://login.jmu.edu/images/headers/login_page.png Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 134.126.6.131 Harrisonburg, United States, ASN10357 (JMUNET, US), Reverse DNS login.jmu.edu Software Oracle-HTTP-Server-11g / Resource Hash b53bf07a142bb44352453cba670432ce34df3abb4120259b5b667271449601ea Request headers Referer http://jaluzi-tut.by/bx/jmu/index_files/idm_uio.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Last-Modified Fri, 13 Apr 2018 19:32:35 GMT Server Oracle-HTTP-Server-11g ETag "c00fe-11b3-569bfef1edac0" Content-Language en Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=952 Content-Length 4531
GET H/1.1	200 OK	seal01002.png login.jmu.edu/images/	41 KB 42 KB	398ms 99ms	Image image/png	134.126.6.131 JMUNET
General Check archive.org Show headers Download Go to Show image Full URL https://login.jmu.edu/images/seal01002.png Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 134.126.6.131 Harrisonburg, United States, ASN10357 (JMUNET, US), Reverse DNS login.jmu.edu Software Oracle-HTTP-Server-11g / Resource Hash 51f7b654e570c811bd982327dba5521f35a86e512809358a0a591cc38d20a94e Request headers Referer http://jaluzi-tut.by/bx/jmu/index_files/idm_uio.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Last-Modified Fri, 13 Apr 2018 19:32:35 GMT Server Oracle-HTTP-Server-11g ETag "260212-a53e-569bfef1edac0" Content-Language en Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=989 Content-Length 42302
GET H/1.1	200 OK	error.png login.jmu.edu/images/silk/	666 B 1 KB	400ms 100ms	Image image/png	134.126.6.131 JMUNET
General Check archive.org Show headers Download Go to Show image Full URL https://login.jmu.edu/images/silk/error.png Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 134.126.6.131 Harrisonburg, United States, ASN10357 (JMUNET, US), Reverse DNS login.jmu.edu Software Oracle-HTTP-Server-11g / Resource Hash 011f4e33d86b448078a2bd56b7060770b2c079e86aad2b7298ab0db216758f34 Request headers Referer http://jaluzi-tut.by/bx/jmu/index_files/idm_uio.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Last-Modified Fri, 13 Apr 2018 19:32:35 GMT Server Oracle-HTTP-Server-11g ETag "260143-29a-569bfef1edac0" Content-Language en Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=998 Content-Length 666
GET H/1.1	200 OK	exclamation.png login.jmu.edu/images/silk/	701 B 1 KB	415ms 104ms	Image image/png	134.126.6.131 JMUNET
General Check archive.org Show headers Download Go to Show image Full URL https://login.jmu.edu/images/silk/exclamation.png Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 134.126.6.131 Harrisonburg, United States, ASN10357 (JMUNET, US), Reverse DNS login.jmu.edu Software Oracle-HTTP-Server-11g / Resource Hash c89b56c55b934b1f05ef01d47aa7169b5ca0322c37d1fcf62b067d660eb29f12 Request headers Referer http://jaluzi-tut.by/bx/jmu/index_files/idm_uio.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Last-Modified Fri, 13 Apr 2018 19:32:35 GMT Server Oracle-HTTP-Server-11g ETag "c0137-2bd-569bfef1edac0" Content-Language en Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=15, max=992 Content-Length 701
GET H/1.1	404 Not Found	index.cgi Show response jaluzi-tut.by/cgi-bin/timecheck/	344 B 519 B	33ms 33ms	XHR text/html	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/cgi-bin/timecheck/index.cgi?ts=1580734874 Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/index_files/jquery.js.download Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / Resource Hash 5fe99faae36cab30611b7aa71945292de11837eac045518242884eec2b3b06d4 Request headers Accept */* Referer http://jaluzi-tut.by/bx/jmu/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Mon, 03 Feb 2020 13:01:14 GMT Server nginx/1.16.1 Connection keep-alive Content-Length 344 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Страница не найдена!	information.html Show response jaluzi-tut.by/docs/	4 KB 2 KB	241ms 241ms	XHR text/html	2a0a:7d80:1:7::100:48 BELPAK-AS BELPAK
General Check archive.org Show headers Download Go to Full URL http://jaluzi-tut.by/docs/information.html Requested by Host: jaluzi-tut.by URL: http://jaluzi-tut.by/bx/jmu/index_files/jquery.js.download Protocol HTTP/1.1 Server 2a0a:7d80:1:7::100:48 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY), Reverse DNS Software nginx/1.16.1 / PHP/5.3.29 Resource Hash 771d7ad99a9bd10e3846f8932a733b0517613a6126e51212d1f8d9703c725dbe Request headers Accept text/html, */*; q=0.01 Referer http://jaluzi-tut.by/bx/jmu/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Mon, 03 Feb 2020 13:01:14 GMT Content-Encoding gzip Server nginx/1.16.1 X-Powered-By PHP/5.3.29 Transfer-Encoding chunked P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-cache X-Logged-In False Connection keep-alive Content-Type text/html; charset=utf-8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: US Universities (Education)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| $error string| error

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			jaluzi-tut.by/	1969-12-31 23:59:59	Name: 933d0cb82346bffd1a8576e21c091972 Value: ilglsppvr8tpikisea4r4ckaf6

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jaluzi-tut.by
login.jmu.edu
134.126.6.131
2a0a:7d80:1:7::100:48
011f4e33d86b448078a2bd56b7060770b2c079e86aad2b7298ab0db216758f34
03675e0468a49bd391f9a5884df58ae0733a0e1ab1c2b5933c35abf407dded93
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
4f4d7fe1e003476ba160a85d9fa576c3d4130810e16d197ac3c6dfb633fca78f
51f7b654e570c811bd982327dba5521f35a86e512809358a0a591cc38d20a94e
5fe99faae36cab30611b7aa71945292de11837eac045518242884eec2b3b06d4
771d7ad99a9bd10e3846f8932a733b0517613a6126e51212d1f8d9703c725dbe
b53bf07a142bb44352453cba670432ce34df3abb4120259b5b667271449601ea
c89b56c55b934b1f05ef01d47aa7169b5ca0322c37d1fcf62b067d660eb29f12
d62a29f007a1d9bb7be14b98fbf95065bfc9fc284ebb34682f867402083ce34f
d8ac8d9fb11ec49917089987b2472be6cc9be470bb59fe952180a13dd223d174
f36f71a3d0e791bb7695901c0c4011e82c3d77b973f9b30d7c7bf9943f3ee29c
f54232a94895d1c0b7515ba5596568ebd49d2c83a2454b3845a3578487b5372f