juka.com.ar Open in urlscan Pro
200.80.42.215 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://juka.com.ar/ICCU/
Submission: On October 21 via automatic, source openphish (October 21st 2023, 3:16:32 pm UTC) — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 200.80.42.215, located in Buenos Aires, Argentina and belongs to IFX18747, US. The main domain is juka.com.ar.
TLS certificate: Issued by R3 on October 4th 2023. Valid for: 3 months.

This is the only time juka.com.ar was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Idaho Central Credit Union (Government)

Domain & IP information

	IP Address		AS Autonomous System
1 10	200.80.42.215 200.80.42.215		18747 (IFX18747) (IFX18747)
9	1

10 200.80.42.215 (Buenos Aires, Argentina) 1 redirects

ASN18747 (IFX18747, US)
PTR: 215.42.80.200.host.ifxnw.com.ar

juka.com.ar	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	juka.com.ar 1 redirects juka.com.ar	48 KB
9	1

	Domain	Requested by
10	juka.com.ar	1 redirects juka.com.ar
9	1

This site contains no links.

Subject Issuer	Validity	Valid
webmail.juka.com.ar R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://juka.com.ar/ICCU/
Frame ID: D05CA43170DFCF5A54EDAACF3986BF33
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Idaho Central Credit Union

Page URL History Show full URLs

https://juka.com.ar/ICCU HTTP 301
https://juka.com.ar/ICCU/ Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

48 kB
Transfer

46 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://juka.com.ar/ICCU HTTP 301
https://juka.com.ar/ICCU/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response juka.com.ar/ICCU/ Redirect Chain https://juka.com.ar/ICCU https://juka.com.ar/ICCU/	4 KB 4 KB	286ms 285ms	Document text/html	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Full URL https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `a4c4c2bed7e4f0c6a48314576ba833291f488b56b6893f86fb167f3126c62c1e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 4284 Content-Type text/html Date Sat, 21 Oct 2023 15:16:27 GMT Keep-Alive timeout=5, max=99 Last-Modified Wed, 18 Oct 2023 13:21:22 GMT Server Apache Redirect headers Connection Keep-Alive Content-Length 233 Content-Type text/html; charset=iso-8859-1 Date Sat, 21 Oct 2023 15:16:27 GMT Keep-Alive timeout=5, max=100 Location https://juka.com.ar/ICCU/ Server Apache
GET H/1.1	200 OK	style.css juka.com.ar/ICCU/	4 KB 4 KB	288ms 287ms	Stylesheet text/css	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Full URL https://juka.com.ar/ICCU/style.css Requested by Host: juka.com.ar URL: https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `8a812ea18e2aadb6ab117c882c2a308dbc7caa03933d7ae2525d17a8a26d96c0` Request headers accept-language de-DE,de;q=0.9 Referer https://juka.com.ar/ICCU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 15:16:27 GMT Last-Modified Wed, 18 Oct 2023 07:22:06 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4038
GET H/1.1	200 OK	responsive.css juka.com.ar/ICCU/	3 KB 3 KB	279ms 279ms	Stylesheet text/css	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Full URL https://juka.com.ar/ICCU/responsive.css Requested by Host: juka.com.ar URL: https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `0def5fb8862f6fe90562892e06e0cda73fc5f7925e91acd8454ae5fac68b3f69` Request headers accept-language de-DE,de;q=0.9 Referer https://juka.com.ar/ICCU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 15:16:27 GMT Last-Modified Tue, 04 Jul 2023 13:05:48 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3329
GET H/1.1	200 OK	Logo.svg juka.com.ar/ICCU/asset/image/	12 KB 13 KB	634ms 352ms	Image image/svg+xml	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Show image Full URL https://juka.com.ar/ICCU/asset/image/Logo.svg Requested by Host: juka.com.ar URL: https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `c66306654db0ddc5897f5e83a8358c252d642965d51168a04faf1ef7b783cc90` Request headers accept-language de-DE,de;q=0.9 Referer https://juka.com.ar/ICCU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 15:16:28 GMT Last-Modified Wed, 18 Oct 2023 07:27:36 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 12698
GET H/1.1	200 OK	fingerprint_white_24dp.svg juka.com.ar/ICCU/asset/image/	2 KB 2 KB	579ms 289ms	Image image/svg+xml	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Show image Full URL https://juka.com.ar/ICCU/asset/image/fingerprint_white_24dp.svg Requested by Host: juka.com.ar URL: https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `f765a490485533899939e02bcdc5b7c68fa6e1401190bcf234407fd4defbb2c3` Request headers accept-language de-DE,de;q=0.9 Referer https://juka.com.ar/ICCU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 15:16:28 GMT Last-Modified Tue, 04 Jul 2023 13:05:50 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1788
GET H/1.1	200 OK	atm_white_24dp.svg juka.com.ar/ICCU/asset/image/	353 B 599 B	805ms 270ms	Image image/svg+xml	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Show image Full URL https://juka.com.ar/ICCU/asset/image/atm_white_24dp.svg Requested by Host: juka.com.ar URL: https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `e8d89b78acb56d224e80668866b59a59b7ad1b0f5cead536d2fe2941cac46306` Request headers accept-language de-DE,de;q=0.9 Referer https://juka.com.ar/ICCU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 15:16:28 GMT Last-Modified Tue, 04 Jul 2023 13:05:50 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 353
GET H/1.1	200 OK	phone_iphone_white_24dp.svg juka.com.ar/ICCU/asset/image/	362 B 608 B	834ms 278ms	Image image/svg+xml	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Show image Full URL https://juka.com.ar/ICCU/asset/image/phone_iphone_white_24dp.svg Requested by Host: juka.com.ar URL: https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `fb10c4e04f5ebef8d51bd2d78f3ad7e69fd8111a1c3f7d8503632c14bb301e42` Request headers accept-language de-DE,de;q=0.9 Referer https://juka.com.ar/ICCU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 15:16:28 GMT Last-Modified Tue, 04 Jul 2023 13:05:48 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 362
GET H/1.1	200 OK	app-store-badge.svg juka.com.ar/ICCU/asset/image/	11 KB 11 KB	593ms 300ms	Image image/svg+xml	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Show image Full URL https://juka.com.ar/ICCU/asset/image/app-store-badge.svg Requested by Host: juka.com.ar URL: https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67` Request headers accept-language de-DE,de;q=0.9 Referer https://juka.com.ar/ICCU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 15:16:28 GMT Last-Modified Tue, 04 Jul 2023 13:05:50 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 10850
GET H/1.1	200 OK	google-play-badge.svg juka.com.ar/ICCU/asset/image/	9 KB 9 KB	587ms 301ms	Image image/svg+xml	200.80.42.215 IFX18747
General Check archive.org Show headers Download Go to Show image Full URL https://juka.com.ar/ICCU/asset/image/google-play-badge.svg Requested by Host: juka.com.ar URL: https://juka.com.ar/ICCU/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 200.80.42.215 Buenos Aires, Argentina, ASN18747 (IFX18747, US), Reverse DNS 215.42.80.200.host.ifxnw.com.ar Software Apache / Resource Hash `2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f` Request headers accept-language de-DE,de;q=0.9 Referer https://juka.com.ar/ICCU/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36 Response headers Date Sat, 21 Oct 2023 15:16:28 GMT Last-Modified Tue, 04 Jul 2023 13:05:50 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9332

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Idaho Central Credit Union (Government)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

juka.com.ar
200.80.42.215
0def5fb8862f6fe90562892e06e0cda73fc5f7925e91acd8454ae5fac68b3f69
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
8a812ea18e2aadb6ab117c882c2a308dbc7caa03933d7ae2525d17a8a26d96c0
a4c4c2bed7e4f0c6a48314576ba833291f488b56b6893f86fb167f3126c62c1e
c66306654db0ddc5897f5e83a8358c252d642965d51168a04faf1ef7b783cc90
e8d89b78acb56d224e80668866b59a59b7ad1b0f5cead536d2fe2941cac46306
f765a490485533899939e02bcdc5b7c68fa6e1401190bcf234407fd4defbb2c3
fb10c4e04f5ebef8d51bd2d78f3ad7e69fd8111a1c3f7d8503632c14bb301e42

juka.com.ar Open in urlscan Pro 200.80.42.215 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

48 kBTransfer

46 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

juka.com.ar Open in urlscan Pro
200.80.42.215 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

48 kB
Transfer

46 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!