zgzlmdaxotzhy.tangeka.com Open in urlscan Pro
104.194.206.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://yme4z.ieslabsd.com/LPm3i0X8tzW/ndziytg4mm
Effective URL:
https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6
Submission: On November 19 via manual (November 19th 2024, 2:57:13 am UTC) from VN — Scanned from DE

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 7 HTTP transactions. The main IP is 104.194.206.44, located in Seattle, United States and belongs to SPARTANHOST Spartan Host Ltd, GB. The main domain is zgzlmdaxotzhy.tangeka.com.
TLS certificate: Issued by R10 on November 17th 2024. Valid for: 3 months.

This is the only time zgzlmdaxotzhy.tangeka.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.194.206.8 104.194.206.8	201106 (SPARTANHO...) (SPARTANHOST Spartan Host Ltd)
5	104.194.206.44 104.194.206.44	201106 (SPARTANHO...) (SPARTANHOST Spartan Host Ltd)
7	3

1 104.194.206.8 (Seattle, United States)

ASN201106 (SPARTANHOST Spartan Host Ltd, GB)

yme4z.ieslabsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.194.206.44 (Seattle, United States)

ASN201106 (SPARTANHOST Spartan Host Ltd, GB)
PTR: 104-194-206-44.spartanhost.net

zgzlmdaxotzhy.tangeka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	tangeka.com zgzlmdaxotzhy.tangeka.com	276 KB
1	ieslabsd.com yme4z.ieslabsd.com	397 B
0	wclgo1106.com Failed zjbmywnkn.wclgo1106.com Failed
7	3

	Domain	Requested by
5	zgzlmdaxotzhy.tangeka.com	yme4z.ieslabsd.com zgzlmdaxotzhy.tangeka.com
1	yme4z.ieslabsd.com
0	zjbmywnkn.wclgo1106.com Failed
7	3

This site contains no links.

Subject Issuer	Validity	Valid
*.ieslabsd.com R11	`2024-11-17` - `2025-02-15`	3 months	crt.sh
*.tangeka.com R10	`2024-11-17` - `2025-02-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6
Frame ID: CD1C00E920D4715BDB72E8083BC9A817
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trang Khuyet

Page URL History Show full URLs

https://yme4z.ieslabsd.com/LPm3i0X8tzW/ndziytg4mm Page URL
https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

276 kB
Transfer

1016 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://yme4z.ieslabsd.com/LPm3i0X8tzW/ndziytg4mm Page URL
https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	ndziytg4mm Show response yme4z.ieslabsd.com/LPm3i0X8tzW/	229 B 397 B	2840ms 322ms	Document text/html	104.194.206.8 SPARTANHOST Spart...
General Check archive.org Show headers Download Go to Full URL https://yme4z.ieslabsd.com/LPm3i0X8tzW/ndziytg4mm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.194.206.8 Seattle, United States, ASN201106 (SPARTANHOST Spartan Host Ltd, GB), Reverse DNS Software Cracker / Resource Hash `551ac2e3d39ecf5eddd2ef5fc909872bd70a199730c6d56fbd68437c7d08b445` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Cache-Control no-cache Connection keep-alive Content-Length 229 Content-Type text/html Date Tue, 19 Nov 2024 02:57:07 GMT Server Cracker
GET H/1.1	200 OK	Primary Request 5hj5n4 Show response zgzlmdaxotzhy.tangeka.com/	403 B 614 B	2027ms 352ms	Document text/html	104.194.206.44 SPARTANHOST Spart...
General Check archive.org Show headers Download Go to Full URL https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Requested by Host: yme4z.ieslabsd.com URL: https://yme4z.ieslabsd.com/LPm3i0X8tzW/ndziytg4mm Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.194.206.44 Seattle, United States, ASN201106 (SPARTANHOST Spartan Host Ltd, GB), Reverse DNS 104-194-206-44.spartanhost.net Software Cracker / Resource Hash `821a7006afd19dc89c75953344f83dd93719809a15be2c0db455699fd33234aa` Request headers Referer https://yme4z.ieslabsd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection keep-alive Content-Length 403 Content-Type text/html Date Tue, 19 Nov 2024 02:57:09 GMT Last-Modified Tue, 19 Nov 2024 02:30:00 GMT Server Cracker
GET H/1.1	200 OK	a4e3f4572fb054ac93fcd2ef65f88ea4.js Show response zgzlmdaxotzhy.tangeka.com/static/	981 KB 266 KB	368ms 367ms	Script application/javascript	104.194.206.44 SPARTANHOST Spart...
General Check archive.org Show headers Download Go to Full URL https://zgzlmdaxotzhy.tangeka.com/static/a4e3f4572fb054ac93fcd2ef65f88ea4.js Requested by Host: zgzlmdaxotzhy.tangeka.com URL: https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.194.206.44 Seattle, United States, ASN201106 (SPARTANHOST Spartan Host Ltd, GB), Reverse DNS 104-194-206-44.spartanhost.net Software Cracker / Resource Hash `86cebc43ceafd89ab89bacd2c1c395512a297290cd45c09d8c226c11dc7c3577` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zgzlmdaxotzhy.tangeka.com Referer https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Response headers Transfer-Encoding chunked X-Cache-Status HIT Content-Encoding gzip Connection keep-alive Date Tue, 19 Nov 2024 02:57:10 GMT Content-Type application/javascript Vary Accept-Encoding Server Cracker Last-Modified Tue, 19 Nov 2024 02:30:24 GMT
GET H/1.1	200 OK	f596bfc0554024defe0f9700d8b1f84e.css zgzlmdaxotzhy.tangeka.com/static/	24 KB 8 KB	546ms 183ms	Stylesheet text/css	104.194.206.44 SPARTANHOST Spart...
General Check archive.org Show headers Download Go to Full URL https://zgzlmdaxotzhy.tangeka.com/static/f596bfc0554024defe0f9700d8b1f84e.css Requested by Host: zgzlmdaxotzhy.tangeka.com URL: https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.194.206.44 Seattle, United States, ASN201106 (SPARTANHOST Spartan Host Ltd, GB), Reverse DNS 104-194-206-44.spartanhost.net Software Cracker / Resource Hash `168161f36d5a084e57a513e4f3f6af6b4bfb334d559af9c653838072198fc2bc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://zgzlmdaxotzhy.tangeka.com Referer https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Response headers Transfer-Encoding chunked X-Cache-Status HIT Content-Encoding gzip Connection keep-alive Date Tue, 19 Nov 2024 02:57:10 GMT Content-Type text/css Vary Accept-Encoding Server Cracker Last-Modified Tue, 19 Nov 2024 02:30:00 GMT
GET H/1.1	200 OK	getinfo Show response zgzlmdaxotzhy.tangeka.com/clientapi/app/	1 KB 954 B	353ms 353ms	XHR application/json	104.194.206.44 SPARTANHOST Spart...
General Check archive.org Show headers Download Go to Full URL https://zgzlmdaxotzhy.tangeka.com/clientapi/app/getinfo?appid=5hj5n4&android=true Requested by Host: zgzlmdaxotzhy.tangeka.com URL: https://zgzlmdaxotzhy.tangeka.com/static/a4e3f4572fb054ac93fcd2ef65f88ea4.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.194.206.44 Seattle, United States, ASN201106 (SPARTANHOST Spartan Host Ltd, GB), Reverse DNS 104-194-206-44.spartanhost.net Software Cracker / Resource Hash `b4a069310033bb02924da94e7b1506c8318558584928484eae1c8aba5670adc6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json, text/plain, / Referer https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Response headers Transfer-Encoding chunked Content-Encoding gzip Date Tue, 19 Nov 2024 02:57:11 GMT Content-Type application/json; charset=utf-8 Vary Accept-Encoding Connection keep-alive Server Cracker
GET H/1.1	403 Forbidden	favicon.ico zgzlmdaxotzhy.tangeka.com/	555 B 727 B	338ms 338ms	Other text/html	104.194.206.44 SPARTANHOST Spart...
General Check archive.org Show headers Download Go to Full URL https://zgzlmdaxotzhy.tangeka.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.194.206.44 Seattle, United States, ASN201106 (SPARTANHOST Spartan Host Ltd, GB), Reverse DNS 104-194-206-44.spartanhost.net Software Cracker / Resource Hash `31516d62ef17249b8a8b275a4eaab2fd9f21f573496da31371266038c4214144` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://zgzlmdaxotzhy.tangeka.com/5hj5n4?b00758=c3e6ad48a4c46b297979e188065108b6 Response headers X-Cache-Status MISS Content-Length 555 Date Tue, 19 Nov 2024 02:57:11 GMT Content-Type text/html Connection keep-alive Server Cracker
GET		5hj5n4_logo.png zjbmywnkn.wclgo1106.com/publicres/logo/	0 0

GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `11e05e5fed15d9257dc7c8a1ee2b5309be3f7e1697b32d84592029205c1b6c86` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	770 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `db01e6ae5462aabc71f2b43d32ad4993f3f6506da95fcd0567b415c45319816a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7e7e775a039a07a5181910638df41acd4cbfd804ece348979f77116a75383ce2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	674 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `aeb97e742dfeffd35e2cc8d5feb6798d9a97ac7dc7e66a96f43fd812d7f3dc07` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3f92f5f1557e1a19a3dd05b7647fba69631e419bf25d9b94b585b60046531ae8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zjbmywnkn.wclgo1106.com
URL: https://zjbmywnkn.wclgo1106.com/publicres/logo/5hj5n4_logo.png?t=55451

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://zgzlmdaxotzhy.tangeka.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

yme4z.ieslabsd.com
zgzlmdaxotzhy.tangeka.com
zjbmywnkn.wclgo1106.com
zjbmywnkn.wclgo1106.com
104.194.206.44
104.194.206.8
11e05e5fed15d9257dc7c8a1ee2b5309be3f7e1697b32d84592029205c1b6c86
168161f36d5a084e57a513e4f3f6af6b4bfb334d559af9c653838072198fc2bc
31516d62ef17249b8a8b275a4eaab2fd9f21f573496da31371266038c4214144
3f92f5f1557e1a19a3dd05b7647fba69631e419bf25d9b94b585b60046531ae8
551ac2e3d39ecf5eddd2ef5fc909872bd70a199730c6d56fbd68437c7d08b445
7e7e775a039a07a5181910638df41acd4cbfd804ece348979f77116a75383ce2
821a7006afd19dc89c75953344f83dd93719809a15be2c0db455699fd33234aa
86cebc43ceafd89ab89bacd2c1c395512a297290cd45c09d8c226c11dc7c3577
aeb97e742dfeffd35e2cc8d5feb6798d9a97ac7dc7e66a96f43fd812d7f3dc07
b4a069310033bb02924da94e7b1506c8318558584928484eae1c8aba5670adc6
db01e6ae5462aabc71f2b43d32ad4993f3f6506da95fcd0567b415c45319816a

zgzlmdaxotzhy.tangeka.com Open in urlscan Pro 104.194.206.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

276 kBTransfer

1016 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

zgzlmdaxotzhy.tangeka.com Open in urlscan Pro
104.194.206.44 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

276 kB
Transfer

1016 kB
Size

0
Cookies

7 HTTP transactions
5 data transactions