mediafireviralygy.duckdns.org
Open in
urlscan Pro
40.83.118.169
Malicious Activity!
Public Scan
Submission: On April 09 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 7th 2022. Valid for: 3 months.
This is the only time mediafireviralygy.duckdns.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 40.83.118.169 40.83.118.169 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 3.64.163.50 3.64.163.50 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 172.96.160.123 172.96.160.123 | 23470 (RELIABLESITE) (RELIABLESITE) | |
1 | 2606:4700:7::... 2606:4700:7::a29f:9904 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3038::6815:eb02 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2404:6800:400... 2404:6800:4004:80c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 18.65.223.98 18.65.223.98 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2600:9000:221... 2600:9000:2219:8c00:c:5e3e:d280:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 10 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mediafireviralygy.duckdns.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-163-50.eu-central-1.compute.amazonaws.com
jefanya.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-223-98.nrt57.r.cloudfront.net
api.pubgameshowtime.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ibb.co
i.ibb.co — Cisco Umbrella Rank: 13776 |
878 KB |
7 |
duckdns.org
mediafireviralygy.duckdns.org |
164 KB |
1 |
inews.co.id
img.inews.co.id — Cisco Umbrella Rank: 114522 |
26 KB |
1 |
pubgameshowtime.com
api.pubgameshowtime.com |
426 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 |
947 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 238 |
28 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 647 |
30 KB |
1 |
stickpng.com
assets.stickpng.com — Cisco Umbrella Rank: 121005 |
150 KB |
1 |
medium.com
miro.medium.com — Cisco Umbrella Rank: 12387 |
89 KB |
1 |
jefanya.com
jefanya.com |
|
22 | 10 |
Domain | Requested by | |
---|---|---|
7 | i.ibb.co |
mediafireviralygy.duckdns.org
|
7 | mediafireviralygy.duckdns.org |
mediafireviralygy.duckdns.org
|
1 | img.inews.co.id |
mediafireviralygy.duckdns.org
|
1 | api.pubgameshowtime.com |
cdnjs.cloudflare.com
|
1 | fonts.googleapis.com |
mediafireviralygy.duckdns.org
|
1 | cdnjs.cloudflare.com |
mediafireviralygy.duckdns.org
|
1 | code.jquery.com |
mediafireviralygy.duckdns.org
|
1 | assets.stickpng.com |
mediafireviralygy.duckdns.org
|
1 | miro.medium.com |
mediafireviralygy.duckdns.org
|
1 | jefanya.com |
mediafireviralygy.duckdns.org
|
22 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mediafireviralygy.duckdns.org cPanel, Inc. Certification Authority |
2022-04-07 - 2022-07-06 |
3 months | crt.sh |
jefanya.com R3 |
2022-03-14 - 2022-06-12 |
3 months | crt.sh |
ibb.co R3 |
2022-04-07 - 2022-07-06 |
3 months | crt.sh |
medium.com Cloudflare Inc ECC CA-3 |
2022-02-26 - 2022-05-27 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-22 - 2022-09-21 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-03-21 - 2022-06-13 |
3 months | crt.sh |
api.pubgameshowtime.com Amazon |
2020-04-17 - 2021-05-17 |
a year | crt.sh |
*.inews.co.id AlphaSSL CA - SHA256 - G2 |
2020-06-29 - 2022-06-30 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://mediafireviralygy.duckdns.org/
Frame ID: 79866B154D6282ADF7D208473AD7AD24
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Whatsapp Group LinkDetected technologies
Medium (Blogs) ExpandDetected patterns
- medium\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mediafireviralygy.duckdns.org/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
debug.js
jefanya.com/js/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
mediafireviralygy.duckdns.org/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.css
mediafireviralygy.duckdns.org/css/ |
4 KB 883 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG-20211101-152657.jpg
i.ibb.co/QkGWZVZ/ |
94 KB 94 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG-20211101-152226.jpg
i.ibb.co/VSHr0Fg/ |
74 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img1635753361174.png
i.ibb.co/5shNSPj/ |
369 KB 370 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG-20211101-153011.jpg
i.ibb.co/zPq8QKk/ |
96 KB 96 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG-20211101-153234.jpg
i.ibb.co/zbwMxTj/ |
77 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG-20211101-153448.jpg
i.ibb.co/T4ZwdHc/ |
105 KB 105 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
IMG-20211101-153840.jpg
i.ibb.co/Jy532pN/ |
61 KB 61 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*ptDX0HfJCYpo9Pcs.gif
miro.medium.com/max/1600/ |
88 KB 89 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facebook_text.png
mediafireviralygy.duckdns.org/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
580b57fcd9996e24bc43c543.png
assets.stickpng.com/images/ |
149 KB 150 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ |
85 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 947 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bege.jpeg
mediafireviralygy.duckdns.org/css/ |
91 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
thin.ttf
mediafireviralygy.duckdns.org/css/ |
39 KB 19 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getcountry
api.pubgameshowtime.com/ip/ |
60 B 426 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Korea.jpg
img.inews.co.id/media/600/files/inews_new/2019/08/28/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font.ttf
mediafireviralygy.duckdns.org/css/ |
39 KB 19 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| shortcut function| $ function| jQuery object| desc object| more function| checkip1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.medium.com/ | Name: __cfruid Value: 121611c68945b644b2b70afe82252a92de5bf698-1649520411 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.pubgameshowtime.com
assets.stickpng.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
i.ibb.co
img.inews.co.id
jefanya.com
mediafireviralygy.duckdns.org
miro.medium.com
172.96.160.123
18.65.223.98
2001:4de0:ac18::1:a:2b
2404:6800:4004:80c::200a
2600:9000:2219:8c00:c:5e3e:d280:93a1
2606:4700:3038::6815:eb02
2606:4700:7::a29f:9904
2606:4700::6811:180e
3.64.163.50
40.83.118.169
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0b34c163d2d813da14c86a6fe080428d497382808c79cc2a6b70a734b2485978
139fc22ed87280a2011dfa727ece25c6af12cd433576980a0a6c29e9bc1e5faf
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e4eb8304ef3864eba148d5d2a6a803fc9efe1b8d415d9b7e50a5ca7500a9d67
2b41bf0d6a4c0e59949024d5ae650bd9f4899bb4cffad0f61b74b027df94b6cb
3153a06ba18e39e65902144be0e71ca8c0f14ac948a719c6aa8642414c1db3f3
52d1465e72a493020ea372f3447d406b3eb2e22fb21c9433a8103b70d5341e59
6107e83ad8d607e6c17962d7cd12e15b13e56b88eeba169d5e394c7d55ef45fa
74b8457bf6fc94155d74fcf2c8fab6809e5a3bf251c2ab007f334cfc96aa9cb9
7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6
8bc08c12d076f8195d02ad7e2b8b30c8801ee5f54f62c266d62f3ba2de849861
8e6ae93c91ba75869d03d3a3811f567219fcfc5fa1db46a2542251de3319e4db
c2f413ec031122040ebc7dd93353b86cf8b29569f922838d04283425eb0c4fca
cabca93bbc61d812533fef8027de3b871e3496a47f7a75629eab7bed2f95be85
d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8
d4a3df6bfa080cbd0aa251806a22d84c310ea5aceb96b78a4f346febbbefb2a9
d6c84700e9df89c5ac2d1ecd075b8e6c2e287375cf87098e76e4dd0195766ea8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc38486ae929ac77f93331fa8afcdb1c6c7b7af2b03da4ceaf4b7f9ab5f35eee
fd79d74b0f5b09ecf9ae000cc66dc9d794fd5fc17534571385085972fd9f46fc