itcapital.com.my Open in urlscan Pro
183.78.170.116 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ppg.iainptk.ac.id/.wp-cli/
Effective URL:
https://itcapital.com.my/wordpress/wp-content/uploads/DRS/
Submission: On March 22 via manual (March 22nd 2023, 1:31:19 am UTC) from AU — Scanned from AU

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 183.78.170.116, located in Malaysia and belongs to TECHAVENUE-AP TechAvenue Malaysia, MY. The main domain is itcapital.com.my.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 1st 2023. Valid for: 3 months.

This is the only time itcapital.com.my was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.148.49.148 103.148.49.148	139983 (BCMEDIA-A...) (BCMEDIA-AS-ID PT. Borneo Cakrawala Media)
8	183.78.170.116 183.78.170.116	45785 (TECHAVENU...) (TECHAVENUE-AP TechAvenue Malaysia)
8	1

1 103.148.49.148 (Pontianak, Indonesia) 1 redirects

ASN139983 (BCMEDIA-AS-ID PT. Borneo Cakrawala Media, ID)

ppg.iainptk.ac.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 183.78.170.116 (Malaysia)

ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY)
PTR: d116.mfocus.com.my

itcapital.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	itcapital.com.my itcapital.com.my	332 KB
1	iainptk.ac.id 1 redirects ppg.iainptk.ac.id	260 B
8	2

	Domain	Requested by
8	itcapital.com.my	itcapital.com.my
1	ppg.iainptk.ac.id	1 redirects
8	2

This site contains no links.

Subject Issuer	Validity	Valid
itcr.com.my cPanel, Inc. Certification Authority	`2023-02-01` - `2023-05-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://itcapital.com.my/wordpress/wp-content/uploads/DRS/
Frame ID: D07C663213D864E960481F7A02E71202
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in with myGov - myGov

Page URL History Show full URLs

https://ppg.iainptk.ac.id/.wp-cli/ HTTP 302
https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

332 kB
Transfer

330 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ppg.iainptk.ac.id/.wp-cli/ HTTP 302
https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response itcapital.com.my/wordpress/wp-content/uploads/DRS/ Redirect Chain https://ppg.iainptk.ac.id/.wp-cli/ https://itcapital.com.my/wordpress/wp-content/uploads/DRS/	7 KB 7 KB	1064ms 649ms	Document text/html	183.78.170.116 TECHAVENUE-AP Tec...
General Check archive.org Show headers Download Go to Full URL https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 183.78.170.116 , Malaysia, ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY), Reverse DNS d116.mfocus.com.my Software Apache / Resource Hash `49b59e7e059256c425608bcf28b6ccb97750ec947081db396851591bb4f8c21d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 22 Mar 2023 01:31:03 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked Redirect headers Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Wed, 22 Mar 2023 01:31:02 GMT Keep-Alive timeout=5, max=100 Location https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Server Apache
GET H/1.1	200 OK	mgv2-application.css itcapital.com.my/wordpress/wp-content/uploads/DRS/css/	122 KB 122 KB	256ms 255ms	Stylesheet text/css	183.78.170.116 TECHAVENUE-AP Tec...
General Check archive.org Show headers Download Go to Full URL https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/mgv2-application.css Requested by Host: itcapital.com.my URL: https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 183.78.170.116 , Malaysia, ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY), Reverse DNS d116.mfocus.com.my Software Apache / Resource Hash `2657a8cfd389520e76681ab2c57781c405760417446dda1c23f0749fa93f7077` Request headers accept-language en-AU,en;q=0.9 Referer https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 22 Mar 2023 01:31:04 GMT Last-Modified Tue, 21 Mar 2023 23:03:08 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 125185
GET H/1.1	200 OK	blugov.css itcapital.com.my/wordpress/wp-content/uploads/DRS/css/	69 KB 69 KB	939ms 542ms	Stylesheet text/css	183.78.170.116 TECHAVENUE-AP Tec...
General Check archive.org Show headers Download Go to Full URL https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/blugov.css Requested by Host: itcapital.com.my URL: https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 183.78.170.116 , Malaysia, ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY), Reverse DNS d116.mfocus.com.my Software Apache / Resource Hash `ca72017bbc6457c0fadb84afe2d0657e7a6d2455d8a1def279221c12ed892c3a` Request headers accept-language en-AU,en;q=0.9 Referer https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 22 Mar 2023 01:31:04 GMT Last-Modified Tue, 21 Mar 2023 23:03:08 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 70593
GET H/1.1	200 OK	myGov-cobranded-logo-black.svg itcapital.com.my/wordpress/wp-content/uploads/DRS/css/	63 KB 63 KB	1086ms 688ms	Image image/svg+xml	183.78.170.116 TECHAVENUE-AP Tec...
General Check archive.org Show headers Download Go to Show image Full URL https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/myGov-cobranded-logo-black.svg Requested by Host: itcapital.com.my URL: https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 183.78.170.116 , Malaysia, ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY), Reverse DNS d116.mfocus.com.my Software Apache / Resource Hash `954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d` Request headers accept-language en-AU,en;q=0.9 Referer https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 22 Mar 2023 01:31:04 GMT Last-Modified Tue, 21 Mar 2023 23:03:08 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 64143
GET H/1.1	200 OK	myGov-cobranded-logo-white.svg itcapital.com.my/wordpress/wp-content/uploads/DRS/css/	63 KB 63 KB	947ms 545ms	Image image/svg+xml	183.78.170.116 TECHAVENUE-AP Tec...
General Check archive.org Show headers Download Go to Show image Full URL https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/myGov-cobranded-logo-white.svg Requested by Host: itcapital.com.my URL: https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 183.78.170.116 , Malaysia, ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY), Reverse DNS d116.mfocus.com.my Software Apache / Resource Hash `10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388` Request headers accept-language en-AU,en;q=0.9 Referer https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 22 Mar 2023 01:31:04 GMT Last-Modified Tue, 21 Mar 2023 23:03:08 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 64140
GET H/1.1	200 OK	/ itcapital.com.my/wordpress/wp-content/uploads/DRS/	7 KB 7 KB	872ms 478ms	Stylesheet text/html	183.78.170.116 TECHAVENUE-AP Tec...
General Check archive.org Show headers Download Go to Full URL https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Requested by Host: itcapital.com.my URL: https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 183.78.170.116 , Malaysia, ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY), Reverse DNS d116.mfocus.com.my Software Apache / Resource Hash `49b59e7e059256c425608bcf28b6ccb97750ec947081db396851591bb4f8c21d` Request headers accept-language en-AU,en;q=0.9 Referer https://itcapital.com.my/wordpress/wp-content/uploads/DRS/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 22 Mar 2023 01:31:04 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	blugov-left-chevron-dark.svg itcapital.com.my/wordpress/wp-content/uploads/DRS/css/	256 B 501 B	242ms 242ms	Image image/svg+xml	183.78.170.116 TECHAVENUE-AP Tec...
General Check archive.org Show headers Download Go to Show image Full URL https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/blugov-left-chevron-dark.svg Requested by Host: itcapital.com.my URL: https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/blugov.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 183.78.170.116 , Malaysia, ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY), Reverse DNS d116.mfocus.com.my Software Apache / Resource Hash `af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc` Request headers accept-language en-AU,en;q=0.9 Referer https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/blugov.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 22 Mar 2023 01:31:05 GMT Last-Modified Tue, 21 Mar 2023 23:03:08 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 256
GET H/1.1	200 OK	icon-blugov-info.svg itcapital.com.my/wordpress/wp-content/uploads/DRS/css/	583 B 828 B	240ms 240ms	Image image/svg+xml	183.78.170.116 TECHAVENUE-AP Tec...
General Check archive.org Show headers Download Go to Show image Full URL https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/icon-blugov-info.svg Requested by Host: itcapital.com.my URL: https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/blugov.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 183.78.170.116 , Malaysia, ASN45785 (TECHAVENUE-AP TechAvenue Malaysia, MY), Reverse DNS d116.mfocus.com.my Software Apache / Resource Hash `8c6fcb4fc5d0a351b5dcc2fa918d157ea61e6fb74a4e083509e6dcb93d4ff2f6` Request headers accept-language en-AU,en;q=0.9 Referer https://itcapital.com.my/wordpress/wp-content/uploads/DRS/css/blugov.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Wed, 22 Mar 2023 01:31:05 GMT Last-Modified Tue, 21 Mar 2023 23:03:08 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 583

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

itcapital.com.my
ppg.iainptk.ac.id
103.148.49.148
183.78.170.116
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
2657a8cfd389520e76681ab2c57781c405760417446dda1c23f0749fa93f7077
49b59e7e059256c425608bcf28b6ccb97750ec947081db396851591bb4f8c21d
8c6fcb4fc5d0a351b5dcc2fa918d157ea61e6fb74a4e083509e6dcb93d4ff2f6
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc
ca72017bbc6457c0fadb84afe2d0657e7a6d2455d8a1def279221c12ed892c3a

itcapital.com.my Open in urlscan Pro 183.78.170.116 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

332 kBTransfer

330 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

itcapital.com.my Open in urlscan Pro
183.78.170.116 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

332 kB
Transfer

330 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!