kingmosque-da.info Open in urlscan Pro
2606:4700:3036::6815:568d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://banco-online.info/
Effective URL:
https://kingmosque-da.info/
Submission: On November 29 via api (November 29th 2023, 12:32:22 pm UTC) from BR — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3036::6815:568d, located in United States and belongs to CLOUDFLARENET, US. The main domain is kingmosque-da.info.
TLS certificate: Issued by GTS CA 1P5 on November 28th 2023. Valid for: 3 months.

This is the only time kingmosque-da.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BDO Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:5574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3036::6815:568d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	1

1 2606:4700:3034::6815:5574 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

banco-online.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3036::6815:568d (United States)

ASN13335 (CLOUDFLARENET, US)

kingmosque-da.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	kingmosque-da.info kingmosque-da.info	105 KB
1	banco-online.info 1 redirects banco-online.info	668 B
12	2

	Domain	Requested by
12	kingmosque-da.info	kingmosque-da.info
1	banco-online.info	1 redirects
12	2

This site contains no links.

Subject Issuer	Validity	Valid
kingmosque-da.info GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kingmosque-da.info/
Frame ID: 7D9A69A0019AD3DD9A8C173949257C37
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banco De Oro

Page URL History Show full URLs

http://banco-online.info/ HTTP 301
https://kingmosque-da.info/ Page URL

Page Statistics

12
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

105 kB
Transfer

172 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://banco-online.info/ HTTP 301
https://kingmosque-da.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response kingmosque-da.info/ Redirect Chain http://banco-online.info/ https://kingmosque-da.info/	16 KB 3 KB	804ms 717ms	Document text/html	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kingmosque-da.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a9bd4ef4f41c738dd7f6c67a1ffb9044e22d89c255ab0352261e26263e3512a1` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 82dadf1ecd2f368b-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 29 Nov 2023 12:32:08 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlImOYo1oI9wGS%2FvfFlA6Gxf3w6jNmHCAHQGbZgo7MRtROckjL1YEZMHst6qqz16jp7CoYiJHXyar6VH9Rzj8lmoEzAEIGCAbrqFqRs5QostPnfhfR3ctE43LSeGr6i3hQ%2FspptMaSZFwUZtJBKQQuo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers CF-Cache-Status DYNAMIC CF-RAY 82dadf19fe3c684f-NRT Connection keep-alive Content-Type text/html; charset=iso-8859-1 Date Wed, 29 Nov 2023 12:32:07 GMT Location https://kingmosque-da.info/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pImdbb%2BxosaCnkZ2i%2B1DFbCwixsGodt%2F8%2BGuvlBCcRo6hhW1Iaikamgeg6CO41o%2B6mtSGPIMx8eJL03jbRI70Eh%2Bmin1UFTUyHbXQL2aiN57TovYeU%2Flb6EJL7qn1EBjVdPZoLDF5gan4i3u3FUJhg%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400
GET H2	200	loginid.css kingmosque-da.info/styles/css/	51 KB 11 KB	24ms 23ms	Stylesheet text/css	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kingmosque-da.info/styles/css/loginid.css Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b18e02c3c784c27cb0db8ce9131cd9ccd24306971baf2057b61539562717bd38` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1673 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADsUflnHGpVIM4tmO0aECEQJ9VklqmM86syVpDcp%2B6Y0tvlOB%2BlwWDl4pHcUQifY81QspMEDa24CFj3AcvIJY%2Fmf5cCeU0CP0YIxCP7ymMuayA0NmU4zq9CvPQA1s5bO4LGN8FjqzhL5tJMZ6d654nc%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82dadf235b0d368b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	component.style.css kingmosque-da.info/styles/css/	16 KB 3 KB	19ms 18ms	Stylesheet text/css	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kingmosque-da.info/styles/css/component.style.css Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `405caefefce16bf6f766e7303eafb32b02da9a8be6d2e1c965e51ddbae41b852` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1673 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoJSqkzdH%2FdeQCt1ebZ%2FrjrRTrLM11ER27YjtKTPkj6OgD29xc7jvQCF4a335qWgoXiV7ZoSvWvnck2lkMCe9ih9HvEYM90fF3i6sgtOJBF8HHGvT7edTYDDGoF4gHTlOS%2FX3IH6VVRFTPP37bF7iTw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82dadf235b10368b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	base.css kingmosque-da.info/styles/css/	6 KB 2 KB	21ms 21ms	Stylesheet text/css	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kingmosque-da.info/styles/css/base.css Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ae7e6478a048387cc9faa5d97f7fe80b92eda486f40f54a75c168b1928246d1d` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1673 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrGh8VGu7t%2FgtmYb26dLU5kORWbJvuA3cwY6Zzb2YDMA3lkjb%2BIxn0Tft9EZzMUfzPIwwob59SzluxUF4cOy%2Byhy2dztas1K4YmBnHjZs%2BITRVOwQIJJ0zGBbP5h1XJRAqvPVevf9oDPhKy%2BVY%2FoJXE%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 82dadf235b11368b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	header.png kingmosque-da.info/styles/	7 KB 7 KB	22ms 22ms	Image image/png	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kingmosque-da.info/styles/header.png Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cd226c25a27090e1e976b7dac689c25b27b8474763dbac6c8a684caae80e3ac4` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1673 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhORhVAvgLBpOc9O3hKI0%2FOL1J5rCF0AEr1glLV9KH8e3GOniH%2BcEcooHrMJM53PKWqnuJoB9xJGGZSGVYCDudVi%2FL05RpVdoTzbY12FMlMm3%2BgDNdQbyyMk53MLSdoAP7sr5nt2D6qd72wH%2BTeY9tw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82dadf235b15368b-FRA alt-svc h3=":443"; ma=86400 content-length 7041
GET H2	200	footer.png kingmosque-da.info/styles/	14 KB 14 KB	21ms 21ms	Image image/png	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kingmosque-da.info/styles/footer.png Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fad35aaa7a450a1d9628c271e8acfaada6793f878261b7644dba6a32305f0760` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1672 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgUG8r9EiP89Lk%2F5rz3305MMckNSCLOnCtHh5qfNxfNKtGMEDvcspZND%2Fw0PoHJB7H8Qq2tWvwWHinVaLLaCVT%2F71PeqsduVVu37Tu7nkRJNn%2FzYki9PChFkeAlQS4qceBCQbaysweBDNuhCK7SKhKI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82dadf235b17368b-FRA alt-svc h3=":443"; ma=86400 content-length 13900
GET H2	200	variables_root.js Show response kingmosque-da.info/js_scripts/	220 B 416 B	16ms 16ms	Script text/javascript	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kingmosque-da.info/js_scripts/variables_root.js Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cb1fbc8aa63167714073d9da502863cb2356c7d7a2ec250e4959e898f536ff19` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1673 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abBl5gV1k2lTvlze0huNayZRMyx5dTY5113CyjE4Df6%2Fe%2BMhSNH7NO%2Bw4%2FtbDtpdoOSkFeg1sidR50401F8rpEZc2CXudlHNW%2FJfHQE9aOEuyOUcUsTvrOtWEaupGm5xT8pKe4%2FJIlNmdwuUrmzM1zM%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 82dadf237b33368b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	login.js Show response kingmosque-da.info/js_scripts/	549 B 496 B	19ms 19ms	Script text/javascript	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kingmosque-da.info/js_scripts/login.js Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2dc98f0809317779b2f64a3f1c0e9aedb2be1e429e10fce46e550c44112185c0` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1673 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=le2bZhOmzuydAGwt6SsB6a1CbcsffiQeMmAmwUMR3qAq9bH%2BVfjF2545OQA4qcJ26ybwTiUXucpkpxA%2BVRObNo79IwhqD7SPqTzuITvxmDbEOHYxtSSRAct0F8QaZoMEW8ISNTMoJpTLawBvjMlYli4%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 82dadf237b37368b-FRA alt-svc h3=":443"; ma=86400
GET H2	200	bdo-logo.jpg kingmosque-da.info/styles/	35 KB 36 KB	15ms 14ms	Image image/jpeg	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kingmosque-da.info/styles/bdo-logo.jpg Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/styles/css/loginid.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5225eebca373ae103c2e83513cb277b4eecd319df532a4bb41868a20341e71fe` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/styles/css/loginid.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1672 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fL%2BBBYM4PuyHrpYA%2FGudqh%2FJukTEVgEHY7TSNjLNEx5dOsOM%2BTFOZXJbEBVHlXKXZKlEUVa9QOujndZ%2BonH9WZCP9Bj0lKgmdtxlPq9vSIHKEontgsS%2FDKgSFc8Oxly2HEWL0MgrT259KxXv0tq%2BFXg%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 82dadf237b41368b-FRA alt-svc h3=":443"; ma=86400 content-length 36240
GET H2	200	arrow-white.png kingmosque-da.info/styles/	7 KB 7 KB	17ms 16ms	Image image/png	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kingmosque-da.info/styles/arrow-white.png Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/styles/css/loginid.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3e72af5babd1f7f1077a4091d1ced174710e72a7bd5047a8826bd5dac5412cce` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/styles/css/loginid.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1671 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31T8Rd61amhcUGguywjNUk4qargzRKxGwFg9KBk4S1koUMUw9LNpn2Zlpkc6r8kFHAb30i7gvyO1bwGh6WtMmPEVLhqMY5stfn8SEA3wov9rd7xH6bJTv8TQnYyubKIGzwwoDbfQVytbBbYz2MStM4c%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82dadf237b44368b-FRA alt-svc h3=":443"; ma=86400 content-length 6953
GET H2	200	ad.png kingmosque-da.info/styles/	20 KB 20 KB	18ms 17ms	Image image/png	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kingmosque-da.info/styles/ad.png Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/styles/css/loginid.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `649ce520b09e82f86af594afb5c8d0c2f70773fab60d8261d6dbec6cf4230d17` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/styles/css/loginid.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1671 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dMMJJddw1qmPvHVp7Az4Tq7hiD83GjWzpC39OfsLMxTa3YxCgTgTe9ftGXf9Cdqwc7pCkJJi%2FqkPcS6%2FC7N6B5T3MJt8phCoM5z1fA22d6%2Fu10mXZF5oDIJANLkRKx%2BXP0j6W9zo4veqPx5cla7CI8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82dadf237b45368b-FRA alt-svc h3=":443"; ma=86400 content-length 20298
GET H2	200	arrow_right.png kingmosque-da.info/styles/	141 B 433 B	20ms 20ms	Image image/png	2606:4700:3036::6815:568d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kingmosque-da.info/styles/arrow_right.png Requested by Host: kingmosque-da.info URL: https://kingmosque-da.info/styles/css/loginid.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:568d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e36e7573aa4f407a93704b899df4baa00c632328e56eaa951e8339b0b09d39a8` Request headers accept-language de-DE,de;q=0.9 Referer https://kingmosque-da.info/styles/css/loginid.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Wed, 29 Nov 2023 12:32:08 GMT cf-cache-status HIT last-modified Tue, 22 Aug 2023 18:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1671 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxrtuUPOxpCqeKa4usLRP0yUDajuAcEXNAs7Z4ksHgJYViae3%2FmQ0ZWkV000zxFkT1RV8S%2FMiZ0bhOysiHRVLfDu%2BNuS7uMbnNQkDwnBBGRdpG%2F%2B9CFriqijh8H2HQbkDjolZWMO3h4hJdDxnUBL0VY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 82dadf238b4a368b-FRA alt-svc h3=":443"; ma=86400 content-length 141

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BDO Bank (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| auth

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			kingmosque-da.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: dc051ffbd9e49201d9e8f8b4e022f3f0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banco-online.info
kingmosque-da.info
2606:4700:3034::6815:5574
2606:4700:3036::6815:568d
2dc98f0809317779b2f64a3f1c0e9aedb2be1e429e10fce46e550c44112185c0
3e72af5babd1f7f1077a4091d1ced174710e72a7bd5047a8826bd5dac5412cce
405caefefce16bf6f766e7303eafb32b02da9a8be6d2e1c965e51ddbae41b852
5225eebca373ae103c2e83513cb277b4eecd319df532a4bb41868a20341e71fe
649ce520b09e82f86af594afb5c8d0c2f70773fab60d8261d6dbec6cf4230d17
a9bd4ef4f41c738dd7f6c67a1ffb9044e22d89c255ab0352261e26263e3512a1
ae7e6478a048387cc9faa5d97f7fe80b92eda486f40f54a75c168b1928246d1d
b18e02c3c784c27cb0db8ce9131cd9ccd24306971baf2057b61539562717bd38
cb1fbc8aa63167714073d9da502863cb2356c7d7a2ec250e4959e898f536ff19
cd226c25a27090e1e976b7dac689c25b27b8474763dbac6c8a684caae80e3ac4
e36e7573aa4f407a93704b899df4baa00c632328e56eaa951e8339b0b09d39a8
fad35aaa7a450a1d9628c271e8acfaada6793f878261b7644dba6a32305f0760

kingmosque-da.info Open in urlscan Pro 2606:4700:3036::6815:568d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

105 kBTransfer

172 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

1 Cookies

Indicators

kingmosque-da.info Open in urlscan Pro
2606:4700:3036::6815:568d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

105 kB
Transfer

172 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!