k9j5t5p4.ssl.hwcdn.net Open in urlscan Pro
69.16.175.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.amazonaws.com/fgxeewsmwtsibmkkau/lnkss#qs=r-adbaiibjdhkjeafhdjfkcacbjiibkjafgkigabababaidadcgaccacebdadidjacgg...
Effective URL:
https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3yf9IZbP-BJmUbZ_vTSRxr...
Submission: On November 01 via api (November 1st 2022, 4:17:42 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 9 domains to perform 10 HTTP transactions. The main IP is 69.16.175.42, located in United States and belongs to STACKPATH-CDN, US. The main domain is k9j5t5p4.ssl.hwcdn.net. The Cisco Umbrella rank of the primary domain is 638921.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 22nd 2021. Valid for: a year.

This is the only time k9j5t5p4.ssl.hwcdn.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.217.236.112 52.217.236.112	16509 (AMAZON-02) (AMAZON-02)
1 1	193.239.164.74 193.239.164.74	213035 (AS-SERVER...) (AS-SERVERION Serverion B.V.)
1	78.142.47.48 78.142.47.48	31083 (TELEPOINT) (TELEPOINT)
4	2606:4700:303... 2606:4700:3031::ac43:92ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:4a8d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	162.242.198.222 162.242.198.222	27357 (RACKSPACE) (RACKSPACE)
1	94.237.103.119 94.237.103.119	202053 (UPCLOUD) (UPCLOUD)
1 1	18.156.93.177 18.156.93.177	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
10	6

1 52.217.236.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.164.74 (Netherlands) 1 redirects

ASN213035 (AS-SERVERION Serverion B.V., NL)
PTR: idlespikes.com

idlespikes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.142.47.48 (Dupnitsa, Bulgaria)

ASN31083 (TELEPOINT, BG)
PTR: vps2.baard.com

deliriousfantacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:92ee (United States)

ASN13335 (CLOUDFLARENET, US)

lynku.jukminung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:4a8d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.addlnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.242.198.222 (United States) 1 redirects

ASN27357 (RACKSPACE, US)

go.doblevialatam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.237.103.119 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host

1264178c7370.traffic247links.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.93.177 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-93-177.eu-central-1.compute.amazonaws.com

optiestrycended.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

k9j5t5p4.ssl.hwcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	jukminung.com lynku.jukminung.com	25 KB
2	hwcdn.net k9j5t5p4.ssl.hwcdn.net — Cisco Umbrella Rank: 638921	12 KB
1	optiestrycended.com 1 redirects optiestrycended.com — Cisco Umbrella Rank: 203974	1 KB
1	traffic247links.com 1264178c7370.traffic247links.com	1 KB
1	doblevialatam.com 1 redirects go.doblevialatam.com	272 B
1	addlnk.com cdn.addlnk.com — Cisco Umbrella Rank: 239576	1 KB
1	deliriousfantacy.com deliriousfantacy.com	450 B
1	idlespikes.com 1 redirects idlespikes.com	395 B
1	amazonaws.com s3.amazonaws.com	513 B
10	9

	Domain	Requested by
4	lynku.jukminung.com	deliriousfantacy.com s3.amazonaws.com lynku.jukminung.com
2	k9j5t5p4.ssl.hwcdn.net	k9j5t5p4.ssl.hwcdn.net
1	optiestrycended.com	1 redirects
1	1264178c7370.traffic247links.com	lynku.jukminung.com
1	go.doblevialatam.com	1 redirects
1	cdn.addlnk.com	lynku.jukminung.com
1	deliriousfantacy.com	s3.amazonaws.com
1	idlespikes.com	1 redirects
1	s3.amazonaws.com
10	9

This site contains no links.

Subject Issuer	Validity	Valid
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
deliriousfantacy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-29`	a year	crt.sh
*.jukminung.com E1	`2022-09-19` - `2022-12-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.traffic247links.com R3	`2022-09-09` - `2022-12-08`	3 months	crt.sh
*.ssl.hwcdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-12-22` - `2023-01-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3yf9IZbP-BJmUbZ_vTSRxr6LQU2D-WkULcasMEI0QfKjSMuuTgk9CEc_YvyfvGym-yVxWcNxiDu4-klOPYD7qhHAl1KsR0kt2kA3NNMERkKdfJaDRd1us-6xdW-qcBkxwRQ0suM0n7x9OiK5k6nrsmAVu29g3m9jGvE2wiAGhDIB5Gr6RqvfoyyamkUGsna-PW6_jFBPcYgrje3UcwbRpygg3KeH0qcuplgGv5Qw6f46jeQrvD4nbg4OHELobTrRfMAYmySvT3zEL-xapWAwX90toGuihJrpkqnI6K4UHLLXxHUh7v0lXoRItoLL_gNrBwsya-m6AiZro44oevGHjdgpyWvBJEKhFuGTVn78w_jG63W_FTRDeJIKe1GoFp3l0DLTdxZD2W31jP5Hz6Ey9qYDk0O6BcbVYdgLUz7TzOHuE6dqiIAYZU&lptoken=166467df32a8126e59ae&c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk%2C16628570%2C5%2C8670
Frame ID: 38998EF3542CFDA8C4553224C9A7579D
Requests: 7 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1667318400
Frame ID: 6C2CC9814FD4C742A7E3A4CBB6E618C7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Search To Win

Page URL History Show full URLs

https://s3.amazonaws.com/fgxeewsmwtsibmkkau/lnkss Page URL
http://idlespikes.com/qs=r-adbaiibjdhkjeafhdjfkcacbjiibkjafgkigabababaidadcgaccacebdadidjacggcejacb HTTP 302
https://deliriousfantacy.com/17645f2ea31cef88000/45975_10877098_11_2728_72/u8Rhfwbc9a1a3a4xLVG2ub4yab6wtf... Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1299070276&pubid=690412 Page URL
https://go.doblevialatam.com/1652519235?aff_token=pub6d3abcf36c074332b32a8f09f2e93d76&aff_source=66f37892 HTTP 307
https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=03209add36369cf5f339e44c Page URL
https://optiestrycended.com/bf0465cf-e980-478d-87f2-27d14b1b731e?c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk,16... HTTP 302
https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3y... Page URL

Page Statistics

10
Requests

100 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

6
IPs

5
Countries

41 kB
Transfer

76 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.amazonaws.com/fgxeewsmwtsibmkkau/lnkss Page URL
http://idlespikes.com/qs=r-adbaiibjdhkjeafhdjfkcacbjiibkjafgkigabababaidadcgaccacebdadidjacggcejacb HTTP 302
https://deliriousfantacy.com/17645f2ea31cef88000/45975_10877098_11_2728_72/u8Rhfwbc9a1a3a4xLVG2ub4yab6wtfb4YEszb3k8cz5/72 Page URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1299070276&pubid=690412 Page URL
https://go.doblevialatam.com/1652519235?aff_token=pub6d3abcf36c074332b32a8f09f2e93d76&aff_source=66f37892 HTTP 307
https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=03209add36369cf5f339e44c Page URL
https://optiestrycended.com/bf0465cf-e980-478d-87f2-27d14b1b731e?c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk,16628570,5,8670 HTTP 302
https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3yf9IZbP-BJmUbZ_vTSRxr6LQU2D-WkULcasMEI0QfKjSMuuTgk9CEc_YvyfvGym-yVxWcNxiDu4-klOPYD7qhHAl1KsR0kt2kA3NNMERkKdfJaDRd1us-6xdW-qcBkxwRQ0suM0n7x9OiK5k6nrsmAVu29g3m9jGvE2wiAGhDIB5Gr6RqvfoyyamkUGsna-PW6_jFBPcYgrje3UcwbRpygg3KeH0qcuplgGv5Qw6f46jeQrvD4nbg4OHELobTrRfMAYmySvT3zEL-xapWAwX90toGuihJrpkqnI6K4UHLLXxHUh7v0lXoRItoLL_gNrBwsya-m6AiZro44oevGHjdgpyWvBJEKhFuGTVn78w_jG63W_FTRDeJIKe1GoFp3l0DLTdxZD2W31jP5Hz6Ey9qYDk0O6BcbVYdgLUz7TzOHuE6dqiIAYZU&lptoken=166467df32a8126e59ae&c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk%2C16628570%2C5%2C8670 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://idlespikes.com/qs=r-adbaiibjdhkjeafhdjfkcacbjiibkjafgkigabababaidadcgaccacebdadidjacggcejacb HTTP 302
https://deliriousfantacy.com/17645f2ea31cef88000/45975_10877098_11_2728_72/u8Rhfwbc9a1a3a4xLVG2ub4yab6wtfb4YEszb3k8cz5/72

Request Chain 6

https://go.doblevialatam.com/1652519235?aff_token=pub6d3abcf36c074332b32a8f09f2e93d76&aff_source=66f37892 HTTP 307
https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=03209add36369cf5f339e44c

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	lnkss s3.amazonaws.com/fgxeewsmwtsibmkkau/	157 B 513 B	346ms 129ms	Document text/html	52.217.236.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/fgxeewsmwtsibmkkau/lnkss Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.236.112 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Content-Length 157 Content-Type text/html Date Tue, 01 Nov 2022 16:17:36 GMT ETag "f48ba1d136e34c987418f360e9d03bc2" Last-Modified Tue, 01 Nov 2022 10:26:21 GMT Server AmazonS3 x-amz-id-2 7uVMNbQEggxlZfHz9Np4ehyTBs1HyDYAhDzFbwFkF43udlHdl0YH5UK99xcRlPV05+XWsZcDsvI= x-amz-request-id QVPKX56Z68405X4Y
GET H/1.1	200 OK	72 deliriousfantacy.com/17645f2ea31cef88000/45975_10877098_11_2728_72/u8Rhfwbc9a1a3a4xLVG2ub4yab6wtfb4YEszb3k8cz5/ Redirect Chain http://idlespikes.com/qs=r-adbaiibjdhkjeafhdjfkcacbjiibkjafgkigabababaidadcgaccacebdadidjacggcejacb https://deliriousfantacy.com/17645f2ea31cef88000/45975_10877098_11_2728_72/u8Rhfwbc9a1a3a4xLVG2ub4yab6wtfb4YEszb3k8cz5/72	137 B 450 B	1404ms 378ms	Document text/html	78.142.47.48 TELEPOINT
General Check archive.org Show headers Download Go to Full URL https://deliriousfantacy.com/17645f2ea31cef88000/45975_10877098_11_2728_72/u8Rhfwbc9a1a3a4xLVG2ub4yab6wtfb4YEszb3k8cz5/72 Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/fgxeewsmwtsibmkkau/lnkss Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 78.142.47.48 Dupnitsa, Bulgaria, ASN31083 (TELEPOINT, BG), Reverse DNS vps2.baard.com Software Apache / Resource Hash Request headers Referer https://s3.amazonaws.com/fgxeewsmwtsibmkkau/lnkss#qs=r-adbaiibjdhkjeafhdjfkcacbjiibkjafgkigabababaidadcgaccacebdadidjacggcejacb Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Length 137 Content-Type text/html; charset=UTF-8 Date Tue, 01 Nov 2022 16:17:37 GMT Server Apache Redirect headers Connection Keep-Alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Tue, 01 Nov 2022 16:17:36 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16 location https://deliriousfantacy.com/17645f2ea31cef88000/45975_10877098_11_2728_72/u8Rhfwbc9a1a3a4xLVG2ub4yab6wtfb4YEszb3k8cz5/72
GET H2	200	9e8aef8068 Show response lynku.jukminung.com/rc/	3 KB 2 KB	193ms 134ms	Document text/html	2606:4700:3031::ac43:92ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lynku.jukminung.com/rc/9e8aef8068?affclick=1299070276&pubid=690412 Requested by Host: deliriousfantacy.com URL: https://deliriousfantacy.com/17645f2ea31cef88000/45975_10877098_11_2728_72/u8Rhfwbc9a1a3a4xLVG2ub4yab6wtfb4YEszb3k8cz5/72 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4d5e2b00b7526a6d8b44824752effae39a35b62c106d879c1f255f14d02374fe` Request headers Referer https://deliriousfantacy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7635f112da2b6919-FRA content-encoding br content-language en-us content-type text/html; charset=utf-8 date Tue, 01 Nov 2022 16:17:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUMthkEcfOFJC7bBlpsghJtycwx6zbKfEVkaVVQJaeBWIrb76N7GnGtwDyPmU8%2Bt9owmI9tgvshrkJtE8D41ofR69yAZOFAATKJM0eD7yaPOsxdWUjBrltbR3sT%2B9rGh%2FwBmnF0l6KtmY4vDaDrDsgII"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Accept-Language, Cookie
GET H2	200	redirect.css cdn.addlnk.com/	1 KB 1 KB	118ms 66ms	Stylesheet text/css	2606:4700:3030::6815:4a8d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.addlnk.com/redirect.css Requested by Host: lynku.jukminung.com URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1299070276&pubid=690412 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:4a8d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 16:17:37 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 72BQ43Z832DMHS8A age 1930 cf-polished origSize=1680 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 9dqjw3QmoT8lhROeWaK3mEcRPoUKNfvQLfCVyCvCyDnxCOQ1ZkKTnjHgPbqYhL93T/SckF1I+RU= cf-bgj minify last-modified Wed, 13 Mar 2019 00:03:12 GMT server cloudflare etag W/"3ae56d32551602b41f9046c14d1cfde2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RDbfNkxUW0Uw%2BymHqKAjub2%2B3HIVgLCTpR%2Fz%2FEjLnl7Mx21U3WPrI%2B%2BqlEzh8epRMvFpJaOKcU0ODTzPv6HLtoNnDPLo3gnLOkIxh6qroXJ5KtOZ3NYEb9QCKIcS1g80oXdAU6OWtetS%2BAqJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 7635f1140e95bb83-FRA
GET H2	200	invisible.js Show response lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 6C2C	33 KB 14 KB	30ms 30ms	Script application/javascript	2606:4700:3031::ac43:92ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1667318400 Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/fgxeewsmwtsibmkkau/lnkss Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a4a8f0dc6e5106f857ab5563b0d57dc4b46d1cb213b46663be6e78eee83e82e5` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 16:17:38 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaQ2%2Fh4afOfUjD9zjl6TJjyKW2b6T7oLUEW1nfUzwGd3Cm0UbhEZlFPhHp0bWewIt0v9DFslOAram%2FvdVN%2F0p1ntDvhz4VBFC9KYzZLYavBFPc8kVWrcFq7Q4a4YsxjHeI77cxaw%2BC9tzFxP3Zzazpug"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 7635f1148d8f6919-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	pica.js lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 6C2C	19 KB 8 KB	23ms 22ms	Other application/javascript	2606:4700:3031::ac43:92ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6822ef4764f54cfd65f7791c04149330a9dc2664586d615eea41ad26ef9b7b56` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 16:17:38 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLhfW403aefjBOiTHW1yvA5hDUOvitJSOCuttfvWnNU204wsmZOqRosh4osp40dZzqkz9nWPZOf036tF0N8xlki7uIO2ih1ejbUMCpGvHMigDrj50wn8rtFNRsdmFv3tbViz5kmOTawEtrMdwMlJc6un"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 7635f114c90592bd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	/ 1264178c7370.traffic247links.com/ Redirect Chain https://go.doblevialatam.com/1652519235?aff_token=pub6d3abcf36c074332b32a8f09f2e93d76&aff_source=66f37892 https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=03209add36369cf5f339e44c	930 B 1 KB	90ms 37ms	Document text/html	94.237.103.119 UPCLOUD
General Check archive.org Show headers Download Go to Full URL https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=03209add36369cf5f339e44c Requested by Host: lynku.jukminung.com URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1299070276&pubid=690412 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.237.103.119 , Finland, ASN202053 (UPCLOUD, FI), Reverse DNS 94-237-103-119.de-fra1.upcloud.host Software / Resource Hash Request headers Referer https://lynku.jukminung.com/rc/9e8aef8068?affclick=1299070276&pubid=690412 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 01 Nov 2022 16:17:39 GMT expires Tue, 1 Nov 2022 16:17:39 GMT last-modified Tue, 1 Nov 2022 16:17:39 GMT pragma no-cache vary Accept-Encoding x-robots-tag noindex, nofollow Redirect headers cache-control no-store, no-cache, must-revalidate content-type text/html; charset=UTF-8 date Tue, 01 Nov 2022 16:17:38 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=03209add36369cf5f339e44c pragma no-cache server nginx/1.20.1 x-powered-by PHP/7.3.33
POST H3	200	7635f112da2b6919 lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 6C2C	2 B 659 B	63ms 63ms	XHR text/plain	2606:4700:3031::ac43:92ee CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7635f112da2b6919 Requested by Host: lynku.jukminung.com URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1667318400 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:92ee , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Content-Type application/json Response headers date Tue, 01 Nov 2022 16:17:38 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4cLdVc%2BjWjHZiK%2FXq3k80YmlYpybP4XccMKJXuGstv6OYiEQAPF3ff%2BH%2BgpBVKgfkTeFeBSEsCR0dcjA8Su49rIX0Wos1L2h8tZuXEom6te6h1a0JM6%2FNC877HQCmhj8l7Kr2tspzMzYrNJBwhJgI8i"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7635f1169ce492bd-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	Primary Request search.html Show response k9j5t5p4.ssl.hwcdn.net/bing/ Redirect Chain https://optiestrycended.com/bf0465cf-e980-478d-87f2-27d14b1b731e?c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk,16628570,5,8670 https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3yf9IZbP-BJmUbZ_vTSRxr6LQU2D-WkULcasMEI0QfKjSMuuTgk9CEc_YvyfvGym-yVxWcNxiDu4-klOPYD7qhHAl1Ks...	12 KB 4 KB	102ms 22ms	Document text/html	69.16.175.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3yf9IZbP-BJmUbZ_vTSRxr6LQU2D-WkULcasMEI0QfKjSMuuTgk9CEc_YvyfvGym-yVxWcNxiDu4-klOPYD7qhHAl1KsR0kt2kA3NNMERkKdfJaDRd1us-6xdW-qcBkxwRQ0suM0n7x9OiK5k6nrsmAVu29g3m9jGvE2wiAGhDIB5Gr6RqvfoyyamkUGsna-PW6_jFBPcYgrje3UcwbRpygg3KeH0qcuplgGv5Qw6f46jeQrvD4nbg4OHELobTrRfMAYmySvT3zEL-xapWAwX90toGuihJrpkqnI6K4UHLLXxHUh7v0lXoRItoLL_gNrBwsya-m6AiZro44oevGHjdgpyWvBJEKhFuGTVn78w_jG63W_FTRDeJIKe1GoFp3l0DLTdxZD2W31jP5Hz6Ey9qYDk0O6BcbVYdgLUz7TzOHuE6dqiIAYZU&lptoken=166467df32a8126e59ae&c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk%2C16628570%2C5%2C8670 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS hwcdn.net Software WasabiS3/7.7.900-2022-08-19-6bff245bcf (head08) / Resource Hash `2e0c77e31bf6fbe26c768a1a2f887ea01a8d5ee3c73b5aa5a3067c35ff79e69b` Request headers Referer https://1264178c7370.traffic247links.com/?p=8670&media_type=mainstream&click_id=&token=03209add36369cf5f339e44c Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection Keep-Alive Content-Encoding gzip Content-Length 3825 Content-Type text/html Date Tue, 01 Nov 2022 16:17:39 GMT ETag "353efcbbb0d9f329fcb72d951e78b0af" Last-Modified Tue, 13 Sep 2022 07:52:04 GMT Server WasabiS3/7.7.900-2022-08-19-6bff245bcf (head08) X-HW 1667319459.dop123.fr8.t,1667319459.cds165.fr8.shn,1667319459.dop123.fr8.t,1667319459.cds260.fr8.c x-amz-id-2 M7b/FgmEhH5i/mXvJwtheOjfToLa9RRWVpariiV7xr5ICb/LPX/11Ztmr1X/Pb43zp6hgbxzNTIG x-amz-request-id 87FE7268C94F109B Redirect headers cache-control no-store, no-cache, pre-check=0, post-check=0 content-length 0 date Tue, 01 Nov 2022 16:17:39 GMT expires Thu, 01 Jan 1970 00:00:00 GMT location https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3yf9IZbP-BJmUbZ_vTSRxr6LQU2D-WkULcasMEI0QfKjSMuuTgk9CEc_YvyfvGym-yVxWcNxiDu4-klOPYD7qhHAl1KsR0kt2kA3NNMERkKdfJaDRd1us-6xdW-qcBkxwRQ0suM0n7x9OiK5k6nrsmAVu29g3m9jGvE2wiAGhDIB5Gr6RqvfoyyamkUGsna-PW6_jFBPcYgrje3UcwbRpygg3KeH0qcuplgGv5Qw6f46jeQrvD4nbg4OHELobTrRfMAYmySvT3zEL-xapWAwX90toGuihJrpkqnI6K4UHLLXxHUh7v0lXoRItoLL_gNrBwsya-m6AiZro44oevGHjdgpyWvBJEKhFuGTVn78w_jG63W_FTRDeJIKe1GoFp3l0DLTdxZD2W31jP5Hz6Ey9qYDk0O6BcbVYdgLUz7TzOHuE6dqiIAYZU&lptoken=166467df32a8126e59ae&c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk%2C16628570%2C5%2C8670 pragma no-cache server nginx
GET H/1.1	200 OK	blogo.png k9j5t5p4.ssl.hwcdn.net/bing/	7 KB 8 KB	18ms 17ms	Image image/png	69.16.175.42 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://k9j5t5p4.ssl.hwcdn.net/bing/blogo.png Requested by Host: k9j5t5p4.ssl.hwcdn.net URL: https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3yf9IZbP-BJmUbZ_vTSRxr6LQU2D-WkULcasMEI0QfKjSMuuTgk9CEc_YvyfvGym-yVxWcNxiDu4-klOPYD7qhHAl1KsR0kt2kA3NNMERkKdfJaDRd1us-6xdW-qcBkxwRQ0suM0n7x9OiK5k6nrsmAVu29g3m9jGvE2wiAGhDIB5Gr6RqvfoyyamkUGsna-PW6_jFBPcYgrje3UcwbRpygg3KeH0qcuplgGv5Qw6f46jeQrvD4nbg4OHELobTrRfMAYmySvT3zEL-xapWAwX90toGuihJrpkqnI6K4UHLLXxHUh7v0lXoRItoLL_gNrBwsya-m6AiZro44oevGHjdgpyWvBJEKhFuGTVn78w_jG63W_FTRDeJIKe1GoFp3l0DLTdxZD2W31jP5Hz6Ey9qYDk0O6BcbVYdgLUz7TzOHuE6dqiIAYZU&lptoken=166467df32a8126e59ae&c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk%2C16628570%2C5%2C8670 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS hwcdn.net Software WasabiS3/7.7.900-2022-08-19-6bff245bcf (head08) / Resource Hash `f1f97ddb28a4925de8234dd9a91b0cd8d5e8d050e2a2f5993ecffc278e733c37` Request headers accept-language de-DE,de;q=0.9 Referer https://k9j5t5p4.ssl.hwcdn.net/bing/search.html?cep=_rOILfhKQhTkqFF6r7_nWbhK7XuudF1prTJk17XFPk2U-_a8Vgbgu3yf9IZbP-BJmUbZ_vTSRxr6LQU2D-WkULcasMEI0QfKjSMuuTgk9CEc_YvyfvGym-yVxWcNxiDu4-klOPYD7qhHAl1KsR0kt2kA3NNMERkKdfJaDRd1us-6xdW-qcBkxwRQ0suM0n7x9OiK5k6nrsmAVu29g3m9jGvE2wiAGhDIB5Gr6RqvfoyyamkUGsna-PW6_jFBPcYgrje3UcwbRpygg3KeH0qcuplgGv5Qw6f46jeQrvD4nbg4OHELobTrRfMAYmySvT3zEL-xapWAwX90toGuihJrpkqnI6K4UHLLXxHUh7v0lXoRItoLL_gNrBwsya-m6AiZro44oevGHjdgpyWvBJEKhFuGTVn78w_jG63W_FTRDeJIKe1GoFp3l0DLTdxZD2W31jP5Hz6Ey9qYDk0O6BcbVYdgLUz7TzOHuE6dqiIAYZU&lptoken=166467df32a8126e59ae&c2=8670&c1=5wrk5kj3hcg46n88p10gk44wk%2C16628570%2C5%2C8670 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Tue, 01 Nov 2022 16:17:39 GMT Last-Modified Mon, 12 Sep 2022 17:52:53 GMT Server WasabiS3/7.7.900-2022-08-19-6bff245bcf (head08) x-amz-request-id DED9A693E5FF917E ETag "0cf8d7eff944be4c1291e59790d6f38c" X-HW 1667319459.dop123.fr8.t,1667319459.cds165.fr8.shn,1667319459.dop123.fr8.t,1667319459.cds168.fr8.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=31536000 Connection Keep-Alive Accept-Ranges bytes Content-Length 7676 x-amz-id-2 jdRlybmmR56kE0/2kHEEqiDpesiIwR9sgMYZ6Qt8N7SfJWm+Nhs1FFYXVT1OsnILDmANYGlNuKO5

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
deliriousfantacy.com/	1970-01-20 07:51:51	Name: uid15295 Value: 1299070276-20221101121737-5f5c7d754890a5ba4b7a87a9145eacba-
lynku.jukminung.com/	1970-01-20 07:18:44	Name: AWSALB Value: mT1ZPbjrMY0PWSk2EGBV+g8+8qqv9Wb9214/b5VRxteAnNQmejkRdW/0WjdKWZyK+VBiHb+T2zTVst8NoF9w3h8Hq3JyB5c+gdCLfiMpZ2TV6HRhtZ88otc5t8Ze
.jukminung.com/	1970-01-20 07:08:41	Name: __cf_bm Value: ae_C99ArYie7H3siOzGZO_hApPkRxhjLz5S3wR_OTiw-1667319458-0-Ac6CmiVCKbmhBglOdMstYrqC2IvYMYWyoEWWjbr3Ozf7RZKzPVQgBe/KaSMZrbu+PtV4j/5xy/xaxJHNrwmREty65sza2fTycCAPsV6XLavCcnswKbjyCWCpW8zvJ8xbXg==
go.doblevialatam.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: clrgfqb7lkg3cnhiailitt0k60
.1264178c7370.traffic247links.com/	1970-01-20 07:08:40	Name: rts-trck Value: 1
.traffic247links.com/	1970-01-20 16:44:39	Name: t-uuid Value: 5wrk5kj3ma9qiq7yr9o0sc0cw
.traffic247links.com/	1970-01-20 07:08:39	Name: traffic-back Value: ok
.optiestrycended.com/	1970-01-20 07:10:05	Name: bf0465cf-e980-478d-87f2-27d14b1b731e-v4 Value: UbKPi43orGU5eWrBQbLSrasTtLJ6AjU4k7_jN4rrOKE
.optiestrycended.com/	1970-01-20 07:10:05	Name: cep-v4 Value: 7dr8SMyOyo1InNu15A6ObGbs9_E--OkQbSyXxKGzFKCIuG6GkyuHA5DubzyXjpNhILmznAHNZ1ocm-XXaVgFqUcBJ_-a_RFZ2cy-hkBZxnbzWGCY_IK4R47xma-PFC5iphcIl4YJXLXeN99CWUmXNwAAAs-82n8UhiHqjeSRbfnanHKOfPIliXf2EvI-mx1OtNdvo3JXKZedgq4SK-q0xLvKtIZvhfxj7k3hG4HqvUEy2NoI1-f1jTGW0VwjQJAgRPhZ1DrCMXvChuThZYCnAouUmLjx2n-YzGpeVGfEruI6P8RbzWq03KDn9WGLkfHNFr_Mk9Hr8hsCgM807RZfIVTrnJQGLC0x-zR3-0szeIYdG2YAd1gYkVxiA48LZ3TdQjMhRXd8fGN8flxoGc0-UGl61ObONk4eP29hVIHoViV8aEU_mof8RcWQ-TmidzlYbdoBiwUev18Vi8iBH0X8JhkL2eq3e7GwAmUEh6d0Jso

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1264178c7370.traffic247links.com
cdn.addlnk.com
deliriousfantacy.com
go.doblevialatam.com
idlespikes.com
k9j5t5p4.ssl.hwcdn.net
lynku.jukminung.com
optiestrycended.com
s3.amazonaws.com
162.242.198.222
18.156.93.177
193.239.164.74
2606:4700:3030::6815:4a8d
2606:4700:3031::ac43:92ee
52.217.236.112
69.16.175.42
78.142.47.48
94.237.103.119
2e0c77e31bf6fbe26c768a1a2f887ea01a8d5ee3c73b5aa5a3067c35ff79e69b
4d5e2b00b7526a6d8b44824752effae39a35b62c106d879c1f255f14d02374fe
6822ef4764f54cfd65f7791c04149330a9dc2664586d615eea41ad26ef9b7b56
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
a4a8f0dc6e5106f857ab5563b0d57dc4b46d1cb213b46663be6e78eee83e82e5
f1f97ddb28a4925de8234dd9a91b0cd8d5e8d050e2a2f5993ecffc278e733c37

k9j5t5p4.ssl.hwcdn.net Open in urlscan Pro 69.16.175.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

22 %IPv6

9 Domains

9 Subdomains

6 IPs

5 Countries

41 kBTransfer

76 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

9 Cookies

Indicators

k9j5t5p4.ssl.hwcdn.net Open in urlscan Pro
69.16.175.42 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

22 %
IPv6

9
Domains

9
Subdomains

6
IPs

5
Countries

41 kB
Transfer

76 kB
Size

9
Cookies

10 HTTP transactions
0 data transactions