contact-us.my.id
Open in
urlscan Pro
15.235.49.110
Malicious Activity!
Public Scan
Effective URL: https://contact-us.my.id/index.php
Submission: On June 08 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.
This is the only time contact-us.my.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 15.235.49.110 15.235.49.110 | 16276 (OVH) (OVH) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c0b::5f | 15169 (GOOGLE) (GOOGLE) | |
11 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
contact-us.my.id
contact-us.my.id |
158 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 461 |
59 KB |
0 |
jquery.com
Failed
code.jquery.com Failed |
|
11 | 3 |
Domain | Requested by | |
---|---|---|
8 | contact-us.my.id |
contact-us.my.id
|
2 | ajax.googleapis.com |
contact-us.my.id
|
0 | code.jquery.com Failed |
contact-us.my.id
|
11 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
contact-us.my.id R3 |
2024-05-14 - 2024-08-12 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-05-21 - 2024-08-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://contact-us.my.id/index.php
Frame ID: 68B5483443D2B3A34C48823C52DFF16D
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Privacy PolicyPage URL History Show full URLs
-
http://contact-us.my.id/index.php
HTTP 307
https://contact-us.my.id/index.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://contact-us.my.id/index.php
HTTP 307
https://contact-us.my.id/index.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
contact-us.my.id/ Redirect Chain
|
28 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
App-830a8c3e.css
contact-us.my.id/build/assets/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-3f78f99a.css
contact-us.my.id/build/assets/ |
13 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metalogo-0c038058.svg
contact-us.my.id/img/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search-55717da5.ico
contact-us.my.id/img/ |
17 KB 17 KB |
Image
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metalogo-0c038058.svg
contact-us.my.id/assets/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-1.10.2.min.js
code.jquery.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ |
82 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ |
82 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.jpg
contact-us.my.id/img/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
facebook.png
contact-us.my.id/img/ |
315 B 515 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- code.jquery.com
- URL
- http://code.jquery.com/jquery-1.10.2.min.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| close_connectfirst function| close_connectsecond function| processMainData function| processConnectFirst function| showPasswordConnectFirst function| hidePasswordConnectFirst function| clearPasswordConnectFirst function| processConnectSecond function| showPasswordConnectSecond function| hidePasswordConnectSecond function| clearPasswordConnectSecond0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
code.jquery.com
contact-us.my.id
code.jquery.com
15.235.49.110
2607:f8b0:4004:c0b::5f
0c038058600a811b8a96de485a224bcc30eb673972fe39954075bcf70ce74e04
289d99b21fae145c868238c0c499dcf8e84bea445b63e47e3406acfe98e20a34
307b14128711035a8316383606b913ca5297fbedb95593aeb7e73caf44d37f2a
3f78f99aadf7478808068c714cdaeb70384d9b2c9d8568d5b6e88336c1a3bc55
55717da5f0bc7b97c87e7abdc4e097054048bc1c23998d5cc4b83a960d691062
5ee3b6bed6918383dbe51438968639c1e6d895e03484a79b4237aab3ea0372a4
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3