bob.mustangkin.biz.id
Open in
urlscan Pro
2606:4700:3037::6815:438d
Malicious Activity!
Public Scan
Effective URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Submission: On December 22 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.
This is the only time bob.mustangkin.biz.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:303... 2606:4700:3032::ac43:b13a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 11 | 2606:4700:303... 2606:4700:3037::6815:438d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
mustangkin.biz.id
3 redirects
bob.mustangkin.biz.id |
313 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
13 | bob.mustangkin.biz.id |
3 redirects
bob.mustangkin.biz.id
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
mustangkin.biz.id GTS CA 1P5 |
2023-12-21 - 2024-03-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Frame ID: 78E9165EAFF2AE438599D0101317DC17
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Terms of ServicePage URL History Show full URLs
-
http://bob.mustangkin.biz.id/musang/nanas
HTTP 301
https://bob.mustangkin.biz.id/musang/nanas HTTP 301
http://bob.mustangkin.biz.id/musang/nanas/ HTTP 301
https://bob.mustangkin.biz.id/musang/nanas/ Page URL
- https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bob.mustangkin.biz.id/musang/nanas
HTTP 301
https://bob.mustangkin.biz.id/musang/nanas HTTP 301
http://bob.mustangkin.biz.id/musang/nanas/ HTTP 301
https://bob.mustangkin.biz.id/musang/nanas/ Page URL
- https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://bob.mustangkin.biz.id/musang/nanas HTTP 301
- https://bob.mustangkin.biz.id/musang/nanas HTTP 301
- http://bob.mustangkin.biz.id/musang/nanas/ HTTP 301
- https://bob.mustangkin.biz.id/musang/nanas/
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
bob.mustangkin.biz.id/musang/nanas/ Redirect Chain
|
190 B 445 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
termsofservice.html
bob.mustangkin.biz.id/musang/nanas/ |
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sBXWJVtE_l6.css
bob.mustangkin.biz.id/musang/nanas/css/ |
36 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PQsdvTo0jWu.css
bob.mustangkin.biz.id/musang/nanas/css/ |
37 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9S6WONSXioV.css
bob.mustangkin.biz.id/musang/nanas/css/ |
810 B 804 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vRqE9ubQhYU.css
bob.mustangkin.biz.id/musang/nanas/css/ |
27 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style-pay.css
bob.mustangkin.biz.id/musang/nanas/css/ |
44 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pAy5sS6Se6DC.css
bob.mustangkin.biz.id/musang/nanas/css/ |
446 KB 133 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
a.png
bob.mustangkin.biz.id/musang/nanas/img/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
101492-blue-security.gif
bob.mustangkin.biz.id/musang/nanas/img/ |
117 KB 117 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
135 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| mousedwn string| tanggallengkap object| namahari object| namabulan object| tgl number| hari number| tanggal number| bulan number| tahun0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bob.mustangkin.biz.id
2606:4700:3032::ac43:b13a
2606:4700:3037::6815:438d
1a28452270079f7834854b18270302bb15e53a0690ff3519a0b1beb93f0b05a4
1c1648423329b6b28cffe0d7e4e37440b75508a6f6e294a43623f8480e4326ef
23431b442c844f7284d5acd0e4636400941659175df1991e3db406444553c99b
856f032c378572c7ae8bc608638b20f19e5127122a2320016069344c5d8d2bba
88c5d4bbfd88778f114aaec06162bb779759ca30339703c4c7e6e294169f560d
95fdaa6b4173b7bfcc5153c22f7f6a1ce2aa8f8065bcc4fd291696e7d15dd3ed
a4eebaffa2a0f955b1c22963ce122d6b2721c06bb2de5fa598e5b6395877b208
c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675
d7a879ae5ca10bfd663c1fd65b79e4df0ef0d9d0bc76183a3acd57dae4602dcd
df9f33ffded27b0f002ed79860a184c3205b52d8a9c43d01833faba8a9c4bfda
ed25d38dd96abfe8f674faa19436788b55109095ca63725fb1210e4f1f5a0fea