singaporesgdpornvideos.massagenow.my.id Open in urlscan Pro
172.67.213.253 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://singaporesgdpornvideos.massagenow.my.id/
Submission: On July 17 via api (July 17th 2024, 5:53:57 am UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 172.67.213.253, located in United States and belongs to CLOUDFLARENET, US. The main domain is singaporesgdpornvideos.massagenow.my.id.
TLS certificate: Issued by WE1 on July 16th 2024. Valid for: 3 months.

This is the only time singaporesgdpornvideos.massagenow.my.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
11	172.67.213.253 172.67.213.253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:10d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:67c:4e8:... 2001:67c:4e8:f004::9	62041 (TELEGRAM) (TELEGRAM)
13	3

11 172.67.213.253 (United States)

ASN13335 (CLOUDFLARENET, US)

singaporesgdpornvideos.massagenow.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:10d6 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.promediateknologi.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:67c:4e8:f004::9 (Amsterdam, Netherlands)

ASN62041 (TELEGRAM, VG)

telegram.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	massagenow.my.id singaporesgdpornvideos.massagenow.my.id	40 KB
1	telegram.org telegram.org — Cisco Umbrella Rank: 6669	15 KB
1	promediateknologi.id assets.promediateknologi.id — Cisco Umbrella Rank: 57181	13 KB
13	3

	Domain	Requested by
11	singaporesgdpornvideos.massagenow.my.id	singaporesgdpornvideos.massagenow.my.id
1	telegram.org
1	assets.promediateknologi.id	singaporesgdpornvideos.massagenow.my.id
13	3

This site contains links to these domains. Also see Links.

Domain
telegram.org

Subject Issuer	Validity	Valid
massagenow.my.id WE1	`2024-07-16` - `2024-10-14`	3 months	crt.sh
promediateknologi.id WE1	`2024-07-16` - `2024-10-14`	3 months	crt.sh
*.telegram.org Go Daddy Secure Certificate Authority - G2	`2023-08-11` - `2024-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://singaporesgdpornvideos.massagenow.my.id/
Frame ID: 84D82BF524C615A8090800EF95367FC3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🔞 𝗦𝗚𝗣 𝗣𝗢𝗥𝗡 𝗩𝗜𝗗𝗘𝗢 🔞

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

68 kB
Transfer

201 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://telegram.org/dl?tme=dcb35ed3700eccc38f_6622701878519939188
Title: Download

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
singaporesgdpornvideos.massagenow.my.id/ 9 KB
4 KB 616ms
490ms Document
text/html 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 523ade7e4db28ce5e196aa55121188b2b6d2aacb3c5672508d0280e40febdc43

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a47f94e599d2ed5-LAX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 17 Jul 2024 05:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AM9kDr82bQuMjJD0tRkQU3%2BfzEEKrJdqn5B5Y0681jE5bJCSGQHnIicSMuRV3i%2F2phwdHV5igr6E32bbbmd5yXCdHOLE4ZOfFgtQnRoIkUgAij08lYYwSSG6yZxsXX5p80W0UOP8zrhKQeZ7B9ps25aDshG6KG5FhgU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 404 main.html
singaporesgdpornvideos.massagenow.my.id/ast/css/ 0
0 280ms
277ms Stylesheet
text/html 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/ast/css/main.html
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fdquo404EnyiSm4yMDsi7VqwG%2FHwcDbZS91fkZItN5zum%2BUOMK6CMA1ywBp5sLFJ6dqWjloIu8Q2b9R6o8VQTIvtPhxZDN8%2BBEEXgc6v5YlkZ%2FnQTk88ZYmMb5IOxX8xL139eiVYD3Y9j4WiuAJnCVdRO6qj%2F04aQbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 8a47f9517d6a2ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 404 jquery-3.5.1.min.js
singaporesgdpornvideos.massagenow.my.id/code.jquery.com/ 0
0 475ms
472ms Script
text/html 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:50 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlLvlXYQ6KYHd%2FzivdvakcYOYvD4mrJOTtOr5wCfWcchGpDC37STgHZ%2FZuzcUNW%2BZmofRq7GC%2B5K%2FUBfTePCdZX9PQfzTtQmnB3AatlXnCZBAG%2FGHei7AAlmWVgVCSBfLddMNx%2FkG8DHDOT1BUPos0yLGOabhKRgD2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 8a47f9517d6c2ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 200 font-robotoc4ca.css
singaporesgdpornvideos.massagenow.my.id/haykaljb/css/ 7 KB
1 KB 462ms
458ms Stylesheet
text/css 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/font-robotoc4ca.css
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d036c044394dbe84fe6c001dad1733d25fb38f11f8861e78a94f8930b8ec24

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 08 Jul 2023 04:03:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvU0zIPunL7D3vYBItq6Vef7vactHKHHcbAk58HfQfDDjLeo3vz%2BOOsvbBwKwjKLlaMVsf9H4WqEseZR%2FrclIZ5Lly7yJ8d1cal0FKo3P20alQJ5M%2BkbhLHsZy8ilg7v12c7Nwru02yLly6ofUPO054v1UKlvQ2qHH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a47f9517d702ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.mineccb.css
singaporesgdpornvideos.massagenow.my.id/haykaljb/css/ 42 KB
9 KB 886ms
882ms Stylesheet
text/css 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/bootstrap.mineccb.css
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 08 Jul 2023 04:03:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HW0NqJmYzA4P46qkagsfK7yDw6oRH42Qc%2BLBKsOOuWW%2BNbxI2B8%2FOtvNNPNehFsDLw%2BtAc%2FRwWX3HqJxt3teoZuUNezcS6WQJWDgC2WJAM0kCthwWK%2BnTGIWmblg9v7%2BRoRtoHFoxIg9KDG%2FAVKH%2BGkeVL5dGWduFzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a47f9517d712ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 200 telegram0116.css
singaporesgdpornvideos.massagenow.my.id/haykaljb/css/ 113 KB
23 KB 1110ms
1106ms Stylesheet
text/css 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/telegram0116.css
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9efbe5d820d9076dd1611d0f1cad78fa323bd28ee95a48e6e6f8c366f04afb6

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 08 Jul 2023 04:03:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bx7dIiGDu0p9ru4NeJc3hLxw4KZrgZ%2FQPgUp0oqsoY8iSK%2Fp9RBZ47A4BnsEa2X9b%2FaqLWBvkoYfxN1EyV22zkX6U8c5dmvFtcSyRZTOLhftd4Vgq5rQAmGAu%2BzrqU3wTCCnPnluEvuuV8yFj0dUUbYI%2BfTsPlWg3mw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a47f9517d722ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H2 200 237242520.jpeg
assets.promediateknologi.id/crop/0x0:0x0/750x500/webp/photo/2022/05/23/ 13 KB
13 KB 254ms
84ms Image
image/webp 2606:4700::6812:10d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.promediateknologi.id/crop/0x0:0x0/750x500/webp/photo/2022/05/23/237242520.jpeg
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:10d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd8d9a9112fba7d987b40d29816a746a71c36fb002c8cbb3fee5114c1393fc9

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:50 GMT
cf-cache-status: HIT
server: cloudflare
age: 1471
etag: "7d4cea339636e132b8ccff7532dbc8ac017199a6"
x-cache-status: MISS
vary: Accept-Encoding
access-control-allow-methods: GET, OPTION
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a47f95288a25367-LAX
content-length: 13110
expires: Thu, 17 Jul 2025 05:53:50 GMT

GET
H3 200 tgwallpaper.mineccb.js Show response
singaporesgdpornvideos.massagenow.my.id/haykaljb/js/ 3 KB
2 KB 482ms
478ms Script
text/javascript 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/js/tgwallpaper.mineccb.js
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 08 Jul 2023 04:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uh15KDGGG9MYqzYdJ87Lo%2FGPCX9VFA1HDa10R%2FgDSJyrNPPCU4LFGvGC8qULFIopUi0fvq%2Bq3N2xbD3XKRq99G3V7%2BhuXVT74SDHCqXmf7GgcF41b1HKmyktWSG8yWz8YnJD%2F276L%2FRamJMNQrzQpedYmYVKiAtyKs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 8a47f9517d742ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 200 watermark.css
singaporesgdpornvideos.massagenow.my.id/haykaljb/css/ 104 B
528 B 969ms
968ms Stylesheet
text/css 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/watermark.css
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd70332a89fc34c404227205d65a96908fdb027d1c4dadedf3acc1411ec6c64

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 16 Jul 2023 13:33:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqd%2BeVFM4INQG4LKz2Gv2gCfroYDIkqTAFmln3cwG13glBMAnDyY43XHDjs8MDpWZk9MfcOXGFldrfX75E0DfJwCZ71wW%2FtdRNjkKGIyBK9uD4ZFxUgyD%2B36vT3ku0ddAlvgpnCGOyiipLF43Ka1%2F1uvRv3hgwTXcpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8a47f9531fae2ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 404 external.html
singaporesgdpornvideos.massagenow.my.id/ 315 B
315 B 1059ms
1059ms Image
text/html 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://singaporesgdpornvideos.massagenow.my.id/external.html?link=http://telegram.org/img/tgme/pattern.svg?1
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/telegram0116.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/telegram0116.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6Zybs9BzWn4EGnoy1eWGfN4bTE%2Fg%2FNO6%2BVhNc5RZTbz0TD4n1fuJoH%2BzVAHYsfFlwVV1Ffq%2FdAks6BfzOeh58h791%2BwsDTGMNa5LXnzhKZZYPnlRSDgxnJec7rKE3rS%2BGyhy0eC7hO57mIqObPwTLAlfBuvRvt5SCA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 8a47f958df582ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 404 external.html
singaporesgdpornvideos.massagenow.my.id/ 0
0 1543ms
1541ms Font
text/html 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/external.html?link=http://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/font-robotoc4ca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/font-robotoc4ca.css
Origin: https://singaporesgdpornvideos.massagenow.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWLKXaUzoQ%2BVh5BIWnHnxWzdVVe%2BShkBVBJL6DoWKgegpIZoww%2FcsHixU%2BeZk3tiln%2FWRxSAjd12d0mdKdzxEmzh2bjxgXUUeVItTuPKI0P7dXwaSEgRKPs8LKYzs%2B2n4yV3qA52SRYK7WYUFoOBN6BM6oqwXATmA4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 8a47f958ff7e2ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 404 external.html
singaporesgdpornvideos.massagenow.my.id/ 0
0 1045ms
1043ms Font
text/html 172.67.213.253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://singaporesgdpornvideos.massagenow.my.id/external.html?link=http://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by: Host: singaporesgdpornvideos.massagenow.my.id
URL: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/font-robotoc4ca.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.213.253 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/haykaljb/css/font-robotoc4ca.css
Origin: https://singaporesgdpornvideos.massagenow.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHQC4hedbhR%2FAIlw1V9cGFVxJPIlDXvhCMhlwQD1QRH5uQ5tZfZJ5mKMHcUz%2FqGXt23pPACCSCIHMRYj7BQq9XVcSkzV7ZkYp4GNULwBRQ9f40doCHtnUwaxHzuLrcoD9sM3IhEW%2BYeMeOOj6voUqLBCOm2p%2FIcAgvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cf-ray: 8a47f958ff812ed5-LAX
alt-svc: h3=":443"; ma=86400

GET
H2 200 favicon.ico
telegram.org/img/ 15 KB
15 KB 1021ms
440ms Other
image/x-icon 2001:67c:4e8:f004::9
TELEGRAM

General

Check archive.org

Show headers Download Go to

Full URL

https://telegram.org/img/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://singaporesgdpornvideos.massagenow.my.id/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 17 Jul 2024 05:53:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 21 Apr 2022 13:47:47 GMT
server: nginx/1.18.0
etag: "62616083-3aee"
content-type: image/x-icon
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15086
expires: Wed, 24 Jul 2024 05:53:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| TWallpaper object| tme_bg function| toggleTheme object| darkMedia

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://singaporesgdpornvideos.massagenow.my.id/ast/css/main.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://singaporesgdpornvideos.massagenow.my.id/code.jquery.com/jquery-3.5.1.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://singaporesgdpornvideos.massagenow.my.id/external.html?link=http://telegram.org/img/tgme/pattern.svg?1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://singaporesgdpornvideos.massagenow.my.id/external.html?link=http://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://singaporesgdpornvideos.massagenow.my.id/external.html?link=http://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.promediateknologi.id
singaporesgdpornvideos.massagenow.my.id
telegram.org
172.67.213.253
2001:67c:4e8:f004::9
2606:4700::6812:10d6
1dd8d9a9112fba7d987b40d29816a746a71c36fb002c8cbb3fee5114c1393fc9
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
49d036c044394dbe84fe6c001dad1733d25fb38f11f8861e78a94f8930b8ec24
4ff54bc38c267dc3a8c95f6ed4590336baaec70433ef15d027ddca608c391e78
523ade7e4db28ce5e196aa55121188b2b6d2aacb3c5672508d0280e40febdc43
8fd70332a89fc34c404227205d65a96908fdb027d1c4dadedf3acc1411ec6c64
b9efbe5d820d9076dd1611d0f1cad78fa323bd28ee95a48e6e6f8c366f04afb6
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

singaporesgdpornvideos.massagenow.my.id Open in urlscan Pro 172.67.213.253 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

68 kBTransfer

201 kBSize

0 Cookies

2 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

singaporesgdpornvideos.massagenow.my.id Open in urlscan Pro
172.67.213.253 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

68 kB
Transfer

201 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!