infoppdb.smpn1probolinggo.sch.id
Open in
urlscan Pro
2001:df1:7800:2::3:623b
Malicious Activity!
Public Scan
Submission: On April 02 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 27th 2023. Valid for: 3 months.
This is the only time infoppdb.smpn1probolinggo.sch.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: GoDaddy (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 2001:df1:7800... 2001:df1:7800:2::3:623b | 58487 (CRI-AS-AP...) (CRI-AS-AP CV. Rumahweb Indonesia) | |
2 | 23.36.163.225 23.36.163.225 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2620:0:862:ed... 2620:0:862:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
6 | 3 |
ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID)
infoppdb.smpn1probolinggo.sch.id |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-225.deploy.static.akamaitechnologies.com
img6.wsimg.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
smpn1probolinggo.sch.id
1 redirects
infoppdb.smpn1probolinggo.sch.id |
61 KB |
2 |
wsimg.com
img6.wsimg.com — Cisco Umbrella Rank: 12111 |
83 KB |
1 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2601 |
24 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
4 | infoppdb.smpn1probolinggo.sch.id |
1 redirects
infoppdb.smpn1probolinggo.sch.id
|
2 | img6.wsimg.com |
infoppdb.smpn1probolinggo.sch.id
|
1 | upload.wikimedia.org |
infoppdb.smpn1probolinggo.sch.id
|
6 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.godaddy.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
infoppdb.smpn1probolinggo.sch.id R3 |
2023-02-27 - 2023-05-28 |
3 months | crt.sh |
*.wsimg.com Starfield Secure Certificate Authority - G2 |
2022-09-15 - 2023-10-17 |
a year | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-27 - 2023-11-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://infoppdb.smpn1probolinggo.sch.id/.well-known/.ind/
Frame ID: C622F9542B53E4635CB5E56725AACFE9
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Sign Incheckmarkchevron-down-ltinformationPage URL History Show full URLs
-
https://infoppdb.smpn1probolinggo.sch.id/.well-known/.ind
HTTP 301
https://infoppdb.smpn1probolinggo.sch.id/.well-known/.ind/ Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Phone numbers and hours
Search URL Search Domain Scan URL
Title: Get Help
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://infoppdb.smpn1probolinggo.sch.id/.well-known/.ind
HTTP 301
https://infoppdb.smpn1probolinggo.sch.id/.well-known/.ind/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
infoppdb.smpn1probolinggo.sch.id/.well-known/.ind/ Redirect Chain
|
61 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gd-sage-bold.woff2
img6.wsimg.com/ux/fonts/gd-sage/1.0/ |
39 KB 40 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdsherpa-vf.woff2
img6.wsimg.com/ux/fonts/sherpa/2.0/ |
43 KB 43 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
uxcore2.min.css
infoppdb.smpn1probolinggo.sch.id/.well-known/.ind/assets/ |
213 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
utilityheader.min.css
infoppdb.smpn1probolinggo.sch.id/.well-known/.ind/assets/ |
68 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1200px-Microsoft_365_logo.png
upload.wikimedia.org/wikipedia/commons/thumb/8/85/Microsoft_365_logo.png/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: GoDaddy (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
img6.wsimg.com
infoppdb.smpn1probolinggo.sch.id
upload.wikimedia.org
2001:df1:7800:2::3:623b
23.36.163.225
2620:0:862:ed1a::2:b
00bbba54fdcc0cc7da1cc479413af07ab56fa0ecd6f996a2282231fa25b7a47a
3efcb941aaddaf4aea08dab3fb97d3e904aa1b83264e64b4d5bda53bc7c798ec
89e3135e8430b71c9470eebafc1bb498233cdde661240a03d3e864fb59a890be
98b96617a0ed731573656acb8b9c9589e3ecd53fb38286a49a9a1271d643c7a0
d667b5a15ecf83f45b1c24e5731686ce914a58d060cec0ca72b0e68b6c21d820
d7cc03eb749374cd96cb663f7f0796c69389b1624235f4d280c6740780900fda