lucah-melayu-18.uidclown.com Open in urlscan Pro
2606:4700:3034::6815:43cf Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lucah-melayu-18.uidclown.com/
Submission: On January 10 via api (January 10th 2024, 3:41:29 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3034::6815:43cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is lucah-melayu-18.uidclown.com.

This is the only time lucah-melayu-18.uidclown.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Telegram (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
12	2606:4700:303... 2606:4700:3034::6815:43cf		13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

12 2606:4700:3034::6815:43cf (United States)

ASN13335 (CLOUDFLARENET, US)

lucah-melayu-18.uidclown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	uidclown.com lucah-melayu-18.uidclown.com	99 KB
12	1

	Domain	Requested by
12	lucah-melayu-18.uidclown.com	lucah-melayu-18.uidclown.com
12	1

This site contains links to these domains. Also see Links.

Domain
telegram.org

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://lucah-melayu-18.uidclown.com/
Frame ID: DB5428B4BBA61E907FE7E0BBFF4983F3
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LUCAH MELAYU VIRAL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

99 kB
Transfer

232 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://telegram.org/

Search URL Search Domain Scan URL

URL: https://telegram.org/dl?tme=dcb35ed3700eccc38f_6622701878519939188
Title: Download

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response lucah-melayu-18.uidclown.com/	9 KB 4 KB	1756ms 1647ms	Document text/html	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `27d7b61a8c98114d5b0a056c5cbc04b3d7053945b42ea430aa2a6d8f8a58db9b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 8436060adf5f741e-MIA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 10 Jan 2024 15:41:22 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFLFOdabE9oEzqDyPdFxcBO%2Fo0wvOtFPrmRDccinS0u%2FaLZ0wMY2RMy3k4dGQDEmBxMTlp2fBbKAus%2F5jP%2FYDnKoehEMVEDcV8nBUJLxNSoBMYtFrtMEIbuuro3szVVnbl1%2FdooKi37VQt0UOWyrB%2B%2F69qtX0EDMMe%2F4"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	main.html lucah-melayu-18.uidclown.com/ast/css/	0 0	320ms 318ms	Stylesheet text/html	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/ast/css/main.html Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:22 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Rp2ZCEmP%2F9YR00qF2VDu1ci8I5ssU%2FuUGv7RJjqa1dwG%2FYRhEYZZ6Fswecd%2B%2F87G8nmd6dmY0bedy49sGhn6toLl2Qa16zBC62nCGl2%2B3Ms0P2sl5wnCmO%2B%2Fzil2mlxyBl55w2ebE11j9feM1umWAWz7pTIKWdDmKoV"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Connection keep-alive CF-RAY 843606156baf741e-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	jquery-3.5.1.min.js lucah-melayu-18.uidclown.com/code.jquery.com/	0 0	78ms 41ms	Script text/html	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/code.jquery.com/jquery-3.5.1.min.js Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:22 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 55 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoTLq4hClsN2Hf64jhaASW22%2FBk7lBYu9HjmuqlIEiSmZZc%2FVCDrh0tM4xDfFvPPvpTMRgCau6YR07Vy0GQlEk0zj3Eu3DhhELywW%2Fi%2BIQGhnZkoSqE230dhIV0lWZB8fkfI%2FLSA1vrqLplT9jrXmAFAlyDIDXY6NAn4"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 8436061598da25a7-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	font-robotoc4ca.css lucah-melayu-18.uidclown.com/haykaljb/css/	7 KB 1 KB	1645ms 1610ms	Stylesheet text/css	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/haykaljb/css/font-robotoc4ca.css Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `49d036c044394dbe84fe6c001dad1733d25fb38f11f8861e78a94f8930b8ec24` Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:23 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 07 Jul 2023 16:03:10 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYdMDZy3YZqVefVgnLDQC2dNhSuU2702nS1drroDgcNet7t0KWwKbknaBFOQOXSdrhCQW4bHk%2BpUp2O0QIFfwEPIg2FqBx5aEZJUjm6caHdX95%2F6Hi3N6amN0b8lc599%2B02dI8jI3esiuk7SagrRQYFKrkEuTV2MRI%2B4"}],"group":"cf-nel","max_age":604800} Content-Type text/css Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 843606159e6b4978-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	bootstrap.mineccb.css lucah-melayu-18.uidclown.com/haykaljb/css/	42 KB 9 KB	1927ms 1892ms	Stylesheet text/css	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/haykaljb/css/bootstrap.mineccb.css Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3` Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:24 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Fri, 07 Jul 2023 16:03:08 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FnabaNMWsjlW9q7e%2FLK1a8vyMX7pQPQePAoiLZqfuEnIaWOmd0t7jHqdUj0X7d5dIoJ2WbsTVWxMur1NzgmOpNNfKq%2BxVV9w%2BNoyoebRyFiSpmPBwjyY%2Fcr6IRhpyD8hYouj9Cgv%2F0%2BVRQ4yDMbv1IM16TmdAJpAv%2Bd3"}],"group":"cf-nel","max_age":604800} Content-Type text/css Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 84360615986f333d-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	telegram0116.css lucah-melayu-18.uidclown.com/haykaljb/css/	113 KB 23 KB	82ms 47ms	Stylesheet text/css	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/haykaljb/css/telegram0116.css Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b9efbe5d820d9076dd1611d0f1cad78fa323bd28ee95a48e6e6f8c366f04afb6` Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:22 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Fri, 07 Jul 2023 16:03:18 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 351 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPlsw1yTv3A1GzT%2BZMjtb4RO%2FNEcM6OtMnLqMZ%2BIfGEUvzzXqwRjmfq8yQdyunTJ6Guv%2FGNgf6qufziC%2FYyQfDw9WWgjuQqZvI2beG2dWBGI60lBtPKJvNbYxOawjOuAk4MSelqDxWdDNaXcpZl6P%2Fz3U15%2BeoNM0jrW"}],"group":"cf-nel","max_age":604800} Content-Type text/css Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 84360615985c67ea-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	IMG-20240109-WA0010.jpg lucah-melayu-18.uidclown.com/	58 KB 59 KB	2190ms 2155ms	Image image/jpeg	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lucah-melayu-18.uidclown.com/IMG-20240109-WA0010.jpg Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3f0efdb3e5f26e98eb29fb54eac0a8716ea48d22894df7b139bfd38b3cb4cef1` Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:24 GMT CF-Cache-Status MISS Last-Modified Tue, 09 Jan 2024 05:15:53 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ocyo7vUhkhZnQnckzv%2BaRSZVDrBgzZm6a5%2BhYrwZgzkefa%2FRKDyZ%2Bz8DYza7XfcWWfxz%2B0cou5QzgKEh21HwjjCAWtZfb0WSO1iWI8C1uueUFIoyVVsGsDT3LYug1rI%2BoBi%2F6hwtKhwwrwBM0ykjP9Bf9ZbsxOPGEHz1"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 843606159f715c63-MIA alt-svc h3=":443"; ma=86400 Content-Length 59721
GET H/1.1	200 OK	tgwallpaper.mineccb.js Show response lucah-melayu-18.uidclown.com/haykaljb/js/	3 KB 2 KB	39ms 39ms	Script application/javascript	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/haykaljb/js/tgwallpaper.mineccb.js Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6` Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:22 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Fri, 07 Jul 2023 16:02:50 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 351 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80Ms3Zi9s8nTtrr0tuvukaBi9p0OU6KUEu5YKkTOMvPR8dAX4UfWvX1v0ZRmb4Tf4I1nkWxRaY9rumLfZ7V1yZqAFQ4d5U7E%2FYIViC3P9XICqdDenGcTZABE6pWtpwgiMIy3PLguehV4MVYylQohb0bdPJD9wNVZh02%2B"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 84360615e94f25a7-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	watermark.css lucah-melayu-18.uidclown.com/haykaljb/css/	104 B 844 B	42ms 41ms	Stylesheet text/css	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/haykaljb/css/watermark.css Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8fd70332a89fc34c404227205d65a96908fdb027d1c4dadedf3acc1411ec6c64` Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:22 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Sun, 16 Jul 2023 01:33:21 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 349 Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5FFz%2FX9lFyvg4V82xhx8KXPKJHzGvJMcFJVccHmsKaRnMNvv6AIpZH%2BLuDSbhBPwdILxtOc5pkhM9iWYbmvj%2BZiybWIeuO5C%2B2%2BxEAcXyfG8krgpqHhSTragIcdYfsCA%2ByEySsz%2B%2BcuuZEclHGJu8diD%2F32RIE46CsN"}],"group":"cf-nel","max_age":604800} Content-Type text/css Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 8436061629bd25a7-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	external.html lucah-melayu-18.uidclown.com/	315 B 315 B	1618ms 1618ms	Image text/html	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://lucah-melayu-18.uidclown.com/external.html?link=http://telegram.org/img/tgme/pattern.svg?1 Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/haykaljb/css/telegram0116.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language en-US,en;q=0.9 Referer http://lucah-melayu-18.uidclown.com/haykaljb/css/telegram0116.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:25 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtM3mVK5J9n15xHuaPfZWGalpQY8iftGltpu8BEAikUTWt%2FToTruusl2F0Wm%2B4aBR1IZZp139Dy26nnmVf3UvtadmNwlj5s%2BG0vsoyaHlBwej1kuXQRVFnT4XGFqJkwbBWTO7909HL9V8fatJFzyFlB7mX0sL3AYq9SD"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Connection keep-alive CF-RAY 843606217d1d333d-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	external.html lucah-melayu-18.uidclown.com/	0 0	1601ms 1600ms	Font text/html	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/external.html?link=http://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/haykaljb/css/font-robotoc4ca.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://lucah-melayu-18.uidclown.com/haykaljb/css/font-robotoc4ca.css Origin http://lucah-melayu-18.uidclown.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:25 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ib4AYVnxjN%2BZCWyOMLab6ErNovNboDBaBLHolxv9bWwSVgf55LDsK%2FmAaMhL6queY1eldOT3OAfbqCddd0bgfAqMgdQG0rkI6LxpkNqckq%2FrhlaMQaZ31Ue3udwEbJsnaKyY%2BMMw33bCMB6CfO5SOXRLeek%2BgclZ%2BZpZ"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Connection keep-alive CF-RAY 84360621786d4978-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	external.html lucah-melayu-18.uidclown.com/	0 0	586ms 586ms	Font text/html	2606:4700:3034::6815:43cf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://lucah-melayu-18.uidclown.com/external.html?link=http://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: lucah-melayu-18.uidclown.com URL: http://lucah-melayu-18.uidclown.com/haykaljb/css/font-robotoc4ca.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:43cf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://lucah-melayu-18.uidclown.com/haykaljb/css/font-robotoc4ca.css Origin http://lucah-melayu-18.uidclown.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 10 Jan 2024 15:41:24 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odiu%2FGzyAcJGniibLc47aslfn07QLejuqHB4eDj6qQOMfzQqQn0bTK7a08h8abHMLOTbu6IiHtEANgrEE1zMxjFsaOiyuT6IGDLsTvB7QlzfGzJELahO%2F%2BRlZQm9NB81RBiX2XO5nm42PZI4JZk43DD38lrCTbA0gOja"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Connection keep-alive CF-RAY 843606217abe741e-MIA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://lucah-melayu-18.uidclown.com/code.jquery.com/jquery-3.5.1.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lucah-melayu-18.uidclown.com/ast/css/main.html Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lucah-melayu-18.uidclown.com/external.html?link=http://telegram.org/fonts/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lucah-melayu-18.uidclown.com/external.html?link=http://telegram.org/fonts/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://lucah-melayu-18.uidclown.com/external.html?link=http://telegram.org/img/tgme/pattern.svg?1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lucah-melayu-18.uidclown.com
2606:4700:3034::6815:43cf
2031e418ee10af8110729b3f327b968462fc0a9d8d1da095387bb472ccd0dee6
27d7b61a8c98114d5b0a056c5cbc04b3d7053945b42ea430aa2a6d8f8a58db9b
3f0efdb3e5f26e98eb29fb54eac0a8716ea48d22894df7b139bfd38b3cb4cef1
49d036c044394dbe84fe6c001dad1733d25fb38f11f8861e78a94f8930b8ec24
8fd70332a89fc34c404227205d65a96908fdb027d1c4dadedf3acc1411ec6c64
b9efbe5d820d9076dd1611d0f1cad78fa323bd28ee95a48e6e6f8c366f04afb6
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
f1d083ffaa644c708f11db29707aa57c19246e6d32643b03fee3f82c17b224b3

lucah-melayu-18.uidclown.com Open in urlscan Pro 2606:4700:3034::6815:43cf Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

99 kBTransfer

232 kBSize

0 Cookies

2 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

lucah-melayu-18.uidclown.com Open in urlscan Pro
2606:4700:3034::6815:43cf Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

99 kB
Transfer

232 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!