videoterbaru.group
Open in
urlscan Pro
149.3.170.172
Malicious Activity!
Public Scan
Submission: On November 27 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on November 21st 2021. Valid for: 3 months.
This is the only time videoterbaru.group was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 149.3.170.172 149.3.170.172 | 213373 (IPCONNECT) (IPCONNECT) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2404:6800:400... 2404:6800:4004:81f::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4004:824::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2404:6800:400... 2404:6800:4004:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 46.105.201.240 46.105.201.240 | 16276 (OVH) (OVH) | |
2 | 2404:6800:400... 2404:6800:4004:820::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2404:6800:400... 2404:6800:4004:821::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 158.69.251.190 158.69.251.190 | 16276 (OVH) (OVH) | |
20 | 9 |
ASN16276 (OVH, FR)
PTR: ns546644.ip-158-69-251.net
s4.histats.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
326 KB |
6 |
videoterbaru.group
1 redirects
videoterbaru.group |
114 KB |
3 |
google.com
www.google.com |
21 KB |
2 |
google-analytics.com
www.google-analytics.com |
20 KB |
2 |
histats.com
s10.histats.com s4.histats.com |
5 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
36 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
20 | 7 |
Domain | Requested by | |
---|---|---|
6 | videoterbaru.group |
1 redirects
videoterbaru.group
|
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
3 | www.google.com |
videoterbaru.group
www.gstatic.com www.google.com |
2 | fonts.gstatic.com |
www.google.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
videoterbaru.group
|
1 | www.googletagmanager.com |
videoterbaru.group
|
1 | code.jquery.com |
videoterbaru.group
|
20 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
videoterbaru.group R3 |
2021-11-21 - 2022-02-19 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
histats.com R3 |
2021-10-27 - 2022-01-25 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b/
Frame ID: B3E81C7523BA6BFA5C5CE9706F76D6E2
Requests: 13 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0tDYdAAAAABWK7-Io6TjhoXrReq_CeIHcycj1&co=aHR0cHM6Ly92aWRlb3RlcmJhcnUuZ3JvdXA6NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=bifl53c3jdfx
Frame ID: 8981C9F43A391F15F581886D9280A1C3
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
FacebookPage URL History Show full URLs
-
https://videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b
HTTP 301
https://videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b
HTTP 301
https://videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b/ Redirect Chain
|
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hung.css
videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b/ |
118 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
884 B 998 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hung.js
videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b/ |
249 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hungxxx.png
videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hungfb.png
videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ |
343 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 8981 |
39 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 8981 |
51 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 8981 |
343 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 8981 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8981 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8981 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame 8981 |
102 B 134 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
51 B 185 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client number| __DEV__ function| __annotator function| __bodyWrapper function| __t function| __w function| FB_enumerate function| __m object| babelHelpers function| define function| require function| requireDynamic function| requireLazy function| __d object| Env object| ErrorUtils function| ProfilingCounters object| TimeSlice function| __updateOrientation function| gtag object| dataLayer object| google_tag_manager object| _Hasync object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| closure_lm_168681 object| gaplugins object| gaGlobal object| gaData function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b | Name: m_pixel_ratio Value: 1 |
|
videoterbaru.group/14806d3b27428221729/a3afab94197f3f97ba7fe1836505126b | Name: wd Value: 1600x1200 |
|
.videoterbaru.group/ | Name: _ga Value: GA1.2.1463400795.1637976244 |
|
.videoterbaru.group/ | Name: _gid Value: GA1.2.2099942109.1637976244 |
|
.videoterbaru.group/ | Name: _gat_gtag_UA_120511316_1 Value: 1 |
|
videoterbaru.group/ | Name: HstCfa4563413 Value: 1637976244337 |
|
videoterbaru.group/ | Name: HstCla4563413 Value: 1637976244337 |
|
videoterbaru.group/ | Name: HstCmu4563413 Value: 1637976244337 |
|
videoterbaru.group/ | Name: HstPn4563413 Value: 1 |
|
videoterbaru.group/ | Name: HstPt4563413 Value: 1 |
|
videoterbaru.group/ | Name: HstCnv4563413 Value: 1 |
|
videoterbaru.group/ | Name: HstCns4563413 Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
fonts.gstatic.com
s10.histats.com
s4.histats.com
videoterbaru.group
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
149.3.170.172
158.69.251.190
2001:4de0:ac18::1:a:1b
2404:6800:4004:813::2003
2404:6800:4004:81f::2004
2404:6800:4004:820::200e
2404:6800:4004:821::2003
2404:6800:4004:824::2008
46.105.201.240
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
14e57069e609ec6e895dc88ccdf0b90394d17e5aca393d89a58d4d31355fe383
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
383c1106d2b6a885d3308c247f07b5420dc401be522207777ad0149b61d4a3cf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
63a1a29aca8a2db4dbf628cb46ffda77a8a299aafd89b91584292e8854ceb3b6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8a7e998f1c2daa7bf10fb80e4e0a0945ff9a2ecfd5ec3933e171dd574d6ac640
95d5e647240cbb17cbf18c4ed925b1f59a98def5c2842b43dfafa5689d6b8ab6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a8ede2a89495fc4332d8fbe9c680c87c63347e4ca1e5e4afb08ce9c3e41628
b867b95087fb91cc743b14bcf356f77895e585c883c40fd8bc85ba9251df8840
d10d0d42394de813e2b13fb561f85dae444842ab64f1a67b62b8e687bd0ed5e6
e7523a1ddd0a9ab416b32fa5b5532b3e3056bd8875666eef2d017de1125207f9
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4