nitro.ssilink.co.id - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 103.81.194.218, located in and belongs to . The main domain is nitro.ssilink.co.id.
TLS certificate: Issued by GeoTrust RSA CA 2018 on January 6th 2022. Valid for: a year.

This is the only time nitro.ssilink.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	157.185.188.1 157.185.188.1	54994 (QUANTILNE...) (QUANTILNETWORKS)
3	2.18.234.53 2.18.234.53	16625 (AKAMAI-AS) (AKAMAI-AS)
2	168.235.204.21 168.235.204.21	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	103.81.194.218 103.81.194.218	() ()
7	4

1 157.185.188.1 (Los Angeles, United States) 1 redirects

ASN54994 (QUANTILNETWORKS, US)

uc.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-53.deploy.static.akamaitechnologies.com

img.ucweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.235.204.21 (United States)

ASN54994 (QUANTILNETWORKS, US)

gjtrack.ucweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.81.194.218 (None, )

ASN- ()

nitro.ssilink.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ucweb.com img.ucweb.com — Cisco Umbrella Rank: 72452 gjtrack.ucweb.com — Cisco Umbrella Rank: 71177	4 KB
1	ssilink.co.id nitro.ssilink.co.id	1 KB
1	uc.xyz 1 redirects uc.xyz	163 B
0	Failed function sub() { [native code] }. Failed
7	4

	Domain	Requested by
3	img.ucweb.com	img.ucweb.com
2	gjtrack.ucweb.com	img.ucweb.com
1	nitro.ssilink.co.id	img.ucweb.com
1	uc.xyz	1 redirects
0	data Failed	img.ucweb.com
7	5

This site contains no links.

Subject Issuer	Validity	Valid
ucweb.com DigiCert SHA2 Secure Server CA	`2021-06-22` - `2022-06-27`	a year	crt.sh
*.ucweb.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2023-03-25`	a year	crt.sh
*.ssilink.co.id GeoTrust RSA CA 2018	`2022-01-06` - `2023-02-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://nitro.ssilink.co.id/edcbni/login
Frame ID: CDEBD5CBFB8335B2AC297336F004892B
Requests: 6 HTTP requests in this frame

Frame: ucdownload://data?ref=https%3A%2F%2Fnitro.ssilink.co.id%2Fedcbni%2Flogin
Frame ID: 280366F62EB4DD48998FD6A817622CD2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://uc.xyz/1dFjvC?pub=link HTTP 302
https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html Page URL
https://nitro.ssilink.co.id/edcbni/login Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

5 kB
Transfer

10 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://uc.xyz/1dFjvC?pub=link HTTP 302
https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html Page URL
https://nitro.ssilink.co.id/edcbni/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://uc.xyz/1dFjvC?pub=link HTTP 302
https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	46fe4394dbd2ef8681e4b10e9d4c9e69.html Show response img.ucweb.com/s/uae/g/6l/shareback-link/ Redirect Chain https://uc.xyz/1dFjvC?pub=link https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html	4 KB 1 KB	726ms 639ms	Document text/html	2.18.234.53 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2.18.234.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-53.deploy.static.akamaitechnologies.com Software / Resource Hash `1daedcc1c34bd232e40f666258d21ea1ffcc6cdbebe154f67c6bd89fed0188a9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 66 cache-control max-age=7776000 content-encoding gzip content-length 941 content-type text/html date Thu, 21 Apr 2022 00:41:41 GMT etag 1f3cb09c-1189 expires Wed, 20 Jul 2022 00:41:41 GMT vary Accept-Encoding Redirect headers content-length 0 date Thu, 21 Apr 2022 00:41:40 GMT location https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html server Tengine x-application-context inter-short-url:prod,hsf,dataservice:9000
GET H2	200	style.ac620867a558.css img.ucweb.com/s/uae/g/3k/share-reflux/public/	1 KB 828 B	25ms 24ms	Stylesheet text/css	2.18.234.53 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.ucweb.com/s/uae/g/3k/share-reflux/public/style.ac620867a558.css Requested by Host: img.ucweb.com URL: https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2.18.234.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-53.deploy.static.akamaitechnologies.com Software / Resource Hash `d9bdad28dddd415805f6bf3b6aa8c565ab97978ee44da69d47000ea8ccdcb916` Request headers accept-language de-DE,de;q=0.9 Referer https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 00:41:41 GMT content-encoding gzip age 66 etag b57aa17a-5f4 vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=6029373 content-length 677 expires Wed, 29 Jun 2022 19:31:14 GMT
GET H2	200	main.9a84a82420c3.js Show response img.ucweb.com/s/uae/g/3k/share-reflux/public/	3 KB 2 KB	25ms 24ms	Script text/javascript	2.18.234.53 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.ucweb.com/s/uae/g/3k/share-reflux/public/main.9a84a82420c3.js Requested by Host: img.ucweb.com URL: https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2.18.234.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-53.deploy.static.akamaitechnologies.com Software / Resource Hash `ab3fd3021febfa99bb28ff01282837050e76fe81a7b181a0f2578cdc4b40ad06` Request headers accept-language de-DE,de;q=0.9 Referer https://img.ucweb.com/s/uae/g/6l/shareback-link/46fe4394dbd2ef8681e4b10e9d4c9e69.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Thu, 21 Apr 2022 00:41:41 GMT content-encoding gzip age 66 etag cbcafd7b-c5c vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3346515 content-length 1512 expires Sun, 29 May 2022 18:16:56 GMT
POST H/1.1	200	collect gjtrack.ucweb.com/	0 0	2580ms 241ms	Ping text/plain	168.235.204.21 QUANTILNETWORKS
General Check archive.org Show headers Download Go to Full URL https://gjtrack.ucweb.com/collect?lt=jslog&uc_param_str=dnsnvebipfntnwfrmicplagddn&ev_ac=2001&ev_ct=shareback&appid=4f0f555defc6&share_entry=122&share_type=link&page_url=https%3A%2F%2Fnitro.ssilink.co.id%2Fedcbni%2Flogin&dn=566d83c1-4933-60a4-ab0a-a5c47d432079&spm=1242.shareback.0.0&client=other Requested by Host: img.ucweb.com URL: https://img.ucweb.com/s/uae/g/3k/share-reflux/public/main.9a84a82420c3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 168.235.204.21 , United States, ASN54994 (QUANTILNETWORKS, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://img.ucweb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET		ucdownload://data?ref=https%3A%2F%2Fnitro.ssilink.co.id%2Fedcbni%2Flogin ucdownload://data?ref=https%3A%2F%2Fnitro.ssilink.co.id%2Fedcbni%2Flogin Frame 2803	0 0

POST H/1.1	200	collect gjtrack.ucweb.com/	0 0	724ms 241ms	Ping text/plain	168.235.204.21 QUANTILNETWORKS
General Check archive.org Show headers Download Go to Full URL https://gjtrack.ucweb.com/collect?lt=jslog&uc_param_str=dnsnvebipfntnwfrmicplagddn&ev_ac=2001&ev_ct=shareback&appid=4f0f555defc6&share_entry=122&share_type=link&page_url=https%3A%2F%2Fnitro.ssilink.co.id%2Fedcbni%2Flogin&dn=566d83c1-4933-60a4-ab0a-a5c47d432079&spm=1242.shareback.pageview&ct_type=launch.app&result=0 Requested by Host: img.ucweb.com URL: https://img.ucweb.com/s/uae/g/3k/share-reflux/public/main.9a84a82420c3.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 168.235.204.21 , United States, ASN54994 (QUANTILNETWORKS, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://img.ucweb.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers
GET H/1.1	404 Not Found	Primary Request login Show response nitro.ssilink.co.id/edcbni/	1 KB 1 KB	2503ms 196ms	Document text/html	103.81.194.218
General Check archive.org Show headers Download Go to Full URL https://nitro.ssilink.co.id/edcbni/login Requested by Host: img.ucweb.com URL: https://img.ucweb.com/s/uae/g/3k/share-reflux/public/main.9a84a82420c3.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 103.81.194.218 -, , ASN (), Reverse DNS Software Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.28 / PHP/7.4.28 Resource Hash `397755d946611605bc16edd5e2417575aad30d5c0855c2d97452dda8860d223e` Request headers Referer https://img.ucweb.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 1190 Content-Type text/html; charset=UTF-8 Date Thu, 21 Apr 2022 00:41:47 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.28 X-Powered-By PHP/7.4.28

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: data
URL: ucdownload://data?ref=https%3A%2F%2Fnitro.ssilink.co.id%2Fedcbni%2Flogin

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			img.ucweb.com/	1970-01-20 02:42:45	Name: _dn Value: 566d83c1-4933-60a4-ab0a-a5c47d432079

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nitro.ssilink.co.id/edcbni/login Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data
gjtrack.ucweb.com
img.ucweb.com
nitro.ssilink.co.id
uc.xyz
data
103.81.194.218
157.185.188.1
168.235.204.21
2.18.234.53
1daedcc1c34bd232e40f666258d21ea1ffcc6cdbebe154f67c6bd89fed0188a9
397755d946611605bc16edd5e2417575aad30d5c0855c2d97452dda8860d223e
ab3fd3021febfa99bb28ff01282837050e76fe81a7b181a0f2578cdc4b40ad06
d9bdad28dddd415805f6bf3b6aa8c565ab97978ee44da69d47000ea8ccdcb916

nitro.ssilink.co.id Open in urlscan Pro 103.81.194.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

5 kBTransfer

10 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

nitro.ssilink.co.id Open in urlscan Pro
103.81.194.218 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

5 kB
Transfer

10 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions