trk32.zzzperform.com
Open in
urlscan Pro
2606:4700:e0::ac40:6212
Public Scan
Submitted URL: https://s3.amazonaws.com/561df65g1h6d1fg61h/561df65g1h6d1fg61h.html#qs=r-acikacbgigggigeafgfbchgacbdkkkkgafbehcabababaiia...
Effective URL: https://trk32.zzzperform.com/l/27000695f96a812e27e0.js?sub=pub52824107c8fb43e2ad512295c491fff6&source=af806aa9
Submission: On October 05 via api from BE — Scanned from DE
Effective URL: https://trk32.zzzperform.com/l/27000695f96a812e27e0.js?sub=pub52824107c8fb43e2ad512295c491fff6&source=af806aa9
Submission: On October 05 via api from BE — Scanned from DE
Summary
This website contacted 8 IPs
in 3 countries
across 12 domains to perform 17 HTTP transactions.
The main IP is 2606:4700:e0::ac40:6212, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is trk32.zzzperform.com.
TLS certificate: Issued by E1 on October 1st 2022. Valid for: 3 months.
This is the only time trk32.zzzperform.com was scanned on urlscan.io!
TLS certificate: Issued by E1 on October 1st 2022. Valid for: 3 months.
This is the only time trk32.zzzperform.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 52.217.164.48 52.217.164.48 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 1 | 31.210.22.58 31.210.22.58 | 399471 (AS-SERVERION) (AS-SERVERION) | |
| 1 | 212.83.136.245 212.83.136.245 | 12876 (Online SAS) (Online SAS) | |
| 5 | 2606:4700:303... 2606:4700:3031::ac43:92ee | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 2606:4700:303... 2606:4700:3033::6815:1446 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 3 | 65.60.58.179 65.60.58.179 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
| 2 3 | 51.68.85.158 51.68.85.158 | 16276 (OVH) (OVH) | |
| 1 1 | 34.147.1.177 34.147.1.177 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 34.91.234.242 34.91.234.242 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 1 1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2606:4700:e0:... 2606:4700:e0::ac40:6212 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 17 | 8 |
1
52.217.164.48
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
| s3.amazonaws.com |
1
31.210.22.58
(Gambrills, United States)
ASN399471 (AS-SERVERION, US)
PTR: notionown.com
ASN399471 (AS-SERVERION, US)
PTR: notionown.com
| notionown.com |
1
212.83.136.245
(Maisons-Alfort, France)
ASN12876 (Online SAS, FR)
PTR: 212-83-136-245.rev.poneytelecom.eu
ASN12876 (Online SAS, FR)
PTR: 212-83-136-245.rev.poneytelecom.eu
| shabbyleaf.com |
5
2606:4700:3031::ac43:92ee
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| lynku.jukminung.com | |
| kixa.jukminung.com |
3
65.60.58.179
(United States)
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
| otto.sherlowcke.com |
1
34.147.1.177
(Groningen, Netherlands)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 177.1.147.34.bc.googleusercontent.com
| admoustache.go2affise.com |
1
34.91.234.242
(Groningen, Netherlands)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
| track.gositego.live |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
jukminung.com
lynku.jukminung.com kixa.jukminung.com — Cisco Umbrella Rank: 260728 |
24 KB |
| 3 |
wewillserv.com
2 redirects
www.wewillserv.com — Cisco Umbrella Rank: 646049 |
6 KB |
| 3 |
sherlowcke.com
otto.sherlowcke.com |
7 KB |
| 3 |
addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 261287 |
3 KB |
| 2 |
zzzperform.com
trk32.zzzperform.com |
12 KB |
| 1 |
carrytraff.com
1 redirects
carrytraff.com — Cisco Umbrella Rank: 324875 |
578 B |
| 1 |
gositego.live
1 redirects
track.gositego.live — Cisco Umbrella Rank: 207537 |
222 B |
| 1 |
myofferplus.com
myofferplus.com — Cisco Umbrella Rank: 359357 |
1 KB |
| 1 |
go2affise.com
1 redirects
admoustache.go2affise.com — Cisco Umbrella Rank: 225144 |
209 B |
| 1 |
shabbyleaf.com
shabbyleaf.com |
450 B |
| 1 |
notionown.com
1 redirects
notionown.com |
398 B |
| 1 |
amazonaws.com
s3.amazonaws.com |
454 B |
| 17 | 12 |
| Domain | Requested by | |
|---|---|---|
| 4 | lynku.jukminung.com |
shabbyleaf.com
s3.amazonaws.com lynku.jukminung.com |
| 3 | www.wewillserv.com |
2 redirects
otto.sherlowcke.com
|
| 3 | otto.sherlowcke.com |
lynku.jukminung.com
otto.sherlowcke.com |
| 3 | cdn.addlnk.com |
lynku.jukminung.com
myofferplus.com kixa.jukminung.com |
| 2 | trk32.zzzperform.com |
kixa.jukminung.com
s3.amazonaws.com |
| 1 | carrytraff.com | 1 redirects |
| 1 | kixa.jukminung.com |
myofferplus.com
|
| 1 | track.gositego.live | 1 redirects |
| 1 | myofferplus.com |
www.wewillserv.com
|
| 1 | admoustache.go2affise.com | 1 redirects |
| 1 | shabbyleaf.com |
s3.amazonaws.com
|
| 1 | notionown.com | 1 redirects |
| 1 | s3.amazonaws.com | |
| 17 | 13 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| s3.amazonaws.com Amazon |
2022-04-01 - 2023-03-30 |
a year | crt.sh |
| shabbyleaf.com Sectigo RSA Domain Validation Secure Server CA |
2022-06-13 - 2023-07-12 |
a year | crt.sh |
| *.jukminung.com E1 |
2022-09-19 - 2022-12-18 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-15 - 2023-05-15 |
a year | crt.sh |
| otto.sherlowcke.com R3 |
2022-09-13 - 2022-12-12 |
3 months | crt.sh |
| www.wewillserv.com R3 |
2022-08-10 - 2022-11-08 |
3 months | crt.sh |
| *.zzzperform.com E1 |
2022-10-01 - 2022-12-30 |
3 months | crt.sh |
This page contains 2 frames:
Frame:
https://trk32.zzzperform.com/l/27000695f96a812e27e0.js?sub=pub52824107c8fb43e2ad512295c491fff6&source=af806aa9&code=2aY3VvBDU7PDtBPDxDPkBDQUIRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdAVhrcTc3BntrcQsLdYQPQEZBQhN9fRdISklKG32UH1BWUVIjhY0nWFpZMAF2fQU1Bml9cm4MDHB5dBFCEnZ-eBdHGIiMiZAeHpWOhSNqk5SNk41JSW9lMQRteW1rCn59gXIOdYJ.E3l1gYl8GI57HGmMmIiMjYNSWVNWR1CAaW9mcnt4JlVcKTs7Oj1JL2d6gElIUDaPTk1DO12NjouFeIeFb46aVl1cNy81OSQtUU9cVlY3LHl3enUxWXh3gIVAOFyCjYuKg05RUVhRVFNbWVxiLjozI1dmbGh6cjlAP0Q8QkYRc4kVTRZ7hRpSG31RUSBQUVNTVFUmiFxdATEyA3drBzc4OToLcnMPQEFBEnZ8eRdIGH.GkR2Df4uThiKGjJInWFlaAG1wagU2Njc4CX1-fnQPQEFCQ0RFRRaGi3yKkB0djpGElJeFJVdWV1tZMTE5A2l7cnUJPD0LfnJ0EBCDdHZ3FkdHSk5LTFFQHoKOlZIkJJyUlCkpd2hueQVOdHttdSpUenA8D3N1eRRFRkdISUpLTExNTlBRUVJUVVZXWFlaMTIzNDU2Nzg5Ojo8PT4-QEFCQ0RFRkZISUpLTE1OT1BRUlNUVVZXWFhaAGRreAU2Nzg4Ojs8PT4-QEFCQ0RFRUdHSUpLTE0dlZSUIplRVGCdVYFfVlc9ejJ3OnV2d3hGgzt6Q35-gIFPjESLTo5VkkpiaYxYdyKOkJONKI2XLVZVPmlzBnl8fQs7DHlvfhERen.HFkYXho0bTE1NTlBQUVNUJJyKKFlaMGM0A2d3fghLcXx6eXIuX1RXMmOAin2AhpWDiZCCkI2BjU.TiItTnZGOd2Z0PkdteHZ1bipbUFMuZXl2iXiGkYN-gn98iICEgYWKg4SThYqVkZePb2lxaGpsb2xwc2t0R1tvg3mHdzNXgX98ho2WhIqRg5GOgo5QkoaJk1WZbHZpbHIFeWpsCjw-DIB.cxFDRhN4hYgYSRmIfoAeV01UIY.XlCZXXA__&_tdf=20
Frame ID: 2C550AA892AEC88ED6A8F15358B888DA
Requests: 14 HTTP requests in this frame
Frame:
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1664928000
Frame ID: A2E6981DF1E219D6945214720C8BA201
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Loading...Page URL History Show full URLs
- https://s3.amazonaws.com/561df65g1h6d1fg61h/561df65g1h6d1fg61h.html Page URL
-
http://notionown.com/qs=r-acikacbgigggigeafgfbchgacbdkkkkgafbehcabababaiiadeeaccacjkcaddefacdeiebacb
HTTP 302
https://shabbyleaf.com/17649662af2514d4000/40361_10299995_11/179_1057555753_0_0_0_4540165_77_2234_1... Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1291428959&pubid=690437 Page URL
- https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream... Page URL
- https://otto.sherlowcke.com/?utm_term=7150832020543766543&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
- https://otto.sherlowcke.com/proc.php?79e543c35031da6ea8c15a25c52601b08549f083 Page URL
- https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7150832020543766543&website... Page URL
-
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7150832020543766543&website...
HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7150832020543766543&website... HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330003ba978a07b0ca5b4463510e7493... HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=633cdbd6b09cbb0001cab0a0&pubid=503 Page URL
-
https://track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub440407bac32d41ac8cc5236b7768d...
HTTP 302
https://kixa.jukminung.com/rc/19aff8b744?affclick=633cdbd7fe1fe600011e2bcd&pubid=930_f31e77b4_503 Page URL
-
https://carrytraff.com/l/27000695f96a812e27e0?sub=pub52824107c8fb43e2ad512295c491fff6&source=af806aa9
HTTP 302
https://trk32.zzzperform.com/l/27000695f96a812e27e0.js?sub=pub52824107c8fb43e2ad512295c491fff6&source=af8... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://s3.amazonaws.com/561df65g1h6d1fg61h/561df65g1h6d1fg61h.html Page URL
-
http://notionown.com/qs=r-acikacbgigggigeafgfbchgacbdkkkkgafbehcabababaiiadeeaccacjkcaddefacdeiebacb
HTTP 302
https://shabbyleaf.com/17649662af2514d4000/40361_10299995_11/179_1057555753_0_0_0_4540165_77_2234_123730_10299995_10_1891/77 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1291428959&pubid=690437 Page URL
- https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=0441a9aa&cid=pub03d79761f707412fbab29388cf2ca03c&2=690437 Page URL
- https://otto.sherlowcke.com/?utm_term=7150832020543766543&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9e Page URL
- https://otto.sherlowcke.com/proc.php?79e543c35031da6ea8c15a25c52601b08549f083 Page URL
- https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7150832020543766543&website=13260-ba0efb09-2bd39989&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d Page URL
-
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7150832020543766543&website=13260-ba0efb09-2bd39989&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=498b771e991e113cf8f2a67af88844f7&eyer=0.07195657810218226&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com
HTTP 302
https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7150832020543766543&website=13260-ba0efb09-2bd39989&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.07195657810218226&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330003ba978a07b0ca5b4463510e7493474d31005-202210-flb*5467509-4538f*M7150832020543766543*sl_5467509-4538f*850614544f846091dfa16d2e1e6bea6f5c5e813e*13260-ba0efb09-2bd39989*13260 HTTP 302
https://myofferplus.com/rc/a91581ead4?affclick=633cdbd6b09cbb0001cab0a0&pubid=503 Page URL
-
https://track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub440407bac32d41ac8cc5236b7768d095&sub2=f31e77b4_503
HTTP 302
https://kixa.jukminung.com/rc/19aff8b744?affclick=633cdbd7fe1fe600011e2bcd&pubid=930_f31e77b4_503 Page URL
-
https://carrytraff.com/l/27000695f96a812e27e0?sub=pub52824107c8fb43e2ad512295c491fff6&source=af806aa9
HTTP 302
https://trk32.zzzperform.com/l/27000695f96a812e27e0.js?sub=pub52824107c8fb43e2ad512295c491fff6&source=af806aa9 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://notionown.com/qs=r-acikacbgigggigeafgfbchgacbdkkkkgafbehcabababaiiadeeaccacjkcaddefacdeiebacb HTTP 302
- https://shabbyleaf.com/17649662af2514d4000/40361_10299995_11/179_1057555753_0_0_0_4540165_77_2234_123730_10299995_10_1891/77
- https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7150832020543766543&website=13260-ba0efb09-2bd39989&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=498b771e991e113cf8f2a67af88844f7&eyer=0.07195657810218226&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
- https://www.wewillserv.com/?sl=5467509-4538f&data1=Track1&data2=Track2&tag=M7150832020543766543&website=13260-ba0efb09-2bd39989&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2fbf8f4f3f3f2fce2eeeee8ede7e9ee9d&eyeg=3&eyer=0.07195657810218226&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=otto.sherlowcke.com HTTP 302
- https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=330003ba978a07b0ca5b4463510e7493474d31005-202210-flb*5467509-4538f*M7150832020543766543*sl_5467509-4538f*850614544f846091dfa16d2e1e6bea6f5c5e813e*13260-ba0efb09-2bd39989*13260 HTTP 302
- https://myofferplus.com/rc/a91581ead4?affclick=633cdbd6b09cbb0001cab0a0&pubid=503
- https://track.gositego.live/sl?id=62dfc1354b8cd38db57f7466&pid=930&sub1=pub440407bac32d41ac8cc5236b7768d095&sub2=f31e77b4_503 HTTP 302
- https://kixa.jukminung.com/rc/19aff8b744?affclick=633cdbd7fe1fe600011e2bcd&pubid=930_f31e77b4_503
17 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
561df65g1h6d1fg61h.html
s3.amazonaws.com/561df65g1h6d1fg61h/ |
99 B 454 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
77
shabbyleaf.com/17649662af2514d4000/40361_10299995_11/179_1057555753_0_0_0_4540165_77_2234_123730_10299995_10_1891/ Redirect Chain
|
137 B 450 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9e8aef8068
lynku.jukminung.com/rc/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
redirect.css
cdn.addlnk.com/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame A2E6 |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame A2E6 |
22 KB 8 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
otto.sherlowcke.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
755255962fd791ea
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame A2E6 |
2 B 700 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
otto.sherlowcke.com/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
proc.php
otto.sherlowcke.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
www.wewillserv.com/ |
5 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
a91581ead4
myofferplus.com/rc/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
redirect.css
cdn.addlnk.com/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
19aff8b744
kixa.jukminung.com/rc/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
redirect.css
cdn.addlnk.com/ |
1 KB 1008 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
27000695f96a812e27e0.js
trk32.zzzperform.com/l/ Redirect Chain
|
36 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
27000695f96a812e27e0.js
trk32.zzzperform.com/l/ |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Y6VV number| r4nnnn number| l4nnnn number| t6u function| EKm8V9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| shabbyleaf.com/ | Name: uid15295 Value: 1291428959-20221004212021-76c586ff4a5416ca2ea62bcb520bb4e9- |
|
| lynku.jukminung.com/ | Name: AWSALB Value: 4EjgyhvL4tEY7n/wtTBQBB1/AtjLS5e4UPIVz9JvkaKADQU3Guue+Ev7dFc8sf6jJQKFYWbwny2JU35aaiKgss8+FCKIUS4tcsh1IRJLqOH3iZfpT1KIEbsO82ey |
|
| .jukminung.com/ | Name: __cf_bm Value: RtWCYkR9GsG42NSX40nIUc9amSaqGxtaBmwRcs6hs_A-1664932822-0-AUR0I0jZ2P3veoj8CtcoNZu8dFEG23nTIfnQ4VH95moc5M+9eFkGphh8CVVkT8mEuPAu1KaYXhQlGo2/Q+CqiDmaKI3IviYGChdKqoPpE0ILeeYC5Qkue49ewxrXdMFvsg== |
|
| otto.sherlowcke.com/ | Name: u Value: 9266b837a1ea72df47157d1314564007 |
|
| admoustache.go2affise.com/ | Name: afclick Value: 633cdbd6b09cbb0001cab0a0 |
|
| myofferplus.com/ | Name: AWSALB Value: 5ZCFVFQZzlq4KdB6GxidNDzV8WoAncIbOMp82esKxuTOre6iyeA+qoUsspfYGZDJsNjAF1QhVfb8bJmvaAE2MS0CWhvsZ154JM7pGtcxTV9mClXm67qWhWRXez4H |
|
| track.gositego.live/ | Name: afclick Value: 633cdbd7fe1fe600011e2bcd |
|
| kixa.jukminung.com/ | Name: AWSALB Value: Y3WK6an4gM1VCnoqClWB6iVkGi7VD6fmvy2Ta+eRczq9uhV2/LLvOb7O/cgrqP4C4uhBuEHTtnb2+AX16AS7/gL2Im+UMsmsrAHkX872NOxN0iHgwZN8oUKY2pgb |
|
| trk32.zzzperform.com/ | Name: BSESSID Value: trk68de795d-188c-4612-89a5-564426fd1cfb |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
admoustache.go2affise.com
carrytraff.com
cdn.addlnk.com
kixa.jukminung.com
lynku.jukminung.com
myofferplus.com
notionown.com
otto.sherlowcke.com
s3.amazonaws.com
shabbyleaf.com
track.gositego.live
trk32.zzzperform.com
www.wewillserv.com
212.83.136.245
2606:4700:3031::ac43:92ee
2606:4700:3033::6815:1446
2606:4700:e0::ac40:6212
2a06:98c1:3120::3
2a06:98c1:3121::3
31.210.22.58
34.147.1.177
34.91.234.242
51.68.85.158
52.217.164.48
65.60.58.179
07fd4fb7621ae53489c2785e22b081a8409d9c46e2af2287d3be4d740eee3f43
29eddce2034a37edddd7b743551f12f50cddbdf80690919b7e597bb78e5b416a
52e83aa880bb3f19fbccce3abc8a568b2adc8b0392da1c828266bd572ee67b2d
6c23831b3b0b1569020d1076c9e60a5850f16e201abe9327ebfcc51f7bcfc823
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
d3c5af8311a21d8a7f866e54116be8491af24855bccb8a2cbc57d6d896531e09
d69e101dcd02c20ed1c5153b0a89363a6109ff5e18f863683cc84761a6bca94c
f2a9df674e179fc4f22a9f96833b92fd6a8149b0a64c47e18a8c9fd0a92a205a