![](/screenshots/66e1cd13-fb49-4176-80ee-72017b7024d0.png)
ygijn.buggg.biz.id
Open in
urlscan Pro
188.114.97.3
Malicious Activity!
Public Scan
Submission: On June 06 via api from US — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.
This is the only time ygijn.buggg.biz.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 2606:4700:7::... 2606:4700:7::a29f:9804 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 162.19.58.158 162.19.58.158 | 16276 (OVH) (OVH) | |
1 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
1 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 13.32.99.108 13.32.99.108 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 7 |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-108.fra60.r.cloudfront.net
api.pubgameshowtime.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
buggg.biz.id
ygijn.buggg.biz.id |
577 KB |
2 |
medium.com
1 redirects
miro.medium.com — Cisco Umbrella Rank: 18176 |
90 KB |
1 |
pubgameshowtime.com
api.pubgameshowtime.com |
457 B |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70 |
875 B |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 354 |
42 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 824 |
30 KB |
1 |
co.com
i.ibb.co.com — Cisco Umbrella Rank: 131419 |
107 KB |
22 | 7 |
Domain | Requested by | |
---|---|---|
16 | ygijn.buggg.biz.id |
ygijn.buggg.biz.id
|
2 | miro.medium.com |
1 redirects
ygijn.buggg.biz.id
|
1 | api.pubgameshowtime.com |
cdn.jsdelivr.net
|
1 | fonts.googleapis.com |
ygijn.buggg.biz.id
|
1 | cdn.jsdelivr.net |
ygijn.buggg.biz.id
|
1 | code.jquery.com |
ygijn.buggg.biz.id
|
1 | i.ibb.co.com |
ygijn.buggg.biz.id
|
22 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
buggg.biz.id GTS CA 1P5 |
2024-04-25 - 2024-07-24 |
3 months | crt.sh |
ibb.co R3 |
2024-04-22 - 2024-07-21 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-05-21 - 2024-08-13 |
3 months | crt.sh |
api.pubgameshowtime.com Amazon |
2020-04-17 - 2021-05-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ygijn.buggg.biz.id/index.php
Frame ID: 53F445D9D21AF2EB6813E3A83F2EC3D5
Requests: 22 HTTP requests in this frame
Screenshot
![](/screenshots/66e1cd13-fb49-4176-80ee-72017b7024d0.png)
Page Title
Whatsapp Group LinkDetected technologies
Detected patterns
- medium\.com
Detected patterns
- \.php(?:$|\?)
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://miro.medium.com/max/1600/0*ptDX0HfJCYpo9Pcs.gif HTTP 301
- https://miro.medium.com/v2/resize:fit:1600/0*ptDX0HfJCYpo9Pcs.gif
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
index.php
ygijn.buggg.biz.id/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
ygijn.buggg.biz.id/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facebook.css
ygijn.buggg.biz.id/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b1.png
ygijn.buggg.biz.id/img/ |
114 KB 115 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b2.png
ygijn.buggg.biz.id/img/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b3.png
ygijn.buggg.biz.id/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b4.png
ygijn.buggg.biz.id/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b5.png
ygijn.buggg.biz.id/img/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b6.png
ygijn.buggg.biz.id/img/ |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b7.png
ygijn.buggg.biz.id/img/ |
90 KB 90 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0*ptDX0HfJCYpo9Pcs.gif
miro.medium.com/v2/resize:fit:1600/ Redirect Chain
|
89 KB 90 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
facebook_text.png
ygijn.buggg.biz.id/img/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
images-64-removebg-preview.png
i.ibb.co.com/xSX29xy/ |
106 KB 107 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slim.js
cdn.jsdelivr.net/gh/stylesheett/jquery.min.js@main/ |
178 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 875 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixelcut-export.jpeg
ygijn.buggg.biz.id/css/ |
192 KB 193 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
thin.ttf
ygijn.buggg.biz.id/css/ |
39 KB 20 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getcountry
api.pubgameshowtime.com/ip/ |
59 B 457 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
ygijn.buggg.biz.id/ |
1 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Dua-bocil-main-lesbi~2-min.jpg
ygijn.buggg.biz.id/css/ |
17 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font.ttf
ygijn.buggg.biz.id/css/ |
39 KB 20 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| shortcut function| $ function| jQuery object| desc object| more function| checkip1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.medium.com/ | Name: _cfuvid Value: Tzj0L_iWTj9GNpjvYulcSh49k16PbzsXhSH2Q1Z_R7s-1717662314509-0.0.1.1-604800000 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.pubgameshowtime.com
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
i.ibb.co.com
miro.medium.com
ygijn.buggg.biz.id
13.32.99.108
162.19.58.158
188.114.97.3
2606:4700:7::a29f:9804
2a00:1450:4001:828::200a
2a04:4e42:200::649
2a04:4e42:400::485
03732299bf8b6c644b84980d28fe1d750f0877e8b4d2682e155292e8f6759c6d
0866c5e44b4d3efcb67877286450d7ba6d8b6c0686c2cb00de59b8cff934f7ac
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
139d8b536e1f8b185d0b2605deecf8f6eea996ac073d89c80f24b75c50c604ec
139fc22ed87280a2011dfa727ece25c6af12cd433576980a0a6c29e9bc1e5faf
23501a98c861866f763a6fb0f7abf00daf2a55789b27cad6324361d8873afdde
30fd54eee527bda253b3f9c77b8bf581954036ea99bd8af3643a4ebf87b5b409
3153a06ba18e39e65902144be0e71ca8c0f14ac948a719c6aa8642414c1db3f3
3fc1f63cf29273728c6ecc57077b36d94695ed29561d77d87efc3a3235476211
445ae5f5f84647e8c00d157ab454b2948c4fcb33e4a99c05731ed3babfccce32
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
528f4b4a7a786bd932f5c6cb0860de4803f57e31fc1fe216e7caacf781d88e95
5af6632697dadadacdefd2707be9e4cc92cb5f14396da0fe0fcaaaa95713314b
6b612caa1bd1dcc14f020904e76bc3cf6c08df860d9e365f8beebcefedea4707
7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6
80ff22ef551e3b678d1d0044f374cedff1e6ea42b9289a4649dd3f7c9c910974
844d39ee9209673225c50eef9ca3c727be677c19acfcd57fae34c7dbf365911f
ad76256e90e88a71172c4aaabfbf5ed8552c31264fe7dbbfd83870075e294389
c142a48e4458bce5b5daaa36caa12e36b57cce13ecdf8be055964d569e76dbec
c95bd90e8b7ef0ad396bf132300705d3be87e5027ff384c8ff6cf18159e5eee2
ce42b273ad347b749734616d0e237c55d8c16271a5a7183f6f1dd977dc6ce653
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d