malaysia.ip1-kd.com Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response malaysia.ip1-kd.com/aplly/	7 KB 3 KB	552ms 524ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://malaysia.ip1-kd.com/aplly/ Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6062c84dad8214905441068499eab28629a11de5dd651c0aed48f6481eaacba Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 85557d68c8a9f170-CDG Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 DN-Request-Id ac125d75160f8be4e9f8283efc4cd041 Date Wed, 14 Feb 2024 12:59:43 GMT Dynamic-Cache-Status REVALIDATED Last-Modified Wed, 06 Dec 2023 02:04:49 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFjTWF%2Fhg5kBdX8rjGhqeYACMfjxVyFFukijWMeBRMekcgXyRMuiuCXoWIKsi9LCQ0xpmlnVavBmU4U90V5ab5tbBvpxJ%2Bm6pgMox%2FnFPQuST%2FI%2BBMmMMITJc4wqjQ5G%2FXJ81I%2BQmJ52uWfyFgap1D7s"}],"group":"cf-nel","max_age":604800} Server cloudflare Strict-Transport-Security max-age=63072000; includeSubDomains; preload Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	main.3c9dcec00d5a12b9aa18.css malaysia.ip1-kd.com/aplly/lib/	81 KB 19 KB	810ms 810ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://malaysia.ip1-kd.com/aplly/lib/main.3c9dcec00d5a12b9aa18.css Requested by Host: malaysia.ip1-kd.com URL: http://malaysia.ip1-kd.com/aplly/ Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3e7b79bd9246592718746c638b735658b01250633aacd35dcc7dcff8a4546d8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer http://malaysia.ip1-kd.com/aplly/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Wed, 14 Feb 2024 12:59:44 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; preload DN-Request-Id ad10ccf53d2fb4d7da5930e2a6f8cc2b CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Encoding gzip Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 06 Dec 2023 02:04:49 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHstYH2PcNwRB5mClgbocBI8cKNhxPmG7FytDeY9a088vM8bE3zzioJWCkcKMPRXeSAV1F3mg3Nr3hE4fXyPuncV%2BfzsgDOtKuPpayfY%2F7Mk%2FOZehGuTb9mEibWenX7y8L5omdApCB%2FJ3GPSJbeFGeFK"}],"group":"cf-nel","max_age":604800} Content-Type text/css Static-Cache-Status MISS Cache-Control max-age=2592000 CF-RAY 85557d6c0d98f170-CDG Expires Fri, 15 Mar 2024 12:59:43 GMT
GET H/1.1	200 OK	1f1f2-1f1fe.png malaysia.ip1-kd.com/aplly/lib/img-apple-160/	20 KB 20 KB	65ms 45ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://malaysia.ip1-kd.com/aplly/lib/img-apple-160/1f1f2-1f1fe.png Requested by Host: malaysia.ip1-kd.com URL: http://malaysia.ip1-kd.com/aplly/ Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c5b1e0817a7504af4900ccb7ea89256070d1fa4c9e773292a3774d04f647f82 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer http://malaysia.ip1-kd.com/aplly/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Wed, 14 Feb 2024 12:59:43 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; preload DN-Request-Id da4d440f69363bd0af1690a794bfb881 CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 71 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 19985 Last-Modified Wed, 06 Dec 2023 02:04:49 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66vp0LNwpewFhoa9pL%2FzXwpZu19mwOiRDYzsoW15obPUeVos6VRyzw0MEq%2FiAKdQMW489TooEmcAKr7DQD%2BErl%2F3CueSaSmRGGL9jjR0GldwbIDYzXK%2B1zojWGMLeFpuZdg1YsZzCpspmvWIl0u4ZvfX"}],"group":"cf-nel","max_age":604800} Content-Type image/png Static-Cache-Status MISS Cache-Control max-age=2592000 Accept-Ranges bytes CF-RAY 85557d6c2be6904c-FRA Expires Fri, 15 Mar 2024 12:58:32 GMT
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	53ms 14ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: malaysia.ip1-kd.com URL: http://malaysia.ip1-kd.com/aplly/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language nl-NL,nl;q=0.9 Referer http://malaysia.ip1-kd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 14 Feb 2024 12:59:43 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 9460896 x-cache HIT, HIT content-length 30879 x-served-by cache-lga21981-LGA, cache-ams21075-AMS last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1707915583.399005,VS0,VE0 etag W/"28feccc0-15d84" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 841125, 37656
GET H/1.1	404 Not Found	chat-bg-br.f34cc96fbfb048812820.png malaysia.ip1-kd.com/aplly/lib/	1 KB 1 KB	575ms 574ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://malaysia.ip1-kd.com/aplly/lib/chat-bg-br.f34cc96fbfb048812820.png Requested by Host: malaysia.ip1-kd.com URL: http://malaysia.ip1-kd.com/aplly/lib/main.3c9dcec00d5a12b9aa18.css Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b25fe0a8ffd906e6afcb2b0cbe2ce64e16bd05c82a352903555c4e4e9cce2a4 Request headers accept-language nl-NL,nl;q=0.9 Referer http://malaysia.ip1-kd.com/aplly/lib/main.3c9dcec00d5a12b9aa18.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Wed, 14 Feb 2024 12:59:44 GMT Content-Encoding gzip DN-Request-Id ddf130436727539d754e5b9d8ef7ae68 CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=utf-8 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLpkgYOhMCUDBAVeE0FCRDNvOWzj9sISaBK8qtttg8gBMLLoQtMd6owbACDW%2BIyuVQqEEgAV38x2Ljt87XrxNkMcqO4MCZEXJt4r0Zeakgo36pZBt1AZ6uDDWvRDnGGpB2sLszVqNH3dShQ4rrvAeGDL"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 Connection keep-alive CF-RAY 85557d713c06f170-CDG alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	chat-bg-pattern-light.ee148af944f6580293ae.png malaysia.ip1-kd.com/aplly/lib/	921 B 921 B	29ms 29ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://malaysia.ip1-kd.com/aplly/lib/chat-bg-pattern-light.ee148af944f6580293ae.png Requested by Host: malaysia.ip1-kd.com URL: http://malaysia.ip1-kd.com/aplly/lib/main.3c9dcec00d5a12b9aa18.css Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b06c09958863fd4f937120a799ced9cd0a49885cbd0d482306ac84e26824e5d7 Request headers accept-language nl-NL,nl;q=0.9 Referer http://malaysia.ip1-kd.com/aplly/lib/main.3c9dcec00d5a12b9aa18.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Wed, 14 Feb 2024 12:59:44 GMT Content-Encoding gzip DN-Request-Id 018f433adb3966efd88bc8fb6f1d71de CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 71 Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=utf-8 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdCjwhCPqX0WkjVjRX4mvH5inV7yO26SAwZFXWtU7VKcVbFq%2Fa%2BLQdO1nqAyDS7%2FOkXlzsp0Jtx0W4oTNEnP0DPRMNeEUwH4w493rQUcEqM%2BvPGEehN57ySy4Y3EAyikzOYeGUf3VyCRgsbNSTC0U7GP"}],"group":"cf-nel","max_age":604800} Cache-Control max-age=14400 Connection keep-alive CF-RAY 85557d7138c8904c-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	telegram-logo.1b2bb5b107f046ea9325.svg malaysia.ip1-kd.com/aplly/lib/	932 B 1 KB	462ms 443ms	Image image/svg+xml	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://malaysia.ip1-kd.com/aplly/lib/telegram-logo.1b2bb5b107f046ea9325.svg Requested by Host: malaysia.ip1-kd.com URL: http://malaysia.ip1-kd.com/aplly/lib/main.3c9dcec00d5a12b9aa18.css Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ade1ddec66f6e98e30d8a56b01e7dd9d2c84a8f4dac51bc88d2ab5bc6e5d1a62 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer http://malaysia.ip1-kd.com/aplly/lib/main.3c9dcec00d5a12b9aa18.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Date Wed, 14 Feb 2024 12:59:44 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; preload DN-Request-Id 15367b72dd2bcab60761afe118dd5de4 CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Content-Encoding gzip Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Wed, 06 Dec 2023 02:04:49 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qtf3tGKD4%2F6Ye7oeBh0sE3QyqPa9Izs7%2FfDF9IQbTYwFoS915AnzMuKIC4VDzbFMr1vVK%2FfOjdEuX7chIBePl3pY4Zq0XzmMbkfTFZev%2BB3D%2B%2FpXWczbKBZXaAq4X6dfxhSzq2yFMxq9KrTtIvp2i%2Fh"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Static-Cache-Status MISS Cache-Control max-age=2592000 CF-RAY 85557d715cb21e6a-FRA Expires Fri, 15 Mar 2024 12:59:44 GMT
GET DATA	200 OK	truncated /	244 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b9e73b25890fe9c309feff6ef849db08babba9c055b169c20815866d264f3ef Request headers accept-language nl-NL,nl;q=0.9 Referer http://malaysia.ip1-kd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers Content-Type image/svg+xml

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| flag object| backdrop object| backd object| inpHp object| btnnext function| set_item function| aktip function| loadd

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://malaysia.ip1-kd.com/aplly/lib/chat-bg-pattern-light.ee148af944f6580293ae.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://malaysia.ip1-kd.com/aplly/lib/chat-bg-br.f34cc96fbfb048812820.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
malaysia.ip1-kd.com
2a04:4e42:400::649
2a06:98c1:3121::3
6b9e73b25890fe9c309feff6ef849db08babba9c055b169c20815866d264f3ef
6c5b1e0817a7504af4900ccb7ea89256070d1fa4c9e773292a3774d04f647f82
9b25fe0a8ffd906e6afcb2b0cbe2ce64e16bd05c82a352903555c4e4e9cce2a4
a3e7b79bd9246592718746c638b735658b01250633aacd35dcc7dcff8a4546d8
ade1ddec66f6e98e30d8a56b01e7dd9d2c84a8f4dac51bc88d2ab5bc6e5d1a62
b06c09958863fd4f937120a799ced9cd0a49885cbd0d482306ac84e26824e5d7
e6062c84dad8214905441068499eab28629a11de5dd651c0aed48f6481eaacba
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d