malaysia.1dy1.com Open in urlscan Pro
104.21.14.114  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response malaysia.1dy1.com/id1/	7 KB 3 KB	658ms 338ms	Document text/html	104.21.14.114 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://malaysia.1dy1.com/id1/ Protocol HTTP/1.1 Server 104.21.14.114 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6062c84dad8214905441068499eab28629a11de5dd651c0aed48f6481eaacba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 863b23294d6765c1-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html Date Wed, 13 Mar 2024 09:53:31 GMT Last-Modified Mon, 19 Feb 2024 02:32:09 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BoiZszUVIwJORQ0mWCLNYpSFXhTPydGv08ft1LSDnASjto%2FyOHW7lymE3cuUunV1PDQChCOfzwVziV5WHK0miWIXmv2DFpsMRZM%2ByDcL9QAisF0CpL26UBipAFHqG%2FCi%2BerPA%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	main.3c9dcec00d5a12b9aa18.css malaysia.1dy1.com/id1/lib/	81 KB 18 KB	259ms 259ms	Stylesheet text/css	104.21.14.114 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://malaysia.1dy1.com/id1/lib/main.3c9dcec00d5a12b9aa18.css Requested by Host: malaysia.1dy1.com URL: http://malaysia.1dy1.com/id1/ Protocol HTTP/1.1 Server 104.21.14.114 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3e7b79bd9246592718746c638b735658b01250633aacd35dcc7dcff8a4546d8 Request headers accept-language fi-FI,fi;q=0.9 Referer http://malaysia.1dy1.com/id1/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 09:53:31 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Mon, 19 Feb 2024 02:32:09 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmgyCxGVlrgPS9xrpSyOpyrPAp1gLVDc3MkxTDNAn9mZsME1MpNB9BIbH2ygvKaZuXTmC6dmyC3fmNxLh4xAmyYitOqKAyej%2FrTvTnxtjIVQfjkX5CVBw5FuqXYL2yho%2F%2BrB5w%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 863b232b0fc565c1-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	1f1f2-1f1fe.png malaysia.1dy1.com/id1/lib/img-apple-160/	20 KB 20 KB	311ms 311ms	Image image/png	104.21.14.114 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://malaysia.1dy1.com/id1/lib/img-apple-160/1f1f2-1f1fe.png Requested by Host: malaysia.1dy1.com URL: http://malaysia.1dy1.com/id1/ Protocol HTTP/1.1 Server 104.21.14.114 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c5b1e0817a7504af4900ccb7ea89256070d1fa4c9e773292a3774d04f647f82 Request headers accept-language fi-FI,fi;q=0.9 Referer http://malaysia.1dy1.com/id1/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 09:53:31 GMT CF-Cache-Status HIT Last-Modified Mon, 19 Feb 2024 02:32:09 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Z%2FLBSWiaPEd1LANul09NjiiQPsz3iWJ0VynSCcG2J%2FVQpjgwyoQY5jNUrZbs0%2BR4Pi8PSbH5cDd1M%2BV0igJkd6XQEfJqejgdhv4%2BkZRbdyPbvBMsGVr7TaXMjtBeDfiYwC0dw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 863b232b0a359131-FRA alt-svc h3=":443"; ma=86400 Content-Length 19985
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	484ms 62ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: malaysia.1dy1.com URL: http://malaysia.1dy1.com/id1/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language fi-FI,fi;q=0.9 Referer http://malaysia.1dy1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 09:53:31 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 280453 x-cache HIT, HIT content-length 30879 x-served-by cache-lga21981-LGA, cache-hel1410032-HEL last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1710323612.782392,VS0,VE0 etag W/"28feccc0-15d84" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 36, 165614
GET H/1.1	404 Not Found	chat-bg-br.f34cc96fbfb048812820.png malaysia.1dy1.com/id1/lib/	315 B 315 B	273ms 272ms	Image text/html	104.21.14.114 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://malaysia.1dy1.com/id1/lib/chat-bg-br.f34cc96fbfb048812820.png Requested by Host: malaysia.1dy1.com URL: http://malaysia.1dy1.com/id1/lib/main.3c9dcec00d5a12b9aa18.css Protocol HTTP/1.1 Server 104.21.14.114 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language fi-FI,fi;q=0.9 Referer http://malaysia.1dy1.com/id1/lib/main.3c9dcec00d5a12b9aa18.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 09:53:31 GMT Content-Encoding gzip CF-Cache-Status EXPIRED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ2bbgl2qSlbpGKrby4%2FelzGymUjc0V4QppQM3C3cLJyPiInu8rL4Vmw7Kk5dAvryKbO8XjHiscJRUR%2FjLHdoiLqZfHgqX1AcwKBz8h9%2BwPOLskZxFCFOf8YlgVrQlk%2FZPCmAw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 863b232cb9df65c1-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	chat-bg-pattern-light.ee148af944f6580293ae.png malaysia.1dy1.com/id1/lib/	315 B 315 B	319ms 271ms	Image text/html	104.21.14.114 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://malaysia.1dy1.com/id1/lib/chat-bg-pattern-light.ee148af944f6580293ae.png Requested by Host: malaysia.1dy1.com URL: http://malaysia.1dy1.com/id1/lib/main.3c9dcec00d5a12b9aa18.css Protocol HTTP/1.1 Server 104.21.14.114 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language fi-FI,fi;q=0.9 Referer http://malaysia.1dy1.com/id1/lib/main.3c9dcec00d5a12b9aa18.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 09:53:31 GMT Content-Encoding gzip CF-Cache-Status EXPIRED NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvM1%2BlvMt1%2F81Ui%2F%2B8KwWLbIHi2S3dbAHVoQr9xRXY8xgSWlimtLO0NPrF%2FcEzM04YFE3OQh%2BTDHRlh9xijGs0lJbv1bwNTc2G7jHaFRUPp0I%2B%2FNg5ik%2BTArX5DK68ZMF7GirQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 863b232d0c879131-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	telegram-logo.1b2bb5b107f046ea9325.svg malaysia.1dy1.com/id1/lib/	932 B 1 KB	516ms 244ms	Image image/svg+xml	104.21.14.114 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://malaysia.1dy1.com/id1/lib/telegram-logo.1b2bb5b107f046ea9325.svg Requested by Host: malaysia.1dy1.com URL: http://malaysia.1dy1.com/id1/lib/main.3c9dcec00d5a12b9aa18.css Protocol HTTP/1.1 Server 104.21.14.114 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ade1ddec66f6e98e30d8a56b01e7dd9d2c84a8f4dac51bc88d2ab5bc6e5d1a62 Request headers accept-language fi-FI,fi;q=0.9 Referer http://malaysia.1dy1.com/id1/lib/main.3c9dcec00d5a12b9aa18.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Wed, 13 Mar 2024 09:53:32 GMT Content-Encoding gzip CF-Cache-Status HIT Last-Modified Mon, 19 Feb 2024 02:32:09 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTe7d7dovOhq29mP47J6hEuCM6JgArTvWy2umV7V1pUzHffLiTW%2BwcaxonKSyxGivfHfLF29ucEn0%2B7yOGm3%2BmrsemSO421wvhwZ%2B0zEgIR83Xg2ILotPGTvpfODFcPa%2FcUB4w%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Vary Accept-Encoding Cache-Control max-age=14400 Connection keep-alive CF-RAY 863b232e6be965c1-FRA alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	244 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b9e73b25890fe9c309feff6ef849db08babba9c055b169c20815866d264f3ef Request headers accept-language fi-FI,fi;q=0.9 Referer http://malaysia.1dy1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/svg+xml

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Telegram (Instant Messenger)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| flag object| backdrop object| backd object| inpHp object| btnnext function| set_item function| aktip function| loadd

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://malaysia.1dy1.com/id1/lib/chat-bg-br.f34cc96fbfb048812820.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://malaysia.1dy1.com/id1/lib/chat-bg-pattern-light.ee148af944f6580293ae.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
malaysia.1dy1.com
104.21.14.114
151.101.2.137
6b9e73b25890fe9c309feff6ef849db08babba9c055b169c20815866d264f3ef
6c5b1e0817a7504af4900ccb7ea89256070d1fa4c9e773292a3774d04f647f82
a3e7b79bd9246592718746c638b735658b01250633aacd35dcc7dcff8a4546d8
ade1ddec66f6e98e30d8a56b01e7dd9d2c84a8f4dac51bc88d2ab5bc6e5d1a62
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e6062c84dad8214905441068499eab28629a11de5dd651c0aed48f6481eaacba
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d