jxkqpdm.officiall-on.my.id
Open in
urlscan Pro
2606:4700:3034::6815:2f63
Malicious Activity!
Public Scan
Submission: On March 17 via automatic, source openphish — Scanned from DE
Summary
This is the only time jxkqpdm.officiall-on.my.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Instagram (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 2606:4700:303... 2606:4700:3034::6815:2f63 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 2 |
ASN13335 (CLOUDFLARENET, US)
jxkqpdm.officiall-on.my.id |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
officiall-on.my.id
jxkqpdm.officiall-on.my.id |
401 KB |
1 |
cdnmetric.com
api.cdnmetric.com — Cisco Umbrella Rank: 996579 |
715 B |
14 | 2 |
Domain | Requested by | |
---|---|---|
13 | jxkqpdm.officiall-on.my.id |
jxkqpdm.officiall-on.my.id
|
1 | api.cdnmetric.com |
jxkqpdm.officiall-on.my.id
|
14 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cdnmetric.com GTS CA 1P5 |
2024-01-31 - 2024-04-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://jxkqpdm.officiall-on.my.id/verif2.php
Frame ID: 6C47D6978ADF76947AAB33B381EE94F2
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
verif2.php
jxkqpdm.officiall-on.my.id/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
jxkqpdm.officiall-on.my.id/haykaljb/css/ |
134 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ehe.jpg
jxkqpdm.officiall-on.my.id/haykaljb/images/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-white.svg
jxkqpdm.officiall-on.my.id/fonts/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-header.png
jxkqpdm.officiall-on.my.id/haykaljb/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myt.png
jxkqpdm.officiall-on.my.id/haykaljb/images/ |
167 KB 168 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
igx.png
jxkqpdm.officiall-on.my.id/haykaljb/images/ |
122 KB 123 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mt.png
jxkqpdm.officiall-on.my.id/haykaljb/images/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
jxkqpdm.officiall-on.my.id/haykaljb/js/ |
155 KB 49 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.js
jxkqpdm.officiall-on.my.id/haykaljb/js/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watermark.css
jxkqpdm.officiall-on.my.id/haykaljb/css/ |
104 B 926 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite.svg
jxkqpdm.officiall-on.my.id/fonts/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
external.html
jxkqpdm.officiall-on.my.id/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
static.js
api.cdnmetric.com/get/ |
137 B 715 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Instagram (Social Network)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| _typeof function| $ function| jQuery function| svg4everybody object| AOS function| simpleParallax function| isTouchDevice object| navArrows number| clientX number| clientY object| innerCursor function| initCursor2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
jxkqpdm.officiall-on.my.id/ | Name: PHPSESSID Value: 6cf38672d432b24ec90c66c4c3d7f78a |
|
jxkqpdm.officiall-on.my.id/ | Name: PHPREFS Value: full |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.cdnmetric.com
jxkqpdm.officiall-on.my.id
188.114.96.3
2606:4700:3034::6815:2f63
06b7c91c11b3f33e8086be63f6bfc30a6f7bd8f596c7318fde0d455d4e996f66
39ca0b17491a6bedb028cf0157951cec5dbfe8e2eb5ca0ce5d1528a3e765971a
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
4eeb68c6e4fe0ddf4fd90d89141cc3902ff7070d20ec8e7c64e89da36bed2af0
8fd70332a89fc34c404227205d65a96908fdb027d1c4dadedf3acc1411ec6c64
92116074b655ddf5166b94584275c36741d0b50d6eec56b0b19fffda36fe1aaf
b373f4c3a8a07ffe8cd303fa460d169789bb08a3779cb0424a242d6dd9f84e8d
c5dfdfc564c4ffcff3bf39bfe09b13c67eae0a1e262b8539bab309972393b0c9
f0839d462f8f476c0ec2176a6cccbd5944d72ae2d65d9f7e8cef3c7766bc8021
f653dfdb5b23d4cd46dc7809a32a6b11ed4179755c9872c6c04193b77a962aa8
fb09b146ace6c742a7e536be388a9b3105a46a39cb3bd3edd8770e0206053a7b