urlscan.io logo urlscan.io
SecurityTrails logo

ox7whoiam.undo.it Open in urlscan Pro
185.199.110.153  Public Scan

Go To Rescan Add Verdict Report
URL: https://ox7whoiam.undo.it/
Submission: On June 09 via api from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 7 HTTP transactions. The main IP is 185.199.110.153, located in United States and belongs to FASTLY, US. The main domain is ox7whoiam.undo.it.
TLS certificate: Issued by R11 on June 8th 2024. Valid for: 3 months.
This is the only time ox7whoiam.undo.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.199.110.153 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 96.43.128.66 19969 (JOESDATAC...)
1 1 140.82.121.3 36459 (GITHUB)
1 2606:50c0:800... 54113 (FASTLY)
1 162.19.58.158 16276 (OVH)
7 6
2    185.199.110.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com
ox7whoiam.undo.it
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    96.43.128.66 (United States)

ASN19969 (JOESDATACENTER, US)
cur.cursors-4u.net
1    140.82.121.3 (Frankfurt am Main, Germany)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-3-fra.github.com
github.com
1    2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
1    162.19.58.158 (France)

ASN16276 (OVH, FR)
PTR: ns3096590.ip-162-19-58.eu
i.ibb.co.com
Apex Domain
Subdomains		 Transfer
2 undo.it
ox7whoiam.undo.it
8 KB
1 co.com
i.ibb.co.com — Cisco Umbrella Rank: 131419
253 KB
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4263
1 github.com
github.com — Cisco Umbrella Rank: 2403
3 KB
1 cursors-4u.net
cur.cursors-4u.net
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 461
34 KB
0 unud.ac.id Failed
www.unud.ac.id Failed
7 7
Domain Requested by
2 ox7whoiam.undo.it
1 i.ibb.co.com ox7whoiam.undo.it
1 raw.githubusercontent.com ox7whoiam.undo.it
1 github.com 1 redirects
1 cur.cursors-4u.net ox7whoiam.undo.it
1 ajax.googleapis.com ox7whoiam.undo.it
0 www.unud.ac.id Failed ox7whoiam.undo.it
7 7

This site contains no links.

Subject Issuer Validity Valid
ox7whoiam.undo.it
R11		 2024-06-08 -
2024-09-06		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
ani.cursors-4u.net
R3		 2024-05-09 -
2024-08-07		 3 months crt.sh
ibb.co
R3		 2024-04-22 -
2024-07-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ox7whoiam.undo.it/
Frame ID: F7EFDF9A3DFCC0B840BD986D5A7AD585
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HACKED BY OX7whoiam

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

71 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

299 kB
Transfer

445 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://bit.ly/2UGCIC5 HTTP 301
  • https://www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css
Request Chain 3
  • https://github.com/defacemoster/audio/raw/main/line HTTP 302
  • https://raw.githubusercontent.com/defacemoster/audio/main/line

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ox7whoiam.undo.it/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ox7whoiam.undo.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
be5f8f54954523565c95107a767f1c94d5370d29b889eb6493ec620cca254831

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
2037
content-type
text/html; charset=utf-8
date
Sun, 09 Jun 2024 13:42:20 GMT
etag
W/"666496cb-15f9"
expires
Sun, 09 Jun 2024 13:52:20 GMT
last-modified
Sat, 08 Jun 2024 17:37:15 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
09f8c16745de341f578d057c9c93be458e5d02b5
x-github-request-id
7DAB:3272BF:74BE2:78AED:6665B13C
x-proxy-cache
MISS
x-served-by
cache-mxp6980-MXP
x-timer
S1717940541.601939,VS0,VE120
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js
Requested by
Host: ox7whoiam.undo.it
URL: https://ox7whoiam.undo.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ox7whoiam.undo.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 15:18:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
167046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34044
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 15:18:15 GMT
sample.css
www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/
Redirect Chain
  • https://bit.ly/2UGCIC5
  • https://www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css
0
0
sym46.cur
cur.cursors-4u.net/symbols/sym-1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/symbols/sym-1/sym46.cur
Requested by
Host: ox7whoiam.undo.it
URL: https://ox7whoiam.undo.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cc451aa50cb9f48a52bcf89ae2f2ad26f4f75ab5cad6de73174e9016b79079f7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ox7whoiam.undo.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 13:42:22 GMT
Last-Modified
Wed, 27 Feb 2013 18:46:54 GMT
Server
nginx/1.16.1
ETag
"512e549e-10be"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
line
raw.githubusercontent.com/defacemoster/audio/main/
Redirect Chain
  • https://github.com/defacemoster/audio/raw/main/line
  • https://raw.githubusercontent.com/defacemoster/audio/main/line
79 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/defacemoster/audio/main/line
Requested by
Host: ox7whoiam.undo.it
URL: https://ox7whoiam.undo.it/
Protocol
H2
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Referer
https://ox7whoiam.undo.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

x-fastly-request-id
3a40c07f494891ceac5b8529368229045b9baa0d
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sun, 09 Jun 2024 13:42:23 GMT
via
1.1 varnish
x-cache-hits
0
x-cache
MISS
Content-Range
bytes 0-7882604/7882605
cross-origin-resource-policy
cross-origin
Content-Length
7882605
x-xss-protection
1; mode=block
x-served-by
cache-mxp6971-MXP
x-github-request-id
5F54:19B659:65ED7:6ACAE:6665B13C
x-timer
S1717940543.014796,VS0,VE376
etag
"befb094687852ede2463498ce634ea0e3fe37fdcd3da2cd4aab422b6bbccea52"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sun, 09 Jun 2024 13:47:23 GMT

Redirect headers

date
Sun, 09 Jun 2024 13:42:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
server
GitHub.com
content-security-policy
default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com/v1/engines/github-completion/completions *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
x-github-request-id
AFC6:E8113:2D9622:2E7F1F:6665B13E
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options
deny
content-type
text/html; charset=utf-8
access-control-allow-origin
location
https://raw.githubusercontent.com/defacemoster/audio/main/line
cache-control
no-cache
content-length
0
x-xss-protection
0
Ghost.png
i.ibb.co.com/kDgM2d5/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co.com/kDgM2d5/Ghost.png
Requested by
Host: ox7whoiam.undo.it
URL: https://ox7whoiam.undo.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.158 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096590.ip-162-19-58.eu
Software
nginx /
Resource Hash
267209bc3d3d6e67cd3581ff2959d593fc74b804a30de8b93cfaf25461bc9990

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ox7whoiam.undo.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 13:42:22 GMT
last-modified
Sat, 25 May 2024 21:06:15 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
258633
expires
Thu, 31 Dec 2037 23:55:55 GMT
favicon.ico
ox7whoiam.undo.it/ 		9 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ox7whoiam.undo.it/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ox7whoiam.undo.it/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
dfa497406a5fcec851bab0d3f7a139257a9af4c3
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
via
1.1 varnish
date
Sun, 09 Jun 2024 13:42:23 GMT
age
0
x-cache
MISS
x-cache-hits
0
content-length
5254
x-served-by
cache-mxp6980-MXP
server
GitHub.com
x-github-request-id
981F:192B8E:76930:7A7B7:6665B13E
x-timer
S1717940543.454901,VS0,VE107
etag
W/"64d39a40-24a3"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-proxy-cache
MISS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.unud.ac.id
URL
https://www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| confirmExit function| fs

0 Cookies

2 Console Messages

Source Level URL
Text
security warning URL: https://ox7whoiam.undo.it/(Line 328)
Message:
Mixed Content: The page at 'https://ox7whoiam.undo.it/' was loaded over HTTPS, but requested an insecure element 'http://cur.cursors-4u.net/symbols/sym-1/sym46.cur'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://ox7whoiam.undo.it/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()