baru-terkini.websclick.or.id
Open in
urlscan Pro
104.21.59.93
Malicious Activity!
Public Scan
Submission: On February 28 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on February 26th 2024. Valid for: 3 months.
This is the only time baru-terkini.websclick.or.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 104.21.59.93 104.21.59.93 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 156.146.36.24 156.146.36.24 | 60068 (CDN77 _) (CDN77 _) | |
1 | 13.225.214.72 13.225.214.72 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 151.101.194.137 151.101.194.137 | 54113 (FASTLY) (FASTLY) | |
1 | 152.199.24.185 152.199.24.185 | 15133 (EDGECAST) (EDGECAST) | |
8 | 198.251.81.242 198.251.81.242 | 53667 (PONYNET) (PONYNET) | |
1 | 129.226.2.89 129.226.2.89 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
25 | 8 |
ASN60068 (CDN77 _, GB)
PTR: 137173278.nyc.cdn77.com
cdn.fluidplayer.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-72.ewr50.r.cloudfront.net
images.vexels.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
na.apps.amsoveasea.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
lain.la
pomf2.lain.la — Cisco Umbrella Rank: 760009 |
4 MB |
3 |
websclick.or.id
baru-terkini.websclick.or.id |
35 KB |
2 |
fluidplayer.com
cdn.fluidplayer.com — Cisco Umbrella Rank: 43783 |
56 KB |
1 |
amsoveasea.com
na.apps.amsoveasea.com — Cisco Umbrella Rank: 127146 |
173 B |
1 |
twimg.com
abs.twimg.com — Cisco Umbrella Rank: 3115 |
49 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 729 |
83 KB |
1 |
vexels.com
images.vexels.com — Cisco Umbrella Rank: 173282 |
34 KB |
0 |
catbox.fun
Failed
catbox.fun Failed |
|
0 |
top4top.io
Failed
g.top4top.io Failed h.top4top.io Failed |
|
25 | 9 |
Domain | Requested by | |
---|---|---|
8 | pomf2.lain.la |
baru-terkini.websclick.or.id
|
3 | baru-terkini.websclick.or.id |
baru-terkini.websclick.or.id
|
2 | cdn.fluidplayer.com |
baru-terkini.websclick.or.id
|
1 | na.apps.amsoveasea.com |
code.jquery.com
|
1 | abs.twimg.com |
baru-terkini.websclick.or.id
|
1 | code.jquery.com |
baru-terkini.websclick.or.id
|
1 | images.vexels.com |
baru-terkini.websclick.or.id
|
0 | catbox.fun Failed |
baru-terkini.websclick.or.id
|
0 | h.top4top.io Failed |
baru-terkini.websclick.or.id
|
0 | g.top4top.io Failed |
baru-terkini.websclick.or.id
|
25 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
websclick.or.id GTS CA 1P5 |
2024-02-26 - 2024-05-26 |
3 months | crt.sh |
fluidplayer.com R3 |
2023-12-15 - 2024-03-14 |
3 months | crt.sh |
vexels.com Amazon RSA 2048 M03 |
2024-02-05 - 2025-03-04 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-28 - 2024-07-26 |
a year | crt.sh |
*.lain.la R3 |
2024-01-08 - 2024-04-07 |
3 months | crt.sh |
na.apps.amsoveasea.com TrustAsia RSA DV TLS CA G2 |
2023-04-23 - 2024-05-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://baru-terkini.websclick.or.id/
Frame ID: D488703435F0F50DD3F409FDAFC96B7A
Requests: 33 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
baru-terkini.websclick.or.id/ |
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
baru-terkini.websclick.or.id/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fluidplayer.min.js
cdn.fluidplayer.com/v3/current/ |
227 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p_2307pwq8z1.jpg
g.top4top.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p_2307bd3oz1.jpg
h.top4top.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fb.png
baru-terkini.websclick.or.id/img/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
07f0d7b69ef071571e4ada2f4d6a053a-instagram-icon-colorful.png
images.vexels.com/media/users/3/137198/isolated/preview/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.js
code.jquery.com/ |
282 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
380 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chirp-regular-web.woff
abs.twimg.com/fonts/v2/ |
48 KB 49 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
neko-627f0293ac54b.mp4
catbox.fun/miaw/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
neko-627f023d28d51.mp4
catbox.fun/miaw/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
neko-627f02d9bc79c.mp4
catbox.fun/miaw/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
neko-627f031562df8.mp4
catbox.fun/miaw/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
neko-6280894c74307.mp4
catbox.fun/miaw/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
neko-627f2fc1dee69.mp4
catbox.fun/miaw/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
n77yl7c2.mp4
pomf2.lain.la/f/ |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
527f000.mp4
pomf2.lain.la/f/ |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f4727ii.mp4
pomf2.lain.la/f/ |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8euu3ok.mp4
pomf2.lain.la/f/ |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yepkdanr.mp4
pomf2.lain.la/f/ |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2v48t2pk.mp4
pomf2.lain.la/f/ |
2 MB 2 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7alxgh42.mp4
pomf2.lain.la/f/ |
3 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dyg63861.mp4
pomf2.lain.la/f/ |
2 MB 2 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
547 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
552 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
177 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
351 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
na.apps.amsoveasea.com/swoole/ |
36 B 173 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
834 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
583850a426583410ea8e.svg
cdn.fluidplayer.com/v3/current/ |
18 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
446 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- g.top4top.io
- URL
- https://g.top4top.io/p_2307pwq8z1.jpg
- Domain
- h.top4top.io
- URL
- https://h.top4top.io/p_2307bd3oz1.jpg
- Domain
- catbox.fun
- URL
- https://catbox.fun/miaw/neko-627f0293ac54b.mp4
- Domain
- catbox.fun
- URL
- https://catbox.fun/miaw/neko-627f023d28d51.mp4
- Domain
- catbox.fun
- URL
- https://catbox.fun/miaw/neko-627f02d9bc79c.mp4
- Domain
- catbox.fun
- URL
- https://catbox.fun/miaw/neko-627f031562df8.mp4
- Domain
- catbox.fun
- URL
- https://catbox.fun/miaw/neko-6280894c74307.mp4
- Domain
- catbox.fun
- URL
- https://catbox.fun/miaw/neko-627f2fc1dee69.mp4
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webpackChunkfluid_player object| dashjs function| fluidPlayer function| $ function| jQuery function| checkOTP function| login0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abs.twimg.com
baru-terkini.websclick.or.id
catbox.fun
cdn.fluidplayer.com
code.jquery.com
g.top4top.io
h.top4top.io
images.vexels.com
na.apps.amsoveasea.com
pomf2.lain.la
catbox.fun
g.top4top.io
h.top4top.io
104.21.59.93
129.226.2.89
13.225.214.72
151.101.194.137
152.199.24.185
156.146.36.24
198.251.81.242
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
14141c72c6216939e6bb75bc91769fbbf2fea119e5b066468f0b165d8987da79
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
264c3f377dd3808e5991c4bb5d8f3407b489db04ad76075405785beae325972a
2686c46f04666ea66ec1da9ad99b6f40e43f7a0a53665454f61f25a2d87db779
26e28aa850e131004af0bf63962b2535e0224ee31d06374c7604cdd69fdea9da
41541d044c62f04364cc8402595c83ce6429c2626b49ee1e6bf0453ef7bacdd0
5a672bf724787c3467d9586e71e5aea71e265e132bf695b74d4287288f5d78b6
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
703abc8a0bf4f4cef5d26603893eb7d0b8b030e1a3f01ad046403cf0d3922a50
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
867bf1a5aed242e36581ab359bd6f4c6372c1f256672bc2c721e84abb5bba27d
9ec8008b2cf856c6e9009c26d69ff9c9e619bb961638a4416786d1ad563465aa
c283347262dcd59c3118904644f7fc46577338997961cf336890a822daa55edb
cd241b39c27699faf8e371713bf89e7c1756bdb6622bed6ccc446eaa5762313e
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e46904736f4677f3b1c5e52e7670c0eceaa20a84c7e18885c7efb9176604fc72
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366