gustamol.duckdns.org Open in urlscan Pro
103.13.207.17 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://gustamol.duckdns.org/PoliciesTransparencyCentre.html
Submission: On August 21 via api (August 21st 2023, 6:33:08 pm UTC) from JP — Scanned from JP

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 103.13.207.17, located in Indonesia and belongs to CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG. The main domain is gustamol.duckdns.org.

This is the only time gustamol.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
7	103.13.207.17 103.13.207.17		138608 (CLOUDHOST...) (CLOUDHOST-AS-AP Cloud Host Pte Ltd)
7	2

7 103.13.207.17 (Indonesia)

ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG)
PTR: ip103-13-207-17.cloudhost.web.id

gustamol.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	duckdns.org gustamol.duckdns.org	223 KB
7	1

	Domain	Requested by
7	gustamol.duckdns.org	gustamol.duckdns.org
7	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://gustamol.duckdns.org/PoliciesTransparencyCentre.html
Frame ID: BFDD952F664C1B230079A04BB310C69F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Policies | Transparency Centre

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

223 kB
Transfer

661 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request PoliciesTransparencyCentre.html Show response gustamol.duckdns.org/	12 KB 5 KB	788ms 79ms	Document text/html	103.13.207.17 CLOUDHOST-AS-AP C...
General Check archive.org Show headers Download Go to Full URL http://gustamol.duckdns.org/PoliciesTransparencyCentre.html Protocol HTTP/1.1 Server 103.13.207.17 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG), Reverse DNS ip103-13-207-17.cloudhost.web.id Software LiteSpeed / Resource Hash `59d2dc614e5424a6075413133ad2d2721194520be896fecbf8405c084c3a479e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ranges bytes connection Keep-Alive content-encoding gzip content-length 5144 content-type text/html date Mon, 21 Aug 2023 18:33:04 GMT etag "304a-64e376c1-bd05e;gz" last-modified Mon, 21 Aug 2023 14:37:53 GMT server LiteSpeed vary Accept-Encoding
GET H/1.1	200 OK	style-pay.css gustamol.duckdns.org/css/	45 KB 5 KB	81ms 79ms	Stylesheet text/css	103.13.207.17 CLOUDHOST-AS-AP C...
General Check archive.org Show headers Download Go to Full URL http://gustamol.duckdns.org/css/style-pay.css Requested by Host: gustamol.duckdns.org URL: http://gustamol.duckdns.org/PoliciesTransparencyCentre.html Protocol HTTP/1.1 Server 103.13.207.17 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG), Reverse DNS ip103-13-207-17.cloudhost.web.id Software LiteSpeed / Resource Hash `80abb4cc02c96812f419c0d78ab0550895c1a49577620559b7dbc578edad6ade` Request headers accept-language jp-JP,jp;q=0.9 Referer http://gustamol.duckdns.org/PoliciesTransparencyCentre.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 18:33:04 GMT content-encoding gzip last-modified Mon, 21 Aug 2023 14:38:03 GMT server LiteSpeed etag "b2a3-64e376cb-bd075;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 4924 expires Mon, 28 Aug 2023 18:33:04 GMT
GET H/1.1	200 OK	pAy5sS6Se6DC.css gustamol.duckdns.org/css/	446 KB 131 KB	148ms 74ms	Stylesheet text/css	103.13.207.17 CLOUDHOST-AS-AP C...
General Check archive.org Show headers Download Go to Full URL http://gustamol.duckdns.org/css/pAy5sS6Se6DC.css Requested by Host: gustamol.duckdns.org URL: http://gustamol.duckdns.org/PoliciesTransparencyCentre.html Protocol HTTP/1.1 Server 103.13.207.17 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG), Reverse DNS ip103-13-207-17.cloudhost.web.id Software LiteSpeed / Resource Hash `7b06bed9367d0fee280972fbb00140cb78805da95b85d888ee5b234de688c9d2` Request headers accept-language jp-JP,jp;q=0.9 Referer http://gustamol.duckdns.org/PoliciesTransparencyCentre.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 18:33:04 GMT content-encoding gzip last-modified Mon, 21 Aug 2023 14:38:03 GMT server LiteSpeed etag "6f986-64e376cb-bd06e;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 133959 expires Mon, 28 Aug 2023 18:33:04 GMT
GET H/1.1	200 OK	RdxXuLZOwAp.css gustamol.duckdns.org/css/	105 KB 28 KB	146ms 72ms	Stylesheet text/css	103.13.207.17 CLOUDHOST-AS-AP C...
General Check archive.org Show headers Download Go to Full URL http://gustamol.duckdns.org/css/RdxXuLZOwAp.css Requested by Host: gustamol.duckdns.org URL: http://gustamol.duckdns.org/PoliciesTransparencyCentre.html Protocol HTTP/1.1 Server 103.13.207.17 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG), Reverse DNS ip103-13-207-17.cloudhost.web.id Software LiteSpeed / Resource Hash `3cb38c0015ac502e1101a8619a73aa550758c6c8764487287cbc59ef8cb14f82` Request headers accept-language jp-JP,jp;q=0.9 Referer http://gustamol.duckdns.org/PoliciesTransparencyCentre.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 18:33:04 GMT content-encoding gzip last-modified Mon, 21 Aug 2023 14:38:03 GMT server LiteSpeed etag "1a5db-64e376cb-bd074;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 28806 expires Mon, 28 Aug 2023 18:33:04 GMT
GET H/1.1	200 OK	VLogo77go.css gustamol.duckdns.org/css/	336 B 581 B	150ms 75ms	Stylesheet text/css	103.13.207.17 CLOUDHOST-AS-AP C...
General Check archive.org Show headers Download Go to Full URL http://gustamol.duckdns.org/css/VLogo77go.css Requested by Host: gustamol.duckdns.org URL: http://gustamol.duckdns.org/PoliciesTransparencyCentre.html Protocol HTTP/1.1 Server 103.13.207.17 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG), Reverse DNS ip103-13-207-17.cloudhost.web.id Software LiteSpeed / Resource Hash `5a4160c1b62df0b7279e552c149e3a6aa3024e3d9a0818f5170bb684956c07ee` Request headers accept-language jp-JP,jp;q=0.9 Referer http://gustamol.duckdns.org/PoliciesTransparencyCentre.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 18:33:04 GMT content-encoding gzip last-modified Mon, 21 Aug 2023 14:38:03 GMT server LiteSpeed etag "150-64e376cb-bd076;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 212 expires Mon, 28 Aug 2023 18:33:04 GMT
GET H/1.1	200 OK	a.png gustamol.duckdns.org/css/	24 KB 24 KB	73ms 72ms	Image image/png	103.13.207.17 CLOUDHOST-AS-AP C...
General Check archive.org Show headers Download Go to Show image Full URL http://gustamol.duckdns.org/css/a.png Requested by Host: gustamol.duckdns.org URL: http://gustamol.duckdns.org/PoliciesTransparencyCentre.html Protocol HTTP/1.1 Server 103.13.207.17 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG), Reverse DNS ip103-13-207-17.cloudhost.web.id Software LiteSpeed / Resource Hash `d7a879ae5ca10bfd663c1fd65b79e4df0ef0d9d0bc76183a3acd57dae4602dcd` Request headers accept-language jp-JP,jp;q=0.9 Referer http://gustamol.duckdns.org/PoliciesTransparencyCentre.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 18:33:04 GMT last-modified Mon, 21 Aug 2023 14:38:02 GMT server LiteSpeed etag "5f83-64e376ca-bd06d;;;" content-type image/png cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 24451 expires Mon, 28 Aug 2023 18:33:04 GMT
GET H/1.1	200 OK	nload.png gustamol.duckdns.org/	28 KB 28 KB	72ms 72ms	Image image/png	103.13.207.17 CLOUDHOST-AS-AP C...
General Check archive.org Show headers Download Go to Show image Full URL http://gustamol.duckdns.org/nload.png Requested by Host: gustamol.duckdns.org URL: http://gustamol.duckdns.org/PoliciesTransparencyCentre.html Protocol HTTP/1.1 Server 103.13.207.17 , Indonesia, ASN138608 (CLOUDHOST-AS-AP Cloud Host Pte Ltd, SG), Reverse DNS ip103-13-207-17.cloudhost.web.id Software LiteSpeed / Resource Hash `e2d85b7515cbe41fed7e43bde39ecab913e2702708d9901ef0918ded28e69bec` Request headers accept-language jp-JP,jp;q=0.9 Referer http://gustamol.duckdns.org/PoliciesTransparencyCentre.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers date Mon, 21 Aug 2023 18:33:04 GMT last-modified Mon, 21 Aug 2023 14:37:53 GMT server LiteSpeed etag "7022-64e376c1-bd05d;;;" content-type image/png cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 28706 expires Mon, 28 Aug 2023 18:33:04 GMT
GET DATA	200 OK	truncated /	135 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675` Request headers accept-language jp-JP,jp;q=0.9 Referer http://gustamol.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gustamol.duckdns.org
103.13.207.17
3cb38c0015ac502e1101a8619a73aa550758c6c8764487287cbc59ef8cb14f82
59d2dc614e5424a6075413133ad2d2721194520be896fecbf8405c084c3a479e
5a4160c1b62df0b7279e552c149e3a6aa3024e3d9a0818f5170bb684956c07ee
7b06bed9367d0fee280972fbb00140cb78805da95b85d888ee5b234de688c9d2
80abb4cc02c96812f419c0d78ab0550895c1a49577620559b7dbc578edad6ade
c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675
d7a879ae5ca10bfd663c1fd65b79e4df0ef0d9d0bc76183a3acd57dae4602dcd
e2d85b7515cbe41fed7e43bde39ecab913e2702708d9901ef0918ded28e69bec

gustamol.duckdns.org Open in urlscan Pro 103.13.207.17 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

223 kBTransfer

661 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Indicators

gustamol.duckdns.org Open in urlscan Pro
103.13.207.17 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

223 kB
Transfer

661 kB
Size

0
Cookies

7 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!