amang.nw-terbaru-whs.biz.id
Open in
urlscan Pro
128.199.99.5
Malicious Activity!
Public Scan
URL:
https://amang.nw-terbaru-whs.biz.id/
Submission: On January 13 via api from US — Scanned from US
Submission: On January 13 via api from US — Scanned from US
Summary
This website contacted 5 IPs
in 3 countries
across 4 domains to perform 18 HTTP transactions.
The main IP is 128.199.99.5, located in
Singapore, Singapore and
belongs to DIGITALOCEAN-ASN, US.
The main domain is amang.nw-terbaru-whs.biz.id.
TLS certificate: Issued by R3 on January 9th 2024. Valid for: 3 months.
This is the only time amang.nw-terbaru-whs.biz.id was scanned on urlscan.io!
TLS certificate: Issued by R3 on January 9th 2024. Valid for: 3 months.
This is the only time amang.nw-terbaru-whs.biz.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 13 | 128.199.99.5 128.199.99.5 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 2 | 151.101.65.229 151.101.65.229 | 54113 (FASTLY) (FASTLY) | |
| 2 | 104.16.123.175 104.16.123.175 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 23.236.108.146 23.236.108.146 | 21859 (ZEN-ECN) (ZEN-ECN) | |
| 18 | 5 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
nw-terbaru-whs.biz.id
amang.nw-terbaru-whs.biz.id |
710 KB |
| 2 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 867 |
5 KB |
| 2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324 |
35 KB |
| 1 |
hzmk.site
static-web.hzmk.site — Cisco Umbrella Rank: 101932 |
159 KB |
| 18 | 4 |
| Domain | Requested by | |
|---|---|---|
| 13 | amang.nw-terbaru-whs.biz.id |
amang.nw-terbaru-whs.biz.id
|
| 2 | unpkg.com |
cdn.jsdelivr.net
amang.nw-terbaru-whs.biz.id |
| 2 | cdn.jsdelivr.net |
amang.nw-terbaru-whs.biz.id
cdn.jsdelivr.net |
| 1 | static-web.hzmk.site |
amang.nw-terbaru-whs.biz.id
|
| 18 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| amang.nw-terbaru-whs.biz.id R3 |
2024-01-09 - 2024-04-08 |
3 months | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
| *.hzmk.site AlphaSSL CA - SHA256 - G4 |
2023-07-12 - 2024-08-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://amang.nw-terbaru-whs.biz.id/
Frame ID: 83CDE90A17111EFCFBA19D3909905791
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
BIGO LIVE - Aplikasi Live Streaming Global Terbaik di IndonesiaDetected technologies
Vue.js
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
amang.nw-terbaru-whs.biz.id/ |
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rovideo-js-7.20.2.min.css
amang.nw-terbaru-whs.biz.id/www.bigo.tv/static/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
swiper.min.css
amang.nw-terbaru-whs.biz.id/www.bigo.tv/static/mobile/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
amang.nw-terbaru-whs.biz.id/css/ |
35 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
facebook.css
amang.nw-terbaru-whs.biz.id/css/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
2.png
amang.nw-terbaru-whs.biz.id/images/ |
157 KB 157 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
4.png
amang.nw-terbaru-whs.biz.id/images/ |
153 KB 153 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
3.png
amang.nw-terbaru-whs.biz.id/images/ |
148 KB 148 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
1.png
amang.nw-terbaru-whs.biz.id/images/ |
162 KB 162 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fbl.png
amang.nw-terbaru-whs.biz.id/images/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bigo.33589b.png
amang.nw-terbaru-whs.biz.id/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ionicons.js
cdn.jsdelivr.net/gh/styleiconss/jquery3.6.0@master/ |
1012 B 931 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ionicons.esm.js
unpkg.com/ionicons@5.0.0/dist/ionicons/ |
262 B 549 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon.io.js
cdn.jsdelivr.net/gh/styleiconss/jquery.3.6.0@main/ |
105 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
search.2d4cce.png
amang.nw-terbaru-whs.biz.id/_nuxt_cdn_/img/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
swiper-id.jpg
static-web.hzmk.site/as/bigo-static/officialWebsite/68765/ |
159 KB 159 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
m_banner3.fb8a1c.jpg
amang.nw-terbaru-whs.biz.id/_nuxt_cdn_/img/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
301 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
432 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p-af480238.js
unpkg.com/ionicons@5.0.0/dist/ionicons/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| openfcbksalz function| $ function| jQuery function| __sc_import_ionicons0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amang.nw-terbaru-whs.biz.id
cdn.jsdelivr.net
static-web.hzmk.site
unpkg.com
104.16.123.175
128.199.99.5
151.101.65.229
23.236.108.146
08225dd2efa15614d9d1ec8a07577cec3e91b286dfc868bc25311698851e05e9
08b53ae121430e19326c93952afc426b72697b98b237b06dff7ebde61ac4e5eb
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
25929e57aa954c9cbb9934b326bd8d7b213802bf4a7477eed0c34790bcda12e6
2812bec246104a60758c9786901b200fd5190b20d4b3f6344ad366eaca9beef2
28a06f4491def3fdc69ddefa5c850a2583ff312997aef3498e2f12e384c45115
2ef3fd7fcfb5191cca6f439e8c42ab5f0895a1cd547491fdfae599bab8a8d3d8
35a79935107f53fa3b2f923363b50be53bd42e446f64f457c5e74a526bfa29b9
377ca57bb1eeaa23b60958ef2552015626df047726a02e097467750ce7b6d2d4
54cec504adeffec747181873e28e06954745f8df0438dbfbb97d4de833247e59
5c4a78c845332692784d5263b44e05962511b8ca16bd3286d53d69d755dcf2b7
6edda5ae05f52b19ae02a052c1ddb0dda8108725498920862f18590d3a83df8b
ab35f7f245212a15c0892014e66d0801501c5f5891628e88bce0333f6e57a560
adf4874f64542c0493493aa659dd03a7fdebd8d5ca1b01288862b56521aa4943
ce960e6ece780a803b15f5adc3141fc41859c7a10eaced6e5eeb86fdef0dac1a
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e29a3a25de57ccf169ba63e92513c08eb3b0b908c0d63af58847e8ffc3909a14