mamajang.kec.makassarkota.go.id.tkdlomacs.com
Open in
urlscan Pro
92.205.4.117
Public Scan
Submission: On March 03 via api from US — Scanned from US
Summary
TLS certificate: Issued by mamajang.kec.makassarkota.go.id.tkdlo... on November 15th 2023. Valid for: a year.
This is the only time mamajang.kec.makassarkota.go.id.tkdlomacs.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 92.205.4.117 92.205.4.117 | 21499 (GODADDY-SXB) (GODADDY-SXB) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:821::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2606:50c0:800... 2606:50c0:8001::154 | 54113 (FASTLY) (FASTLY) | |
1 2 | 23.206.172.151 23.206.172.151 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 2 | 140.82.114.4 140.82.114.4 | 36459 (GITHUB) (GITHUB) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:141b:1c0... 2600:141b:1c00:16::17c4:325 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2600:141b:1c0... 2600:141b:1c00:258a::228b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
13 | 7 |
ASN21499 (GODADDY-SXB, DE)
PTR: 117.4.205.92.host.secureserver.net
mamajang.kec.makassarkota.go.id.tkdlomacs.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-151.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net |
ASN20940 (AKAMAI-ASN1, NL)
csp.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 13291 csp.secureserver.net — Cisco Umbrella Rank: 13396 |
606 B |
3 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4374 |
301 KB |
2 |
github.com
2 redirects
github.com — Cisco Umbrella Rank: 2500 |
7 KB |
2 |
wsimg.com
1 redirects
img1.wsimg.com — Cisco Umbrella Rank: 10135 |
21 KB |
1 |
gstatic.com
fonts.gstatic.com |
29 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
795 B |
1 |
tkdlomacs.com
mamajang.kec.makassarkota.go.id.tkdlomacs.com |
2 KB |
13 | 7 |
Domain | Requested by | |
---|---|---|
4 | csp.secureserver.net |
img1.wsimg.com
|
3 | raw.githubusercontent.com |
mamajang.kec.makassarkota.go.id.tkdlomacs.com
|
2 | events.api.secureserver.net |
img1.wsimg.com
|
2 | github.com | 2 redirects |
2 | img1.wsimg.com |
1 redirects
mamajang.kec.makassarkota.go.id.tkdlomacs.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
mamajang.kec.makassarkota.go.id.tkdlomacs.com
|
1 | mamajang.kec.makassarkota.go.id.tkdlomacs.com | |
13 | 8 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mamajang.kec.makassarkota.go.id.tkdlomacs.com mamajang.kec.makassarkota.go.id.tkdlomacs.com |
2023-11-15 - 2024-11-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.github.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-20 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
*.api.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-07-10 - 2024-08-10 |
a year | crt.sh |
*.secureserver.net Starfield Secure Certificate Authority - G2 |
2023-10-10 - 2024-11-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mamajang.kec.makassarkota.go.id.tkdlomacs.com/
Frame ID: 16236671C01382B051BF79F8C66CB667
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Hacked By Criminal LaoinDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Click Me (linktr.ee)
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
- https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
- https://github.com/CriminalLaoin/CL/raw/main/X%20&%20L.mp3 HTTP 302
- https://raw.githubusercontent.com/CriminalLaoin/CL/main/X%20%26%20L.mp3
- https://github.com/CriminalLaoin/CL/raw/main/Middle-Finger.cur HTTP 302
- https://raw.githubusercontent.com/CriminalLaoin/CL/main/Middle-Finger.cur
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mamajang.kec.makassarkota.go.id.tkdlomacs.com/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
755 B 795 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Aesthetic-Girl.gif
raw.githubusercontent.com/CriminalLaoin/CL/main/ |
296 KB 296 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/ Redirect Chain
|
103 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
X%20%26%20L.mp3
raw.githubusercontent.com/CriminalLaoin/CL/main/ Redirect Chain
|
1 MB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Middle-Finger.cur
raw.githubusercontent.com/CriminalLaoin/CL/main/ Redirect Chain
|
4 KB 4 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MwQzbhjp3-HImzcCU_cJoGQfiA.woff2
fonts.gstatic.com/s/newrocker/v16/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 303 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
event
events.api.secureserver.net/t/1/tl/ |
43 B 303 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
eventbus
csp.secureserver.net/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| x function| playAudio object| title number| index function| changeTitle function| drawStars object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 object| _trfq3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.tkdlomacs.com/ | Name: _tccl_visitor Value: 7a8de664-0c77-4457-a971-08843d274e93 |
|
.tkdlomacs.com/ | Name: _tccl_visit Value: 7a8de664-0c77-4457-a971-08843d274e93 |
|
.tkdlomacs.com/ | Name: _scc_session Value: pc=1&C_TOUCH=2024-03-03T13:56:09.065Z |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
csp.secureserver.net
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
github.com
img1.wsimg.com
mamajang.kec.makassarkota.go.id.tkdlomacs.com
raw.githubusercontent.com
140.82.114.4
23.206.172.151
2600:141b:1c00:16::17c4:325
2600:141b:1c00:258a::228b
2606:50c0:8001::154
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::200a
92.205.4.117
1fbc2284db28aafa2ca071e25e2587cadf2903213975ac5bab14b5837f1ed68a
a20bf6b305ad5341cfce46e89ec7f6774c5263ab0c0a8fcfbd065ef81bdf4eef
ad20f4a43fc6df560973aca8fa0f93e112cdcc0a84c8789f73aac79878637152
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb1a39e6d7a008a6b3a0d3dd719c3a20a6826e7404b144f3ff36c86961ee2db3
c13d67d1e13252fc3afcddc15d40654f615a1710d87a1a8309e34f4ef7b80b16
cc451aa50cb9f48a52bcf89ae2f2ad26f4f75ab5cad6de73174e9016b79079f7