idpfbeldiu.ydns.eu
Open in
urlscan Pro
103.191.92.3
Malicious Activity!
Public Scan
Submission: On September 23 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on September 22nd 2023. Valid for: 3 months.
This is the only time idpfbeldiu.ydns.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 103.191.92.3 103.191.92.3 | 136052 (IDNIC-IDC...) (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia) | |
1 | 2001:df2:e500... 2001:df2:e500:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
1 | 2404:6800:400... 2404:6800:4004:823::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:824::2003 | 15169 (GOOGLE) (GOOGLE) | |
5 | 4 |
ASN136052 (IDNIC-IDCLOUDHOST-AS-ID PT Cloud Hosting Indonesia, ID)
PTR: ip103-191-92-3.cloudhost.web.id
idpfbeldiu.ydns.eu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
ydns.eu
idpfbeldiu.ydns.eu |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113 |
1 KB |
1 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3616 |
18 KB |
5 | 4 |
Domain | Requested by | |
---|---|---|
2 | idpfbeldiu.ydns.eu |
idpfbeldiu.ydns.eu
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
idpfbeldiu.ydns.eu
|
1 | upload.wikimedia.org |
idpfbeldiu.ydns.eu
|
5 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
idpfbeldiu.ydns.eu R3 |
2023-09-22 - 2023-12-21 |
3 months | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-27 - 2023-11-17 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://idpfbeldiu.ydns.eu/
Frame ID: D8CF0A864074E4CFC6A875944194F575
Requests: 5 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
idpfbeldiu.ydns.eu/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fb_style.css
idpfbeldiu.ydns.eu/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
600px-Facebook_f_logo_%282019%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/5/51/Facebook_f_logo_%282019%29.svg/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
idpfbeldiu.ydns.eu
upload.wikimedia.org
103.191.92.3
2001:df2:e500:ed1a::2:b
2404:6800:4004:823::200a
2404:6800:4004:824::2003
21fa9748efb8c509c94597f75d1784b536bcc05c6df36b25523a51ec14a3c7c4
265c496215d8cf5c4f54127e48da7b0b075674d91454ae3f479b205bcf3c0ef7
5dd5413d9c5dc9802971efb610dd11c8fa5678e2ec853507749cb0d0042b9030
be34d16561b6abda9ce37575299f1f3432d0aad9bf59713abbf314d487922abc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615