baka18.my.id Open in urlscan Pro
213.32.58.223  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request verification.html Show response baka18.my.id/verification/	28 KB 19 KB	74ms 15ms	Document text/html	213.32.58.223 OVH
General Check archive.org Show headers Download Go to Full URL https://baka18.my.id/verification/verification.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 213.32.58.223 , France, ASN16276 (OVH, FR), Reverse DNS ip223.ip-213-32-58.eu Software / Resource Hash 00b50c1da71059c40ed3cc609591570ecc7734723a793089035ec36c48397a36 Request headers :method GET :authority baka18.my.id :scheme https :path /verification/verification.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-type text/html last-modified Fri, 30 Jul 2021 06:57:04 GMT accept-ranges bytes content-encoding br vary Accept-Encoding content-length 19085 date Thu, 05 Aug 2021 17:47:25 GMT alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET H/1.1	200 OK	client.css estatements.midlandstatesbank.com/styles/	5 KB 2 KB	481ms 157ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/client.css Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 12b7eecb79b7fb5ebd3bceefcf678f62d83620900dfc2d56d388425979752ee0 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"5441-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1412
GET H/1.1	200 OK	boxmenu.css estatements.midlandstatesbank.com/styles/	2 KB 796 B	503ms 164ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/boxmenu.css Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 267f1179716d40d02c10f141eda6d071de12426648539504304149eb3cfcbf91 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 18:49:04 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"1785-1601405344000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 412
GET H/1.1	200 OK	forms.css estatements.midlandstatesbank.com/styles/	5 KB 1 KB	505ms 165ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/forms.css Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash d8303e7cc49516c09bc145b23ecc0deea5a804a3b6b3e44294755b5e66d6548a Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"5049-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 952
GET H/1.1	200 OK	jquery-ui-1.8.9.custom.css estatements.midlandstatesbank.com/styles/jqueryui/themes/ui-lightness/	33 KB 6 KB	520ms 171ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/jqueryui/themes/ui-lightness/jquery-ui-1.8.9.custom.css Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 5cbf24ab2fbc25fbd01655d1573308da43a0395cebce19dc827a021ba1046b33 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"34133-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6196
GET H/1.1	200 OK	validationEngine.jquery.css estatements.midlandstatesbank.com/styles/	3 KB 1 KB	527ms 173ms	Stylesheet text/css	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/styles/validationEngine.jquery.css Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash c789aeb8a731d6ede52aaf6acb668e81497f2c70ec620732ce919282faef2840 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 18:49:04 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"2606-1601405344000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 728
GET H/1.1	200 OK	validation.js Show response estatements.midlandstatesbank.com/javascript/	1 KB 884 B	532ms 175ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/validation.js Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 52b0ed391bfebb9288b920480ed8eb5ec773e87eb61f21246dca3165a48e5656 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 18:49:04 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"1365-1601405344000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 486
GET H/1.1	200 OK	jquery-1.4.4.min.js Show response estatements.midlandstatesbank.com/javascript/jquery/	77 KB 27 KB	638ms 158ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/jquery/jquery-1.4.4.min.js Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"78601-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 27073
GET H/1.1	200 OK	jquery-ui-1.8.9.custom.min.js Show response estatements.midlandstatesbank.com/javascript/jquery/	202 KB 51 KB	678ms 175ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/jquery/jquery-ui-1.8.9.custom.min.js Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 18:49:04 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"207146-1601405344000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 51785
GET H/1.1	200 OK	jquery.validationEngine.js Show response estatements.midlandstatesbank.com/javascript/jquery/	26 KB 7 KB	671ms 167ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/jquery/jquery.validationEngine.js Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 7a299721e644822017dc072948c1648965d727b1ce54c8ba86518e3fd0744c62 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 20:20:32 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"26723-1601410832000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 6472
GET H/1.1	200 OK	jquery.validationEngine-en.js Show response estatements.midlandstatesbank.com/javascript/jquery/	2 KB 1 KB	691ms 172ms	Script application/javascript	12.189.22.64 INFOIMAGE
General Check archive.org Show headers Download Go to Full URL https://estatements.midlandstatesbank.com/javascript/jquery/jquery.validationEngine-en.js Requested by Host: baka18.my.id URL: https://baka18.my.id/verification/verification.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 12.189.22.64 , United States, ASN36838 (INFOIMAGE, US), Reverse DNS Software Apache/2.4.29 (Ubuntu) / Resource Hash 5ca61b01d51eea297c875f363b1d42d5eaccfed0a16452a8c49741c203a28e94 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://baka18.my.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 05 Aug 2021 17:46:27 GMT Content-Encoding gzip Last-Modified Tue, 29 Sep 2020 18:49:04 GMT Server Apache/2.4.29 (Ubuntu) ETag W/"2323-1601405344000-gzip" Vary Accept-Encoding Strict-Transport-Security max-age=15768000 Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 771
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c13ae3a103d8431dacfc0cd6a58c3e8970ba005e87b0799fe66d72217389a307 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 574f6aeefe2fa8aee43405b5b14211cbfe518c390eaa09bc045eea3240c2593b Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	8 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c074e76dd727cfac94a3bd569636f9f6fbd2110ec2f2613fa460df9687dd26b7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| is_empty function| not_match function| has_character function| has_digit_only function| has_invalid_char function| is_currancy function| is_invalid_email function| has_lower_case function| has_upper_case function| has_digit function| is_invalid_password function| has_repeated_char function| simple_check function| $ function| jQuery function| DP_jQuery_1628185646595 function| highlightMenu

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baka18.my.id
estatements.midlandstatesbank.com
12.189.22.64
213.32.58.223
00b50c1da71059c40ed3cc609591570ecc7734723a793089035ec36c48397a36
12b7eecb79b7fb5ebd3bceefcf678f62d83620900dfc2d56d388425979752ee0
14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5
267f1179716d40d02c10f141eda6d071de12426648539504304149eb3cfcbf91
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
52b0ed391bfebb9288b920480ed8eb5ec773e87eb61f21246dca3165a48e5656
574f6aeefe2fa8aee43405b5b14211cbfe518c390eaa09bc045eea3240c2593b
5ca61b01d51eea297c875f363b1d42d5eaccfed0a16452a8c49741c203a28e94
5cbf24ab2fbc25fbd01655d1573308da43a0395cebce19dc827a021ba1046b33
7a299721e644822017dc072948c1648965d727b1ce54c8ba86518e3fd0744c62
c074e76dd727cfac94a3bd569636f9f6fbd2110ec2f2613fa460df9687dd26b7
c13ae3a103d8431dacfc0cd6a58c3e8970ba005e87b0799fe66d72217389a307
c789aeb8a731d6ede52aaf6acb668e81497f2c70ec620732ce919282faef2840
d8303e7cc49516c09bc145b23ecc0deea5a804a3b6b3e44294755b5e66d6548a