urlscan.io logo urlscan.io
SecurityTrails logo

domcom.info Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://domcom.info/baketrans/?judul=368MEGA
Submission Tags: @phish_report
Submission: On March 25 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 3 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is domcom.info.
TLS certificate: Issued by GTS CA 1P5 on March 2nd 2024. Valid for: 3 months.
This is the only time domcom.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.227.38.65 13335 (CLOUDFLAR...)
3 3
Apex Domain
Subdomains		 Transfer
1 practicdomus.es
ftp.practicdomus.es
84 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 328
5 KB
1 domcom.info
domcom.info
21 KB
3 3
Domain Requested by
1 ftp.practicdomus.es domcom.info
1 cdn.ampproject.org domcom.info
1 domcom.info
3 3

This site contains links to these domains. Also see Links.

Domain
www.domcom.info
www.baca-news.com
www.ielastic.info
e-themes.info
man1kuansing.sch.id
Subject Issuer Validity Valid
domcom.info
GTS CA 1P5		 2024-03-02 -
2024-05-31		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
ftp.practicdomus.es
R3		 2024-02-17 -
2024-05-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://domcom.info/baketrans/?judul=368MEGA
Frame ID: 1ECE54CA7D61ECB232C6F3FABB465577
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Link Situs 368MEGA Gacor Dan Gampang Menang

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Page Statistics

3
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

111 kB
Transfer

183 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
domcom.info/baketrans/ 		88 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://domcom.info/baketrans/?judul=368MEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
247d212765e24ebc97992b810e73f73880e48969b8632ef46f74e6c2b6e63263

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
869b88edebeeb98c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 02:40:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2feS7BjIQGFcVKLKdpE4PLKl0YcFY8pEa8d4ULiFz5cpGxYBmwbRWCPdPGaAi2iGZKr8lz1OTO%2FnPi8j7iSuKKHa2DuQgdJ7%2FSOtelUvbFZ2tTh%2Ba5lLYwDFLs44V6UuS738DIix1NB1Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
amp-audio-0.1.js
cdn.ampproject.org/v0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-audio-0.1.js
Requested by
Host: domcom.info
URL: https://domcom.info/baketrans/?judul=368MEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b6e226a0a175fc35b8aa191ec1089677129ae113fd09be7c5193d749c601d1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://domcom.info/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 25 Mar 2024 02:40:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4309
x-xss-protection
0
server
sffe
etag
"5e62aa6865f12981"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 25 Mar 2024 02:40:13 GMT
slotgacor_22607b52-8822-4e5a-83b9-5f8efdc7b6db.webp
ftp.practicdomus.es/cdn/shop/files/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ftp.practicdomus.es/cdn/shop/files/slotgacor_22607b52-8822-4e5a-83b9-5f8efdc7b6db.webp?v=1708196694
Requested by
Host: domcom.info
URL: https://domcom.info/baketrans/?judul=368MEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.65 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
3d71ab19aca08f18e3008204dd70c060719c396bbd39218a2e706fbf2793da04
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://domcom.info/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Mon, 25 Mar 2024 02:40:13 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,gcp-us-central1
age
521666
x-permitted-cross-domain-policies
none
source-type
image/webp
server-timing
imagery;dur=148.742, imageryFetch;dur=49.688, imageryProcess;dur=97.309;desc="image", cfRequestDuration;dur=13.999939
source-length
86172
content-length
84914
x-xss-protection
1; mode=block
x-sorting-hat-shopid
57001082998
x-request-id
95ba67d1-315c-4794-ac12-5df9c913475e-1710341937
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Mar 2024 14:58:58 GMT
server
cloudflare
x-download-options
noopen
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luIOCata20DwsN2T%2FgYjc1Pk2zZhcyVpIj4o06BC2MLyVegrBSBoUfKs3kr56x94ha8IqidDsD2i%2Bb6wmnzLkwZFrk%2BHzhGnhb3XQOgPrDMozGLy1MaxS6U6gd4gag0Rjd8MTU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
869b88f6ddd141e2-AMS
x-sorting-hat-podid
117

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP

0 Cookies