hasabi.id Open in urlscan Pro
183.91.79.101 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hasabi.id/wek%20wek/desrt/dash/index.php
Effective URL:
https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
Submission: On October 25 via manual (October 25th 2022, 1:31:17 pm UTC) from RS — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 183.91.79.101, located in Tangerang, Indonesia and belongs to LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID. The main domain is hasabi.id.
TLS certificate: Issued by R3 on October 24th 2022. Valid for: 3 months.

This is the only time hasabi.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Swiss Post (Transportation) DHL (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 18	183.91.79.101 183.91.79.101		4800 (LINTASART...) (LINTASARTA-AS-AP PT Aplikanusa Lintasarta)
17	1

18 183.91.79.101 (Tangerang, Indonesia) 1 redirects

ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID)

hasabi.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	hasabi.id 1 redirects hasabi.id	389 KB
17	1

	Domain	Requested by
18	hasabi.id	1 redirects hasabi.id
17	1

This site contains no links.

Subject Issuer	Validity	Valid
hasabi.id R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
Frame ID: 9940CD3250C84B8F12DD7420A43B0D05
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DHL - Account

Page URL History Show full URLs

https://hasabi.id/wek%20wek/desrt/dash/index.php HTTP 302
https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

389 kB
Transfer

1615 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hasabi.id/wek%20wek/desrt/dash/index.php HTTP 302
https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request portail.php Show response
hasabi.id/wek%20wek/desrt/dash/
Redirect Chain

https://hasabi.id/wek%20wek/desrt/dash/index.php
https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

119 KB
27 KB

431ms
430ms

Document
text/html

183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

2ac6bb7006acad1c86a606359a63bd4005b170ec62f755d4109c3653d61a7668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 13:40:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 13:40:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 main.css
hasabi.id/wek%20wek/desrt/dash/files/css/ 529 KB
108 KB 228ms
224ms Stylesheet
text/css 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

d97797426d717621d5059e293ea468c8a463a3e8e7d89a5d90ac38eaa174ed64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
Origin: https://hasabi.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: W/"6354fa34-844ff"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 26 Oct 2022 01:40:57 GMT

GET
H2 200 jquery.js Show response
hasabi.id/wek%20wek/desrt/dash/files/js/ 85 KB
34 KB 436ms
433ms Script
application/javascript 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/js/jquery.js

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: W/"6354fa34-15339"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 26 Oct 2022 01:40:57 GMT

GET
H2 200 jquery.ccvalid.js Show response
hasabi.id/wek%20wek/desrt/dash/files/js/ 7 KB
2 KB 436ms
433ms Script
application/javascript 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/js/jquery.ccvalid.js

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: W/"6354fa34-1d12"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 26 Oct 2022 01:40:57 GMT

GET
H2 200 jquery.mask.js Show response
hasabi.id/wek%20wek/desrt/dash/files/js/ 18 KB
6 KB 436ms
434ms Script
application/javascript 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/js/jquery.mask.js

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: W/"6354fa34-47fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 26 Oct 2022 01:40:57 GMT

GET
H2 200 dhl-logo.svg
hasabi.id/wek%20wek/desrt/dash/files/img/ 2 KB
2 KB 226ms
226ms Image
image/svg+xml 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/img/dhl-logo.svg

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: "6354fa34-643"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1603

GET
H2 200 ico2.svg
hasabi.id/wek%20wek/desrt/dash/files/img/ 2 KB
2 KB 220ms
220ms Image
image/svg+xml 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/img/ico2.svg

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

e9afb18f5022f01c0c34078dbcdb65f4c7f3e63061e30c57c48554ae45495fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: "6354fa34-806"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2054

GET
H2 200 glo-footer-logo.svg
hasabi.id/wek%20wek/desrt/dash/files/img/ 12 KB
12 KB 222ms
222ms Image
image/svg+xml 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/img/glo-footer-logo.svg

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: "6354fa34-2ec0"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 11968

GET
H2 200 main.js Show response
hasabi.id/wek%20wek/desrt/dash/files/js/ 295 KB
70 KB 207ms
207ms Script
application/javascript 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/js/main.js

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

8c5c1e116a0e4619d4237d45e48e3fd089cf3c3d75ae297b7bb5c55c9ec0c2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: W/"6354fa34-49b53"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 26 Oct 2022 01:40:58 GMT

GET
H2 200 main.css
hasabi.id/wek%20wek/desrt/dash/files/css/ 529 KB
108 KB 393ms
393ms Stylesheet
text/css 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

d97797426d717621d5059e293ea468c8a463a3e8e7d89a5d90ac38eaa174ed64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:57 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: W/"6354fa34-844ff"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 26 Oct 2022 01:40:57 GMT

GET
H2 404 5132a7ca80ea9e18ec8cecc618cf5a0b.woff
hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/ 0
0 1604ms
1603ms Font
text/html 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/5132a7ca80ea9e18ec8cecc618cf5a0b.woff
Requested by: Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Origin: https://hasabi.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://hasabi.id/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 67dd9346877fd6c6a83d3ce92d6a8adf.woff
hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/ 0
0 1583ms
1582ms Font
text/html 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/67dd9346877fd6c6a83d3ce92d6a8adf.woff
Requested by: Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Origin: https://hasabi.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://hasabi.id/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 c2d3739d2debffea340a58b7b8ab3c61.woff
hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/ 0
0 1578ms
1577ms Font
text/html 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/c2d3739d2debffea340a58b7b8ab3c61.woff
Requested by: Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Origin: https://hasabi.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://hasabi.id/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 lod.gif
hasabi.id/wek%20wek/desrt/dash/files/img/ 17 KB
17 KB 369ms
369ms Image
image/gif 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hasabi.id/wek%20wek/desrt/dash/files/img/lod.gif

Requested by

Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),

Reverse DNS

Software

nginx /

Resource Hash

ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:40:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Oct 2022 08:24:20 GMT
server: nginx
etag: "6354fa34-44b1"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17585
expires: Thu, 24 Nov 2022 13:40:58 GMT

GET
H2 404 e39bd2e2657ce5dd6f9c33df18529233.woff
hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/ 0
0 1742ms
1732ms Font
text/html 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/e39bd2e2657ce5dd6f9c33df18529233.woff
Requested by: Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Origin: https://hasabi.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:41:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://hasabi.id/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 4a350e02a03ac62e72e9ea575b31ce84.woff
hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/ 0
0 1739ms
1730ms Font
text/html 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/4a350e02a03ac62e72e9ea575b31ce84.woff
Requested by: Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Origin: https://hasabi.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:41:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://hasabi.id/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 404 03f859bf58e4d37841070de34be7d978.woff
hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/ 0
0 1911ms
1909ms Font
text/html 183.91.79.101
LINTASARTA-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/03f859bf58e4d37841070de34be7d978.woff
Requested by: Host: hasabi.id
URL: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.91.79.101 Tangerang, Indonesia, ASN4800 (LINTASARTA-AS-AP PT Aplikanusa Lintasarta, ID),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css
Origin: https://hasabi.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 13:41:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://hasabi.id/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Swiss Post (Transportation) DHL (Transportation)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hasabi.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: r00anur403eocrekgkanmuht1p

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax(Line 43) Message: A preload for 'https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/c2d3739d2debffea340a58b7b8ab3c61.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/67dd9346877fd6c6a83d3ce92d6a8adf.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/5132a7ca80ea9e18ec8cecc618cf5a0b.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/4a350e02a03ac62e72e9ea575b31ce84.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/e39bd2e2657ce5dd6f9c33df18529233.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hasabi.id/wek%20wek/desrt/dash/files/assets/fonts/03f859bf58e4d37841070de34be7d978.woff Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://hasabi.id/wek%20wek/desrt/dash/portail.php?country.x=Global&one=ok&flowId=ul&_Email=datax Message: The resource https://hasabi.id/wek%20wek/desrt/dash/files/css/main.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hasabi.id
183.91.79.101
2ac6bb7006acad1c86a606359a63bd4005b170ec62f755d4109c3653d61a7668
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
8c5c1e116a0e4619d4237d45e48e3fd089cf3c3d75ae297b7bb5c55c9ec0c2d7
ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b
ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
d97797426d717621d5059e293ea468c8a463a3e8e7d89a5d90ac38eaa174ed64
e9afb18f5022f01c0c34078dbcdb65f4c7f3e63061e30c57c48554ae45495fa1

hasabi.id Open in urlscan Pro 183.91.79.101 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

389 kBTransfer

1615 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

1 Cookies

8 Console Messages

Security Headers

Indicators

hasabi.id Open in urlscan Pro
183.91.79.101 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

389 kB
Transfer

1615 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!