contoh.mediafileviral.ml Open in urlscan Pro
2606:4700:3032::6815:4a36 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://contoh.mediafileviral.ml/
Submission: On August 02 via automatic, source certstream-suspicious (August 2nd 2022, 4:17:38 pm UTC) — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3032::6815:4a36, located in United States and belongs to CLOUDFLARENET, US. The main domain is contoh.mediafileviral.ml.
TLS certificate: Issued by E1 on July 19th 2022. Valid for: 3 months.

This is the only time contoh.mediafileviral.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3032::6815:4a36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.18.182.224 104.18.182.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3038::6815:eae6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8000::154	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
18	9

2 2606:4700:3032::6815:4a36 (United States)

ASN13335 (CLOUDFLARENET, US)

contoh.mediafileviral.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

iconape.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.182.224 (None, )

ASN13335 (CLOUDFLARENET, US)

www.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eae6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mediafire.com www.mediafire.com — Cisco Umbrella Rank: 27898 static.mediafire.com — Cisco Umbrella Rank: 43537	74 KB
2	mediafileviral.ml contoh.mediafileviral.ml	6 KB
1	amsoveasea.com na.apps.amsoveasea.com — Cisco Umbrella Rank: 136075	178 B
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	1 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1011
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 676	83 KB
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4324	29 KB
1	githack.com 1 redirects rawcdn.githack.com — Cisco Umbrella Rank: 106517	636 B
1	iconape.com iconape.com — Cisco Umbrella Rank: 150843	13 KB
18	10

	Domain	Requested by
8	static.mediafire.com	contoh.mediafileviral.ml
2	contoh.mediafileviral.ml	contoh.mediafileviral.ml
1	na.apps.amsoveasea.com	code.jquery.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	contoh.mediafileviral.ml
1	unpkg.com	contoh.mediafileviral.ml
1	code.jquery.com	contoh.mediafileviral.ml
1	raw.githubusercontent.com	contoh.mediafileviral.ml
1	rawcdn.githack.com	1 redirects
1	www.mediafire.com	contoh.mediafileviral.ml
1	iconape.com	contoh.mediafileviral.ml
18	11

This site contains no links.

Subject Issuer	Validity	Valid
*.mediafileviral.ml E1	`2022-07-19` - `2022-10-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-25` - `2023-03-25`	a year	crt.sh
*.mediafire.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-28` - `2022-09-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
na.apps.amsoveasea.com TrustAsia RSA DV TLS CA G2	`2022-05-17` - `2023-05-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://contoh.mediafileviral.ml/
Frame ID: F106AA59CA7AB7405A78C0FF0CB55ACF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DIKA VIRAL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

9
IPs

5
Countries

223 kB
Transfer

553 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://rawcdn.githack.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png HTTP 301
https://raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
contoh.mediafileviral.ml/ 10 KB
3 KB 506ms
411ms Document
text/html 2606:4700:3032::6815:4a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4a36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9947c865d4934e4ede29819eff20878ae8e1494fe362bc50a9e71233808e174

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73481fce08d5929f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 02 Aug 2022 16:17:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08ty54YZN1JYx5z7Rpv%2FXeEdH0x%2BX%2BCT0WPAi%2BSGN7RxTO6p1PhRD9RQBkguQKEVLQ%2Bx%2BEkmRpL8q%2Bv2CcmIGVAxZ4Ms%2FCIar98fBb%2BV23qJrjVKEIl%2FM%2B7pCMXWx%2FseOmtGvk15S8Mktzus%2FfwzlZmdc2r1MYY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
contoh.mediafileviral.ml/css/ 10 KB
2 KB 417ms
414ms Stylesheet
text/css 2606:4700:3032::6815:4a36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://contoh.mediafileviral.ml/css/style.css
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4a36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79340a2230044fbc55fa9e5cd9bf56b2959c3dae53fdf82fc9768df96c792d98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 23 May 2022 22:27:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuwZX7mXQI5xqCZflDDvDhNw%2Bu0dfkaVrg55yQFD2GeQi%2BTgVimktLv3%2F5F8%2Ft0P0lv6y%2F6rCcjQx8x2LK5B%2BhfwSWPl9L%2BLkJ%2BoG2LB7hWBuL6KcYpRGba58%2FCsM4nTKP9TXdsk%2BXlx2F6P3iJ9s25KweHWTUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73481fd0bb8e929f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 mediafire.png
iconape.com/wp-content/png_logo_vector/ 13 KB
13 KB 144ms
47ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iconape.com/wp-content/png_logo_vector/mediafire.png
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce8fb053052f467bce25b2f43f370878c5e5efe1765f662ced8bd2adcb73b1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 304921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13009
pragma: public
last-modified: Fri, 15 Jan 2021 06:46:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rH7PfEPoHGssatEHHab%2F6DQPtC5XVyN%2FNEkomhp6UZJRjZ9NaFLJAyfTfx1%2B2ZB9RY0s5DW4ALVrJNeGCyLAnTbWJjZ6jyiL5lvoSfa%2FPLN2w%2BG2R75px2dvO5XZpsB7Y0uAk7K9%2BKfhSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 73481fd14e6890dc-FRA
expires: Wed, 28 Sep 2022 03:35:30 GMT

GET
H2 200 idn.svg
www.mediafire.com/images/flags_svg/ 238 B
638 B 152ms
60ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mediafire.com/images/flags_svg/idn.svg
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8f449f1f7ef1dca0d94ee726667eec8c4b7e86e865fb927b12ff2774c9a2f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 6246
etag: W/"627185bd-ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73481fd17df090bb-FRA

GET
H2 200 file-video-v3.png
static.mediafire.com/images/filetype/ 2 KB
3 KB 148ms
57ms Image
image/png 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/filetype/file-video-v3.png
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ab807515e08c1191e94fedab15f20c459af2235c27cecee7c581705fbe9dbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:32 GMT
cf-cache-status: HIT
age: 670483
cf-polished: status=not_needed
content-length: 2268
last-modified: Fri, 11 Mar 2016 23:22:56 GMT
server: cloudflare
etag: "56e35350-8dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 24 Aug 2022 21:59:42 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 73481fd17803bbc5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 download.svg
static.mediafire.com/images/icons/svg_light/ 348 B
544 B 151ms
60ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/download.svg
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 7167
etag: W/"627185bd-15c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73481fd17806bbc5-FRA

GET
H2 200 continent-as.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 43 KB
16 KB 150ms
59ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/continent-as.svg
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 6787
etag: W/"627185bd-aae3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73481fd17809bbc5-FRA

GET
H2

200

facebook_text.png
raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/
Redirect Chain

https://rawcdn.githack.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png
https://raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png

28 KB
29 KB

331ms
229ms

Image
image/png

2606:50c0:8000::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png

Requested by

Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/

Protocol

Server

2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-fastly-request-id: 8637b6df38b1580841afcc643b02cd156ce4c52d
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
x-cache-hits: 0
vary: Authorization,Accept-Encoding,Origin
content-length: 28789
x-xss-protection: 1; mode=block
x-served-by: cache-ams21036-AMS
x-github-request-id: B628:1213E:32D5FE:35775B:62E94E1C
x-timer: S1659457053.598245,VS0,VE189
x-frame-options: deny
date: Tue, 02 Aug 2022 16:17:32 GMT
source-age: 0
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
etag: W/"abfa212cc4d7b3d4c8bdcd6b3f8299b10b8d2002dc23c03f0c0843062e616a61"
accept-ranges: bytes
expires: Tue, 02 Aug 2022 16:22:32 GMT

Redirect headers

date: Tue, 02 Aug 2022 16:17:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
location: https://raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4rSWEkHabuAzEPr5xXtI4zOztQ3TPSBT0bN2plC%2F8llXEOE7eyVmoXiIlYRCrKEOcX8kfGPorSkw5CLiRmjQ0Bn1RtECtH1Iyx1mwfumxOTaruYTeuos2z6OD1intZPBedVQ6WGAVr%2B3bPHxA0Y2k0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 73481fd19ea306d5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 191
expires: Wed, 03 Aug 2022 08:38:05 GMT

GET
H2 200 jquery-3.6.0.js Show response
code.jquery.com/ 282 KB
83 KB 120ms
40ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.js
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:32 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-46744"
vary: Accept-Encoding
x-hw: 1659457052.dop232.fr8.t,1659457052.cds164.fr8.hn,1659457052.cds148.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 84714

GET
H2 404 icon.map.js
unpkg.com/footericon@3.7.0/ 0
0 829ms
751ms Script
text/plain 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unpkg.com/footericon@3.7.0/icon.map.js
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 744ms
47ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71ab148cfc90acf719758d5afa6afe0e131647522a2516616e494b7469235752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 15:35:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 02 Aug 2022 16:17:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Aug 2022 16:17:33 GMT

GET
H2 200 link.svg
static.mediafire.com/images/icons/svg_dark/ 375 B
332 B 57ms
56ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/link.svg
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 2946
etag: W/"627185bd-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73481fd80b35bbc5-FRA

GET
H2 200 share.svg
static.mediafire.com/images/icons/svg_dark/ 737 B
517 B 57ms
56ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/share.svg
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 137
etag: W/"627185bd-2e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73481fd80b37bbc5-FRA

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_dark/ 389 B
362 B 67ms
66ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/facebook.svg
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 207
etag: W/"627185bd-185"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73481fd80b39bbc5-FRA

GET
H2 200 add.svg
static.mediafire.com/images/icons/svg_dark/ 199 B
267 B 54ms
53ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/add.svg
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 136
etag: W/"627185bd-c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73481fd80b3abbc5-FRA

GET
H2 200 world.svg
static.mediafire.com/images/backgrounds/download/additional_content/ 143 KB
52 KB 64ms
63ms Image
image/svg+xml 104.18.182.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/download/additional_content/world.svg
Requested by: Host: contoh.mediafileviral.ml
URL: https://contoh.mediafileviral.ml/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.182.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contoh.mediafileviral.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 16:17:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 03 May 2022 19:42:53 GMT
server: cloudflare
age: 253
etag: W/"627185bd-23ce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73481fd80b3bbbc5-FRA

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/ 16 KB
17 KB 121ms
38ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://contoh.mediafileviral.ml
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 19:06:05 GMT
x-content-type-options: nosniff
age: 76288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16720
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 19:06:05 GMT

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 36 B
178 B 848ms
282ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 163588f89d06cdd61b91c33d2e7803974fdb8c2f60235193dafec6b1557e1675

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://contoh.mediafileviral.ml/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Aug 2022 16:17:34 GMT
content-encoding: gzip
server: nginx/1.20.1
content-length: 55
content-type: text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mediafire.com/	1970-01-20 04:57:38	Name: __cf_bm Value: HqFm_z7ZFM.fzPGjhxt9s18SlI8J_wKOlRXkxMX4fyk-1659457052-0-AYYVLHflt2C4LqF2Mz2wGN0jvQamxi0bjsdR6287g7Du1xI0GKgjPXCg+EU0dnrsuMdxEShUZnJeo2WvjQ44Z5k=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://unpkg.com/footericon@3.7.0/icon.map.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
contoh.mediafileviral.ml
fonts.googleapis.com
fonts.gstatic.com
iconape.com
na.apps.amsoveasea.com
raw.githubusercontent.com
rawcdn.githack.com
static.mediafire.com
unpkg.com
www.mediafire.com
104.18.182.224
129.226.2.89
2001:4de0:ac18::1:a:2a
2606:4700:3032::6815:4a36
2606:4700:3038::6815:eae6
2606:4700::6810:7eaf
2606:50c0:8000::154
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
082cecf2da70da88efb1db41dd0096deb999b7b7d1cf8344ca2b37930739a377
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
163588f89d06cdd61b91c33d2e7803974fdb8c2f60235193dafec6b1557e1675
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
20ab807515e08c1191e94fedab15f20c459af2235c27cecee7c581705fbe9dbe
23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a
4342feac38021c4fe3069eba0edf1c2e1b4345e2b548b0afb7ab21b7369b3bc8
5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f
71ab148cfc90acf719758d5afa6afe0e131647522a2516616e494b7469235752
79340a2230044fbc55fa9e5cd9bf56b2959c3dae53fdf82fc9768df96c792d98
8c8f449f1f7ef1dca0d94ee726667eec8c4b7e86e865fb927b12ff2774c9a2f5
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585
a9947c865d4934e4ede29819eff20878ae8e1494fe362bc50a9e71233808e174
b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705
bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce
dce8fb053052f467bce25b2f43f370878c5e5efe1765f662ced8bd2adcb73b1d

contoh.mediafileviral.ml Open in urlscan Pro 2606:4700:3032::6815:4a36 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

80 %IPv6

10 Domains

11 Subdomains

9 IPs

5 Countries

223 kBTransfer

553 kBSize

1 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

contoh.mediafileviral.ml Open in urlscan Pro
2606:4700:3032::6815:4a36 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

9
IPs

5
Countries

223 kB
Transfer

553 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!