bob.mustangkin.biz.id Open in urlscan Pro
2606:4700:3037::6815:438d  Malicious Activity! Public Scan

URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Submission: On December 21 via api from US — Scanned from US

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3037::6815:438d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bob.mustangkin.biz.id.
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.
This is the only time bob.mustangkin.biz.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:303... 13335 (CLOUDFLAR...)
9 2
Apex Domain
Subdomains
Transfer
9 mustangkin.biz.id
bob.mustangkin.biz.id
310 KB
9 1
Domain Requested by
9 bob.mustangkin.biz.id bob.mustangkin.biz.id
9 1

This site contains no links.

Subject Issuer Validity Valid
mustangkin.biz.id
GTS CA 1P5
2023-12-21 -
2024-03-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Frame ID: DC363DE10FF3360B408B5FF184802253
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Terms of Service

Page Statistics

9
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

310 kB
Transfer

746 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request termsofservice.html
bob.mustangkin.biz.id/musang/nanas/
15 KB
5 KB
Document
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856f032c378572c7ae8bc608638b20f19e5127122a2320016069344c5d8d2bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8393b02f0b424bd3-BUF
content-encoding
br
content-type
text/html
date
Thu, 21 Dec 2023 22:51:11 GMT
last-modified
Mon, 11 Sep 2023 19:39:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKxHSvEeiBDQ%2BxgxnSO0zXmDnsD%2BMAMJtM9OTqJGaRljEXINmfUEw2DU34Sl204SU5zkzIYvMkMGpQeDXOPM6VGZ5fJBCQg0PzgP%2FG6NCVkIfIDFVAM0bITC02B1imP3hghQr27gQBw83eP13edAY6tn0Q8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sBXWJVtE_l6.css
bob.mustangkin.biz.id/musang/nanas/css/
36 KB
10 KB
Stylesheet
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/css/sBXWJVtE_l6.css
Requested by
Host: bob.mustangkin.biz.id
URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1648423329b6b28cffe0d7e4e37440b75508a6f6e294a43623f8480e4326ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:51:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 19 Aug 2023 01:54:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1242
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6flqIbh2nIq0R28udSMijQhRO52bcNyjzJd2Qg6LlMO7tbJO%2Br5xhoWlXFPuu4NLNLL1Gy2KcwzQ%2BnKzIw9hJiN5UpYcvAXgTqQ3TBIobZlAqBEV0x6wz1wNyDd1U1bmf%2BaSRgGguRSIL208mCRLvpAX%2F9A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8393b0323cec4bd3-BUF
alt-svc
h3=":443"; ma=86400
PQsdvTo0jWu.css
bob.mustangkin.biz.id/musang/nanas/css/
37 KB
9 KB
Stylesheet
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/css/PQsdvTo0jWu.css
Requested by
Host: bob.mustangkin.biz.id
URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4eebaffa2a0f955b1c22963ce122d6b2721c06bb2de5fa598e5b6395877b208

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:51:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 19 Aug 2023 01:55:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1242
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQwoIFI3nIdq1KUsDlyPU8IVvmeYVEwpAfe1ZnpPiPZUrVaRKwEXQV1rf9LLl%2BstHcZotgeSgYtsMlJbAzw%2FZIZtKhKkjDKhgEuCyAP8r%2FpEr4iJpYN97Aa1Kj4wrGo%2FqIpDLtvs78v1yOlIdd7BpJOuR9I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8393b0323cee4bd3-BUF
alt-svc
h3=":443"; ma=86400
9S6WONSXioV.css
bob.mustangkin.biz.id/musang/nanas/css/
810 B
705 B
Stylesheet
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/css/9S6WONSXioV.css
Requested by
Host: bob.mustangkin.biz.id
URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed25d38dd96abfe8f674faa19436788b55109095ca63725fb1210e4f1f5a0fea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:51:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 19 Aug 2023 01:55:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1241
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adMHlJHTDF37XCXZm%2BWe4%2B3%2BmmNSxqituDTtZF3SuezUbI7nHNRmd60KpJiQE%2F2Sh89bhUQSxzLD4%2Bq4LV6dxTsTi4Asq3wPlvMw7a9jd6KJkgJfQxT9ilmetYJWepcvcZkkpGkQtqIqWONNP9WiT%2FEjZho%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8393b0323cef4bd3-BUF
alt-svc
h3=":443"; ma=86400
vRqE9ubQhYU.css
bob.mustangkin.biz.id/musang/nanas/css/
27 KB
6 KB
Stylesheet
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/css/vRqE9ubQhYU.css
Requested by
Host: bob.mustangkin.biz.id
URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9f33ffded27b0f002ed79860a184c3205b52d8a9c43d01833faba8a9c4bfda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:51:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 19 Aug 2023 01:56:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1242
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfM2Pvjf865fwttO78aSTe8ApOnli3btVNT%2B466qK4dDduCf2wNBrcf5%2BRWN1P%2FpjsWVOqGPy5F4Iw4QMffJ8GQ%2BR6y2Tkj3RJrm0ctRfSRuRScUU%2B8EqJXhppGPONJK8uEE1TSHwo4pG0b9WbgROHBGPuM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8393b0323cf04bd3-BUF
alt-svc
h3=":443"; ma=86400
style-pay.css
bob.mustangkin.biz.id/musang/nanas/css/
44 KB
5 KB
Stylesheet
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/css/style-pay.css
Requested by
Host: bob.mustangkin.biz.id
URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c5d4bbfd88778f114aaec06162bb779759ca30339703c4c7e6e294169f560d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:51:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 19 Aug 2023 01:56:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1241
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaVVAmzLWZh2mEsaPKRYXhVdZtluo5yE%2F%2FALudrM1w7dtWq3sZmGUIGj60ReQWjHeUMeGMzcBmI2wMGJBtokhm%2F3JJ%2BLo4UOxV0U8qsBdh6zhW7rqGQ5Fe6ROnGO3p5sgYWWeCSCOBZzkypkUg%2F%2F2op1pDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8393b0323cf14bd3-BUF
alt-svc
h3=":443"; ma=86400
pAy5sS6Se6DC.css
bob.mustangkin.biz.id/musang/nanas/css/
446 KB
133 KB
Stylesheet
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/css/pAy5sS6Se6DC.css
Requested by
Host: bob.mustangkin.biz.id
URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23431b442c844f7284d5acd0e4636400941659175df1991e3db406444553c99b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:51:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 19 Aug 2023 01:57:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1242
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eYkcBN5vNUy5vKWZG%2BW885Cu7nAD4dcNgNHyE6hz2evTLOvDyvHbnf6lN%2F7asFQgrX7q8LnD7oy2p%2B5Jn%2BIEPe16hvuexy9yC5pad5kq78CnpdKjqWqJr1ET9oJ3dsHhHp10LoUhs8XFtz7NxutC%2B821MU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8393b0323cf24bd3-BUF
alt-svc
h3=":443"; ma=86400
a.png
bob.mustangkin.biz.id/musang/nanas/img/
24 KB
24 KB
Image
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/img/a.png
Requested by
Host: bob.mustangkin.biz.id
URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a879ae5ca10bfd663c1fd65b79e4df0ef0d9d0bc76183a3acd57dae4602dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:51:11 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 19:33:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1242
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VeJPzItqYv3I0LCb39Txb8vz8xUGSCUttNenCKyBZOOcCR0su%2BkjqGNFz2LYrnegCCEatLl6RtHB7YhasCNaPjx7FqXqSCYJMwLQlMVa8TvJCg0gKtP9v2F1bL8HdPmuN0jGYkeHYXLGOepbPHMKLAPug1U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8393b0323cf34bd3-BUF
alt-svc
h3=":443"; ma=86400
content-length
24451
101492-blue-security.gif
bob.mustangkin.biz.id/musang/nanas/img/
117 KB
117 KB
Image
General
Full URL
https://bob.mustangkin.biz.id/musang/nanas/img/101492-blue-security.gif
Requested by
Host: bob.mustangkin.biz.id
URL: https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:438d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a28452270079f7834854b18270302bb15e53a0690ff3519a0b1beb93f0b05a4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bob.mustangkin.biz.id/musang/nanas/termsofservice.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 22:51:11 GMT
cf-cache-status
HIT
last-modified
Mon, 11 Sep 2023 19:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1241
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptqaWLkOZX7XlFnJvXqF0lNnpjwbICqe7WidR4%2BbWOp9Mg2NrD0%2FmB1hZg9wwfzJY5ahhLG3kiWIlD5CykME3wRyqXnFxI3b%2BCvRNP6e8HexojhyxG46SqTqGJi0rm%2BuQfomltlyr5C1s%2BXsYw424jxxa3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8393b0323cf44bd3-BUF
alt-svc
h3=":443"; ma=86400
content-length
119376
truncated
/
135 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| mousedwn string| tanggallengkap object| namahari object| namabulan object| tgl number| hari number| tanggal number| bulan number| tahun

0 Cookies