![](/screenshots/3b0058d8-cc2d-4e2b-a128-007de4c3eefd.png)
login.ekultur.org
Open in
urlscan Pro
54.155.191.85
Public Scan
Effective URL: https://login.ekultur.org/oauth2/authorize?client_id=7ouvf71v54qkpb1719233v0k2f&redirect_uri=https%3A%2F%2Fforum.ekultur.o...
Submission Tags: phishingrod
Submission: On October 31 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 14th 2023. Valid for: 3 months.
This is the only time login.ekultur.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 3 | 34.244.64.116 34.244.64.116 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 54.155.191.85 54.155.191.85 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.120.195.249 34.120.195.249 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
24 | 2600:9000:205... 2600:9000:2057:5a00:4:8dcd:9500:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 54.247.146.34 54.247.146.34 | 16509 (AMAZON-02) (AMAZON-02) | |
37 | 7 |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-244-64-116.eu-west-1.compute.amazonaws.com
discourse.dimu.org | |
forum.ekultur.org |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-191-85.eu-west-1.compute.amazonaws.com
login.ekultur.org |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o1289125.ingest.sentry.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-146-34.eu-west-1.compute.amazonaws.com
apigateway.dimu.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
locize.app
api.locize.app — Cisco Umbrella Rank: 78772 |
18 KB |
7 |
ekultur.org
2 redirects
forum.ekultur.org login.ekultur.org |
1 MB |
3 |
dimu.org
1 redirects
discourse.dimu.org apigateway.dimu.org |
1 KB |
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
2 KB |
1 |
sentry.io
o1289125.ingest.sentry.io |
333 B |
37 | 6 |
Domain | Requested by | |
---|---|---|
24 | api.locize.app |
login.ekultur.org
|
5 | login.ekultur.org |
login.ekultur.org
|
2 | apigateway.dimu.org |
login.ekultur.org
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
login.ekultur.org
|
2 | forum.ekultur.org | 2 redirects |
1 | o1289125.ingest.sentry.io |
login.ekultur.org
|
1 | discourse.dimu.org | 1 redirects |
37 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
kulturit.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.ekultur.org R3 |
2023-09-14 - 2023-12-13 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-25 - 2024-08-24 |
a year | crt.sh |
*.locize.app Amazon RSA 2048 M01 |
2023-09-09 - 2024-10-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.dimu.org Go Daddy Secure Certificate Authority - G2 |
2022-11-13 - 2023-12-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.ekultur.org/oauth2/authorize?client_id=7ouvf71v54qkpb1719233v0k2f&redirect_uri=https%3A%2F%2Fforum.ekultur.org%2Fauth%2Foauth2_basic%2Fcallback&response_type=code&state=36fea0df714870e9ed40890c923fc61a17a61b9a9548220b
Frame ID: 80A5777B85D8FF5062DAFF8C7E1E0FDA
Requests: 37 HTTP requests in this frame
Screenshot
![](/screenshots/3b0058d8-cc2d-4e2b-a128-007de4c3eefd.png)
Page Title
Ekultur loginPage URL History Show full URLs
-
https://discourse.dimu.org/
HTTP 301
https://forum.ekultur.org/ HTTP 302
https://forum.ekultur.org/auth/oauth2_basic HTTP 302
https://login.ekultur.org/oauth2/authorize?client_id=7ouvf71v54qkpb1719233v0k2f&redirect_uri=https%3A%... Page URL
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Read more
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://discourse.dimu.org/
HTTP 301
https://forum.ekultur.org/ HTTP 302
https://forum.ekultur.org/auth/oauth2_basic HTTP 302
https://login.ekultur.org/oauth2/authorize?client_id=7ouvf71v54qkpb1719233v0k2f&redirect_uri=https%3A%2F%2Fforum.ekultur.org%2Fauth%2Foauth2_basic%2Fcallback&response_type=code&state=36fea0df714870e9ed40890c923fc61a17a61b9a9548220b Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
37 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
authorize
login.ekultur.org/oauth2/ Redirect Chain
|
891 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
env-config.js
login.ekultur.org/ |
429 B 672 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 839 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.7d79c370.js
login.ekultur.org/static/js/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.328c6e00.css
login.ekultur.org/static/css/ |
372 B 606 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
o1289125.ingest.sentry.io/api/4504717781041152/envelope/ |
2 B 333 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translation
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en-US/ |
3 B 628 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translation
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en/ |
3 B 629 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translation
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/nb-NO/ |
3 B 630 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.main
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en-US/ |
3 B 629 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.newPassword
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en-US/ |
3 B 629 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.resetPassword
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en-US/ |
3 B 628 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.newUser
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en-US/ |
3 B 628 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.passwordForm
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en-US/ |
3 B 627 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.gdpr
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en-US/ |
3 B 629 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.main
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en/ |
528 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
095faf37-ea5c-4507-8479-11c300f40755
https://login.ekultur.org/ |
46 KB 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.newPassword
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en/ |
139 B 769 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.resetPassword
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en/ |
409 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.newUser
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en/ |
717 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.passwordForm
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en/ |
610 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.gdpr
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en/ |
245 B 725 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.main
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/nb-NO/ |
530 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.newPassword
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/nb-NO/ |
151 B 629 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.resetPassword
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/nb-NO/ |
492 B 956 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.newUser
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/nb-NO/ |
755 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.passwordForm
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/nb-NO/ |
608 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.gdpr
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/nb-NO/ |
441 B 922 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vm-admin.form
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en-US/ |
3 B 476 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vm-admin.form
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/en/ |
3 B 475 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vm-admin.form
api.locize.app/e54181f0-c2de-4f0b-90ce-84d5df542424/latest/nb-NO/ |
3 B 476 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
apigateway.dimu.org/app-registry/apps/ |
550 B 715 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ekultur.png
login.ekultur.org/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
apigateway.dimu.org/authz/identity-providers/ |
521 B 592 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| _env_ function| clearImmediate function| setImmediate object| regeneratorRuntime function| _ object| __SENTRY__ object| __sentry_instrumentation_handlers__2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
forum.ekultur.org/ | Name: destination_url Value: https%3A%2F%2Fforum.ekultur.org%2F |
|
forum.ekultur.org/ | Name: _forum_session Value: ZlE2RFA4UHBuZENPM1RCdG9PSVBscG1pZmNZc0VBanpLUHlCNHpsSnVNRkpwZDdzNzV1QjNHVGpaUTh1STJvanFiUkRTZSt5S3VzaGNKMGtNeThhSHprKzNhdG0vd2Zka2JCcXhFTEd0dTNKQzJLMk1sT1lmSlNWK3dPUG85QzJrb0NjNWVKSW8xWDdrUmdoY0RxQzB6dHlaT0ZZZ1Y5TE9PQTdzT2xDT1lvelRxcWJBcitHa015ZVdHSEZrNnRhNFFFTjE3Ty92SzdDcUEyRUN3TFp5WG1SaEtCM3ZxRXdqVWlJM2pZVE9BVmFMbTFmS2c0M0pxcDAvSGpLTFJkZi0tVXBXUGpaTkdEYUYvY0pUeE1US2lGdz09--28b600df93eeb5f5905d4892b8e1b3f82b7a9949 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15724800; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.locize.app
apigateway.dimu.org
discourse.dimu.org
fonts.googleapis.com
fonts.gstatic.com
forum.ekultur.org
login.ekultur.org
o1289125.ingest.sentry.io
2600:9000:2057:5a00:4:8dcd:9500:93a1
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
34.120.195.249
34.244.64.116
54.155.191.85
54.247.146.34
02356bf48306e29f7423600b33fc8216f766e407c587e95b45c06ffebafa5961
0ddc024214783c0167bb1ff56f23e058c285d58cb26a7b12d7c262d780afb738
0e2957175cfbdd3056a0be98f2979991f310e9676a772dfb268a9c5c84c59cd1
32dda1d9cf6dfd02718f011dfdc24bc748a48e62bbcd2ee4983075d4dcbae976
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ae8cc4532efe41df54f17f5e68c893dd1c30d6ddc498166aa1f153da94594cf
4d2e3e61857fbb0dd67f6bf88d1538286b45b07850b09cab0e657770e69bf991
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59c2e9facd1e5c50974dcbbc1e036d59cce60a3de9d22ac352bf5a855c90c764
5d3b2646b9203bf5d7d4539ec21092aa4b1643fe4907b6527be66a7964e60aaa
600603a74f009739da30c4e200502be71d3f6f91004b73b6269ee6e98af8b420
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8a237279cea0370c80b608374cf677a97098303d9662298ee8bdda543f5a6d76
96a1d497cc001da3a698fb8f35d6497ffe7408e3e3216f18f2bc44918fa30eb8
a0678061208035328f3c3909d65147333edc8dcf05efd169eae15b9f08f13243
a731137a3b93a3927a3391e564d13f4d857432e0b353aa04aa00a75f2095be57
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bf52ba2647446034b6452acbf781ca895a211f35aa8873803d4f15c83db434cf
c20b8d4e630ce0c4887da2e87e788458618b94c8b867a17d324cc80d82c7aa59
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d5d0c7e7d28545761619541d42c327c66437b1c8ff92eba309a6eb394fc879d2
ef47452efaef255e1ace38c25b2110c83e678a60a3c05d65a60058a254effab7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f716ba0eedae390cf0cf2de932f11c323ec1584d6d45eb35e25134a6c6f4449f
fad1a3d3667afea84006cb5bbd70645494c17fe1b6707abefc3a88908eaa3d83