lynku.jukminung.com
Open in
urlscan Pro
2606:4700:3032::6815:1cae
Public Scan
Effective URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1328374390&pubid=690067
Submission Tags: phishing
Submission: On March 01 via api from US — Scanned from DE
Summary
TLS certificate: Issued by E1 on January 20th 2023. Valid for: 3 months.
This is the only time lynku.jukminung.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 23.94.156.109 23.94.156.109 | 36352 (AS-COLOCR...) (AS-COLOCROSSING) | |
1 | 51.222.54.61 51.222.54.61 | 16276 (OVH) (OVH) | |
3 | 2606:4700:303... 2606:4700:3032::6815:1cae | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3030::6815:4a8d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
jukminung.com
lynku.jukminung.com |
26 KB |
1 |
addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 739430 |
1 KB |
1 |
ecstaticlane.com
ecstaticlane.com |
450 B |
1 |
kokuhatu.com
1 redirects
kokuhatu.com |
275 B |
0 |
sherlowcke.com
Failed
otto.sherlowcke.com Failed |
|
6 | 5 |
Domain | Requested by | |
---|---|---|
3 | lynku.jukminung.com |
ecstaticlane.com
|
1 | cdn.addlnk.com |
lynku.jukminung.com
|
1 | ecstaticlane.com | |
1 | kokuhatu.com | 1 redirects |
0 | otto.sherlowcke.com Failed |
lynku.jukminung.com
|
6 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ecstaticlane.com Sectigo RSA Domain Validation Secure Server CA |
2022-07-18 - 2023-08-02 |
a year | crt.sh |
*.jukminung.com E1 |
2023-01-20 - 2023-04-20 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-15 - 2023-05-15 |
a year | crt.sh |
This page contains 2 frames:
Frame:
https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pubbcd162ab7c854bda98c2e406fc87b228&2=690067
Frame ID: A61F9E1031D887CE956C851A0740D9F7
Requests: 4 HTTP requests in this frame
Frame:
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/cb/invisible.js?cb=7a14423859539bfb
Frame ID: 63BC7482562F7949BB9980233A3C3DD8
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://kokuhatu.com/vfr.cfc?f5Cp53.JhHjHg9gRV.j.L58k0.lD62N.jY.Lts.JY.N7H03.GCnY.jHhJw6
HTTP 302
https://ecstaticlane.com/1761614a0f2b3ccb800/14_890055_2702895/2241_2495795_4379792_14/915983175_84-1... Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1328374390&pubid=690067 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://kokuhatu.com/vfr.cfc?f5Cp53.JhHjHg9gRV.j.L58k0.lD62N.jY.Lts.JY.N7H03.GCnY.jHhJw6
HTTP 302
https://ecstaticlane.com/1761614a0f2b3ccb800/14_890055_2702895/2241_2495795_4379792_14/915983175_84-19-175-165 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1328374390&pubid=690067 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://kokuhatu.com/vfr.cfc?f5Cp53.JhHjHg9gRV.j.L58k0.lD62N.jY.Lts.JY.N7H03.GCnY.jHhJw6 HTTP 302
- https://ecstaticlane.com/1761614a0f2b3ccb800/14_890055_2702895/2241_2495795_4379792_14/915983175_84-19-175-165
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
915983175_84-19-175-165
ecstaticlane.com/1761614a0f2b3ccb800/14_890055_2702895/2241_2495795_4379792_14/ Redirect Chain
|
137 B 450 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
9e8aef8068
lynku.jukminung.com/rc/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.css
cdn.addlnk.com/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/cb/ Frame 63BC |
40 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 63BC |
16 KB 7 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
otto.sherlowcke.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- otto.sherlowcke.com
- URL
- https://otto.sherlowcke.com/?utm_medium=2c1d6fcd4cc55c1538e271f58234122bd508fe6f&utm_campaign=mainstream_redirect&1=fbbb5665&cid=pubbcd162ab7c854bda98c2e406fc87b228&2=690067
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ecstaticlane.com/ | Name: uid15295 Value: 1328374390-20230301154803-976374bdf3a3bd7e22c4190c1fc710bc- |
|
lynku.jukminung.com/ | Name: AWSALB Value: emlBo27mzAhANRORAPDOblZvk0iGAxBNFIX3ITuKuINYfTcYrai7bsdxwBvUcfEBSdqH3eRkwSrvCiyUl/jb2AgP58NsGZFFzBUGkv1C//7m24309X0lD+3uqZJj |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.addlnk.com
ecstaticlane.com
kokuhatu.com
lynku.jukminung.com
otto.sherlowcke.com
otto.sherlowcke.com
23.94.156.109
2606:4700:3030::6815:4a8d
2606:4700:3032::6815:1cae
51.222.54.61
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
88df790e38c5fe981503a2249471b55238ae2095847d62bff92a13a4e256d2fd
afc525bcd693caef7b6b6b1eeede1e1c9105cccdee960e75b4f1808d08cad731