jn0k.unlversalfamily.com Open in urlscan Pro
162.213.255.79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1py4.marciaedarrell.com.br./KY#aHR0cDovL21hbWRhbGF5LmNvbT9qc2k9NjE2NjcyNjk2MzYxNDA2ZTcyNjM2MzJlNjM2ZjZkJnNob3c=
Effective URL:
https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c
Submission: On November 30 via manual (November 30th 2022, 7:56:09 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 13 HTTP transactions. The main IP is 162.213.255.79, located in United States and belongs to NAMECHEAP-NET, US. The main domain is jn0k.unlversalfamily.com.
TLS certificate: Issued by R3 on November 30th 2022. Valid for: 3 months.

This is the only time jn0k.unlversalfamily.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	162.241.60.111 162.241.60.111	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 5	162.213.255.79 162.213.255.79	22612 (NAMECHEAP...) (NAMECHEAP-NET)
6	108.156.172.115 108.156.172.115	16509 (AMAZON-02) (AMAZON-02)
13	4

2 162.241.60.111 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-60-111.unifiedlayer.com

1py4.marciaedarrell.com.br.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.213.255.79 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server283-1.web-hosting.com

mamdalay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jn0k.unlversalfamily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.156.172.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-172-115.cmh68.r.cloudfront.net

ok12static.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	oktacdn.com ok12static.oktacdn.com — Cisco Umbrella Rank: 26496	260 KB
4	unlversalfamily.com jn0k.unlversalfamily.com jn0k.kerberos.unlversalfamily.com Failed	14 KB
2	com.br. 1py4.marciaedarrell.com.br.	17 KB
1	mamdalay.com 1 redirects mamdalay.com	750 B
13	4

	Domain	Requested by
6	ok12static.oktacdn.com	jn0k.unlversalfamily.com
4	jn0k.unlversalfamily.com	1py4.marciaedarrell.com.br. ok12static.oktacdn.com jn0k.unlversalfamily.com
2	1py4.marciaedarrell.com.br.	1py4.marciaedarrell.com.br.
1	mamdalay.com	1 redirects
0	jn0k.kerberos.unlversalfamily.com Failed	ok12static.oktacdn.com
13	5

This site contains links to these domains. Also see Links.

Domain
cpanel.com
go.cpanel.net

Subject Issuer	Validity	Valid
*.unlversalfamily.com R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-22` - `2023-01-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c
Frame ID: C1FEF6D6B52DC62E0ECF93ECF04FC1E2
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Not Found

Page URL History Show full URLs

http://1py4.marciaedarrell.com.br./KY Page URL
http://mamdalay.com/?jsi=616672696361406e7263632e636f6d&show HTTP 302
https://jn0k.unlversalfamily.com/?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1... Page URL
https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

77 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

292 kB
Transfer

515 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://cpanel.com/?utm_source=cpanelwhm&utm_medium=cplogo&utm_content=logolink&utm_campaign=404referral

Search URL Search Domain Scan URL

URL: https://go.cpanel.net/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1py4.marciaedarrell.com.br./KY Page URL
http://mamdalay.com/?jsi=616672696361406e7263632e636f6d&show HTTP 302
https://jn0k.unlversalfamily.com/?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1Pu2O22evaFNWt6mKXt7mco5AOoQVWDeVyEAODl1tUa3dNcAKv5aN3Du2AmxFqt8YzRvX5JaSixFjiJfAFLcrLslFLqHqUwq45C5SUEL2GbnqJlk1fVKMl36pkBgVPIgBezOcha7pTo0g69ltruTbgquQTcwIlJIIoOFgNA9VVXzBEHrAMTmP98EcSBHAkZjCjF44ggDPy0Y0g9QRq2ojZtgVTA2OX5VOQaOzqrmDidCWvTaId1koTP6KmmpbLCsHfs1V9kez6GrpI8FW5fvLLha Page URL
https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://mamdalay.com/?jsi=616672696361406e7263632e636f6d&show HTTP 302
https://jn0k.unlversalfamily.com/?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1Pu2O22evaFNWt6mKXt7mco5AOoQVWDeVyEAODl1tUa3dNcAKv5aN3Du2AmxFqt8YzRvX5JaSixFjiJfAFLcrLslFLqHqUwq45C5SUEL2GbnqJlk1fVKMl36pkBgVPIgBezOcha7pTo0g69ltruTbgquQTcwIlJIIoOFgNA9VVXzBEHrAMTmP98EcSBHAkZjCjF44ggDPy0Y0g9QRq2ojZtgVTA2OX5VOQaOzqrmDidCWvTaId1koTP6KmmpbLCsHfs1V9kez6GrpI8FW5fvLLha

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found KY
1py4.marciaedarrell.com.br./ 13 KB
14 KB 194ms
44ms Document
text/html 162.241.60.111
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://1py4.marciaedarrell.com.br./KY
Protocol: HTTP/1.1
Server: 162.241.60.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-111.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Upgrade, Keep-Alive
Content-Type: text/html
Date: Wed, 30 Nov 2022 19:56:02 GMT
Keep-Alive: timeout=5, max=75
Server: Apache
Transfer-Encoding: chunked
Upgrade: h2,h2c

GET
H/1.1 200
OK server_misconfigured.png
1py4.marciaedarrell.com.br./img-sys/ 3 KB
3 KB 61ms
39ms Image
image/png 162.241.60.111
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://1py4.marciaedarrell.com.br./img-sys/server_misconfigured.png
Requested by: Host: 1py4.marciaedarrell.com.br.
URL: http://1py4.marciaedarrell.com.br./KY
Protocol: HTTP/1.1
Server: 162.241.60.111 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-60-111.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://1py4.marciaedarrell.com.br./KY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Wed, 30 Nov 2022 19:56:02 GMT
Last-Modified: Thu, 11 Aug 2022 21:06:13 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 3164

GET
H2

200

/ Show response
jn0k.unlversalfamily.com/
Redirect Chain

http://mamdalay.com/?jsi=616672696361406e7263632e636f6d&show
https://jn0k.unlversalfamily.com/?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1Pu2O22evaFNWt6mKXt7mco5AOoQVWDeVyEAODl1tUa3dNcAKv5aN3Du2AmxFqt8YzRvX5JaSixFjiJfAFLcrLslF...

4 KB
2 KB

2236ms
1985ms

Document
text/html

162.213.255.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jn0k.unlversalfamily.com/?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1Pu2O22evaFNWt6mKXt7mco5AOoQVWDeVyEAODl1tUa3dNcAKv5aN3Du2AmxFqt8YzRvX5JaSixFjiJfAFLcrLslFLqHqUwq45C5SUEL2GbnqJlk1fVKMl36pkBgVPIgBezOcha7pTo0g69ltruTbgquQTcwIlJIIoOFgNA9VVXzBEHrAMTmP98EcSBHAkZjCjF44ggDPy0Y0g9QRq2ojZtgVTA2OX5VOQaOzqrmDidCWvTaId1koTP6KmmpbLCsHfs1V9kez6GrpI8FW5fvLLha
Requested by: Host: 1py4.marciaedarrell.com.br.
URL: http://1py4.marciaedarrell.com.br./KY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server283-1.web-hosting.com
Software: LiteSpeed / PHP/7.1.33
Resource Hash: 7f12bdce0910c9aa30bf5bb89e5315cee7e09369c8cd6821f960d50f4e0e82e9

Request headers

Referer: http://1py4.marciaedarrell.com.br./
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2034
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 19:56:04 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
x-turbo-charged-by: LiteSpeed

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-length: 1413
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 19:56:02 GMT
keep-alive: timeout=5, max=100
location: https://jN0k.unlversalfamily.com?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1Pu2O22evaFNWt6mKXt7mco5AOoQVWDeVyEAODl1tUa3dNcAKv5aN3Du2AmxFqt8YzRvX5JaSixFjiJfAFLcrLslFLqHqUwq45C5SUEL2GbnqJlk1fVKMl36pkBgVPIgBezOcha7pTo0g69ltruTbgquQTcwIlJIIoOFgNA9VVXzBEHrAMTmP98EcSBHAkZjCjF44ggDPy0Y0g9QRq2ojZtgVTA2OX5VOQaOzqrmDidCWvTaId1koTP6KmmpbLCsHfs1V9kez6GrpI8FW5fvLLha#loginScreen
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.1.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery-1.12.4.f0c25d68f3a45b1c99ecd61b21ea6c8c.js Show response
ok12static.oktacdn.com/assets/js/ 288 KB
101 KB 111ms
26ms Script
application/javascript 108.156.172.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/jquery-1.12.4.f0c25d68f3a45b1c99ecd61b21ea6c8c.js

Requested by

Host: jn0k.unlversalfamily.com
URL: https://jn0k.unlversalfamily.com/?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1Pu2O22evaFNWt6mKXt7mco5AOoQVWDeVyEAODl1tUa3dNcAKv5aN3Du2AmxFqt8YzRvX5JaSixFjiJfAFLcrLslFLqHqUwq45C5SUEL2GbnqJlk1fVKMl36pkBgVPIgBezOcha7pTo0g69ltruTbgquQTcwIlJIIoOFgNA9VVXzBEHrAMTmP98EcSBHAkZjCjF44ggDPy0Y0g9QRq2ojZtgVTA2OX5VOQaOzqrmDidCWvTaId1koTP6KmmpbLCsHfs1V9kez6GrpI8FW5fvLLha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-115.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

fa8d06777006ade2f99117db1b55f67159ce977f52fdb04f373b1a93e70c7f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://jn0k.unlversalfamily.com/
Origin: https://jn0k.unlversalfamily.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 23:11:45 GMT
x-amz-meta-sha1sum: 5d791abfb02ff8c1143ded1af1c89dd68a7bfc35
content-encoding: gzip
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 74659
x-cache: Hit from cloudfront
last-modified: Tue, 29 Nov 2022 22:34:45 GMT
server: nginx
etag: W/"f0c25d68f3a45b1c99ecd61b21ea6c8c"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: JSf-ePca17BORj-b55D5kuLgadm0ZnccaHQ6HNERM8LClqAJ5an-kA==
expires: Wed, 29 Nov 2023 23:11:45 GMT

GET
H2 200 jquery-migrate-1.3.0.f3e119df020e0fcf61d086d06b63c9a3.js Show response
ok12static.oktacdn.com/assets/js/ 22 KB
9 KB 150ms
66ms Script
application/javascript 108.156.172.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/jquery-migrate-1.3.0.f3e119df020e0fcf61d086d06b63c9a3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-115.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

b579f84836a97835b2e0d495b7a60ec1bdf334709bbebcf521c09e30754b196f

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://jn0k.unlversalfamily.com/
Origin: https://jn0k.unlversalfamily.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 08:47:25 GMT
x-amz-cf-pop: CMH68-P1
age: 212919
x-cache: Hit from cloudfront
last-modified: Mon, 17 Aug 2020 19:14:08 GMT
server: nginx
etag: W/"f3e119df020e0fcf61d086d06b63c9a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: zJYd02JxuOsNyRaIDQ_LPapJ923TQcVYA6k2WrFrWwhQCJ3W7oYenw==
expires: Tue, 28 Nov 2023 08:47:25 GMT

GET
H2 200 dssoPreCheck.136a50e3e54c5d7629825f309391b5fa.js Show response
ok12static.oktacdn.com/assets/js/app/active_directory/ 7 KB
3 KB 148ms
65ms Script
application/javascript 108.156.172.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/app/active_directory/dssoPreCheck.136a50e3e54c5d7629825f309391b5fa.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-115.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

f5662c6b65138cf94a359babb8a426598f925f4f49a3f80534193755596814bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://jn0k.unlversalfamily.com/
Origin: https://jn0k.unlversalfamily.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
date: Fri, 25 Nov 2022 09:44:43 GMT
x-amz-cf-pop: CMH68-P1
age: 468681
x-cache: Hit from cloudfront
last-modified: Tue, 06 Oct 2020 20:30:27 GMT
server: nginx
etag: W/"136a50e3e54c5d7629825f309391b5fa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: BdIx4GERGzzekEVCno8erDJonqhul8n6Q5DTLG52A1OeI8iGZgPiWQ==
expires: Sat, 25 Nov 2023 09:44:43 GMT

GET
H2 200 dssoPreCheckWorker.76c831049921a9982c1869ee897e1b34.js Show response
ok12static.oktacdn.com/assets/js/app/active_directory/ 814 B
1 KB 150ms
67ms Script
application/javascript 108.156.172.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/js/app/active_directory/dssoPreCheckWorker.76c831049921a9982c1869ee897e1b34.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-115.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

7a2ba96a25312028a921554bfed32afd1b88e71a248cc34a69c92a7ff58ec6db

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Referer: https://jn0k.unlversalfamily.com/
Origin: https://jn0k.unlversalfamily.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 08:01:47 GMT
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 1338857
x-cache: Hit from cloudfront
last-modified: Mon, 17 Aug 2020 19:18:08 GMT
server: nginx
etag: W/"76c831049921a9982c1869ee897e1b34"
vary: Accept-Encoding
content-type: application/javascript
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: 4eZwYAF0etdfhjqLZh20ZWViIwvmTreY3REMlu3PT8e-trRq84uUAg==
expires: Wed, 15 Nov 2023 08:01:47 GMT

GET
H2 200 interstitial.0853bbe594160e5608c40b3c3e3f680d.css
ok12static.oktacdn.com/assets/css/sections/ 8 KB
3 KB 158ms
44ms Stylesheet
text/css 108.156.172.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ok12static.oktacdn.com/assets/css/sections/interstitial.0853bbe594160e5608c40b3c3e3f680d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-115.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

18b485a41cd34d42b48932730c71f668984b961260b10648c0607524d46a7a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jn0k.unlversalfamily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 12:33:06 GMT
strict-transport-security: max-age=315360000; includeSubDomains
content-encoding: gzip
via: 1.1 bd91400ba7aab7602cc8608c81e2cf80.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 1322578
x-cache: Hit from cloudfront
last-modified: Tue, 23 Aug 2022 21:29:54 GMT
server: nginx
etag: W/"0853bbe594160e5608c40b3c3e3f680d"
vary: Accept-Encoding
content-type: text/css
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
access-control-allow-origin: *
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
x-amz-cf-id: mIWhUxiS_bCKVWPlBLy5RTfiIL6Az-RLIA9aUGu6Ci7MTOG7bgDfLw==
expires: Wed, 15 Nov 2023 12:33:06 GMT

GET
H2 200 interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif
ok12static.oktacdn.com/assets/img/ui/indicators/ 143 KB
144 KB 155ms
155ms Image
image/gif 108.156.172.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok12static.oktacdn.com/assets/img/ui/indicators/interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.172.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-172-115.cmh68.r.cloudfront.net

Software

nginx /

Resource Hash

3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jn0k.unlversalfamily.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=315360000; includeSubDomains
date: Sun, 13 Nov 2022 14:05:11 GMT
via: 1.1 bd91400ba7aab7602cc8608c81e2cf80.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P1
age: 1489853
x-cache: Hit from cloudfront
content-length: 146495
last-modified: Wed, 15 Dec 2021 01:36:12 GMT
server: nginx
etag: "d4ca51b5579d1772af159f12276beb72"
content-type: image/gif
access-control-allow-origin: *
public-key-pins-report-only: pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly"
cache-control: max-age=31536000, public,max-age=31536000,s-maxage=1814400
accept-ranges: bytes
x-amz-cf-id: Hp3NdBo-Znqsy0RTHDJ7U63KcoWQEm6jO2BXX9ROb22ma8Rs4dmX7w==
expires: Mon, 13 Nov 2023 14:05:11 GMT

GET agentlessDssoPrecheck
jn0k.kerberos.unlversalfamily.com/api/internal/v1/ 0
0

GET
H2 404 Primary Request 00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c Show response
jn0k.unlversalfamily.com/login/interact/ 13 KB
6 KB 79ms
79ms Document
text/html 162.213.255.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c
Requested by: Host: ok12static.oktacdn.com
URL: https://ok12static.oktacdn.com/assets/js/app/active_directory/dssoPreCheck.136a50e3e54c5d7629825f309391b5fa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server283-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: a432ff225325b7ac5a84819dde5f2ff2ae7c8ff5a711aa2473f5b3bfb9fc82dd

Request headers

Referer: https://jn0k.unlversalfamily.com/?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1Pu2O22evaFNWt6mKXt7mco5AOoQVWDeVyEAODl1tUa3dNcAKv5aN3Du2AmxFqt8YzRvX5JaSixFjiJfAFLcrLslFLqHqUwq45C5SUEL2GbnqJlk1fVKMl36pkBgVPIgBezOcha7pTo0g69ltruTbgquQTcwIlJIIoOFgNA9VVXzBEHrAMTmP98EcSBHAkZjCjF44ggDPy0Y0g9QRq2ojZtgVTA2OX5VOQaOzqrmDidCWvTaId1koTP6KmmpbLCsHfs1V9kez6GrpI8FW5fvLLha
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 30 Nov 2022 19:56:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 server_misconfigured.png
jn0k.unlversalfamily.com/img-sys/ 3 KB
3 KB 79ms
79ms Image
image/png 162.213.255.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jn0k.unlversalfamily.com/img-sys/server_misconfigured.png
Requested by: Host: jn0k.unlversalfamily.com
URL: https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server283-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:56:05 GMT
last-modified: Tue, 28 Oct 2014 01:09:05 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3164
expires: Wed, 07 Dec 2022 19:56:05 GMT

GET
H2 200 powered_by_cpanel.svg
jn0k.unlversalfamily.com/img-sys/ 5 KB
3 KB 80ms
79ms Image
image/svg+xml 162.213.255.79
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jn0k.unlversalfamily.com/img-sys/powered_by_cpanel.svg
Requested by: Host: jn0k.unlversalfamily.com
URL: https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.213.255.79 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server283-1.web-hosting.com
Software: LiteSpeed /
Resource Hash: 179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:56:05 GMT
content-encoding: br
last-modified: Fri, 17 Mar 2017 18:07:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2506
expires: Wed, 07 Dec 2022 19:56:05 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf54538a1951e9e4ed0b407ffbed2583fd441fcc087da5c6657a0cde6d0c0208

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jn0k.kerberos.unlversalfamily.com
URL: https://jn0k.kerberos.unlversalfamily.com/api/internal/v1/agentlessDssoPrecheck

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://1py4.marciaedarrell.com.br./KY#aHR0cDovL21hbWRhbGF5LmNvbT9qc2k9NjE2NjcyNjk2MzYxNDA2ZTcyNjM2MzJlNjM2ZjZkJnNob3c= Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://jn0k.unlversalfamily.com/?fth57YFxg=rF6i62IOGSg2zfM1SCAA&email=africa@nrcc.com&ti9pmjivcoutEI6CFRWst1Pu2O22evaFNWt6mKXt7mco5AOoQVWDeVyEAODl1tUa3dNcAKv5aN3Du2AmxFqt8YzRvX5JaSixFjiJfAFLcrLslFLqHqUwq45C5SUEL2GbnqJlk1fVKMl36pkBgVPIgBezOcha7pTo0g69ltruTbgquQTcwIlJIIoOFgNA9VVXzBEHrAMTmP98EcSBHAkZjCjF44ggDPy0Y0g9QRq2ojZtgVTA2OX5VOQaOzqrmDidCWvTaId1koTP6KmmpbLCsHfs1V9kez6GrpI8FW5fvLLha#loginScreen Message: Access to XMLHttpRequest at 'https://jn0k.kerberos.unlversalfamily.com/api/internal/v1/agentlessDssoPrecheck' from origin 'https://jn0k.unlversalfamily.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://jn0k.kerberos.unlversalfamily.com/api/internal/v1/agentlessDssoPrecheck Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://jn0k.unlversalfamily.com/login/interact/00HIhhZcbN6Fz2PVyCyTs5bmOHPwmyr9_-Hx57wb3c Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1py4.marciaedarrell.com.br.
jn0k.kerberos.unlversalfamily.com
jn0k.unlversalfamily.com
mamdalay.com
ok12static.oktacdn.com
jn0k.kerberos.unlversalfamily.com
108.156.172.115
162.213.255.79
162.241.60.111
179a9aa9fff4c52850d9ce34a4c435404ddfd4fefa8aab9a6eb4f47b83f922d9
18b485a41cd34d42b48932730c71f668984b961260b10648c0607524d46a7a81
3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02
7a2ba96a25312028a921554bfed32afd1b88e71a248cc34a69c92a7ff58ec6db
7f12bdce0910c9aa30bf5bb89e5315cee7e09369c8cd6821f960d50f4e0e82e9
944120fb6962c7484d769d645e6d830850eead9394f6a84090aed489cfc0c41f
a432ff225325b7ac5a84819dde5f2ff2ae7c8ff5a711aa2473f5b3bfb9fc82dd
b579f84836a97835b2e0d495b7a60ec1bdf334709bbebcf521c09e30754b196f
bf54538a1951e9e4ed0b407ffbed2583fd441fcc087da5c6657a0cde6d0c0208
f5662c6b65138cf94a359babb8a426598f925f4f49a3f80534193755596814bf
fa8d06777006ade2f99117db1b55f67159ce977f52fdb04f373b1a93e70c7f02

jn0k.unlversalfamily.com Open in urlscan Pro 162.213.255.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

77 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

4 IPs

1 Countries

292 kBTransfer

515 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

jn0k.unlversalfamily.com Open in urlscan Pro
162.213.255.79 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

77 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

292 kB
Transfer

515 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions