lumuton.com Open in urlscan Pro
204.44.75.99 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lumuton.com/
Effective URL:
https://lumuton.com/bk/client/index.php
Submission: On June 28 via api (June 28th 2023, 4:33:22 am UTC) from JP — Scanned from JP

Summary HTTP 21 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 21 HTTP transactions. The main IP is 204.44.75.99, located in Los Angeles, United States and belongs to PACIFICRACK, US. The main domain is lumuton.com.
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.

This is the only time lumuton.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Shinsei Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 18	204.44.75.99 204.44.75.99	64270 (PACIFICRACK) (PACIFICRACK)
2	13.225.165.5 13.225.165.5	16509 (AMAZON-02) (AMAZON-02)
2 2	99.84.133.31 99.84.133.31	16509 (AMAZON-02) (AMAZON-02)
2	143.204.86.31 143.204.86.31	16509 (AMAZON-02) (AMAZON-02)
21	3

18 204.44.75.99 (Los Angeles, United States) 1 redirects

ASN64270 (PACIFICRACK, US)
PTR: 204.44.75.99.static.quadranet.com

lumuton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.165.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-5.nrt12.r.cloudfront.net

bk.web.sbishinseibank.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.133.31 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-31.nrt57.r.cloudfront.net

www.shinseibank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.86.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-31.nrt12.r.cloudfront.net

www.sbishinseibank.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	lumuton.com 1 redirects lumuton.com	237 KB
4	sbishinseibank.co.jp bk.web.sbishinseibank.co.jp www.sbishinseibank.co.jp	81 KB
2	shinseibank.com 2 redirects www.shinseibank.com	542 B
21	3

	Domain	Requested by
18	lumuton.com	1 redirects lumuton.com
2	www.sbishinseibank.co.jp	lumuton.com
2	www.shinseibank.com	2 redirects
2	bk.web.sbishinseibank.co.jp	lumuton.com
21	4

This site contains links to these domains. Also see Links.

Domain
www.shinseibank.com
shinseibank.com
sp.shinseibank.com
faq.shinseibank.com

Subject Issuer	Validity	Valid
lumuton.com R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
bk.web.sbishinseibank.co.jp Entrust Certification Authority - L1M	`2022-09-21` - `2023-09-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://lumuton.com/bk/client/index.php
Frame ID: 75C9870913ED33D07E41692B88D81A21
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン | 新生パワーダイレクト

Page URL History Show full URLs

https://lumuton.com/ HTTP 302
https://lumuton.com/bk/index.php Page URL
https://lumuton.com/bk/client/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

317 kB
Transfer

818 kB
Size

2
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.shinseibank.com/rd/pd/PLG000102_jp.html
Title: こちら

Search URL Search Domain Scan URL

URL: https://shinseibank.com/crm/heroku/healthcheck.html?h=chat-onetime&AppType=07&intcid=pdlogin
Title: カードを紛失、暗証番号を失念してしまった

Search URL Search Domain Scan URL

URL: https://sp.shinseibank.com/rd/spd/MLG000103_jp.html
Title: 店番号・口座番号が分かりません

Search URL Search Domain Scan URL

URL: https://sp.shinseibank.com/rd/spd/MLG000104_jp.html
Title: パワーダイレクトパスワードが分かりません

Search URL Search Domain Scan URL

URL: https://sp.shinseibank.com/rd/spd/MLG000105_jp.html
Title: 「ロックしました」と表示されました

Search URL Search Domain Scan URL

URL: https://faq.shinseibank.com/faq_detail.html?intcid=PD2202&id=111559
Title: スマホ認証サービスを解除したい場合

Search URL Search Domain Scan URL

URL: https://faq.shinseibank.com/faq_detail.html?intcid=PD2202&id=111561
Title: スマホ認証サービス登録中に機種変更した場合

Search URL Search Domain Scan URL

URL: https://sp.shinseibank.com/info/news161228_security.html
Title: インターネットバンキングによる不正送金やATMによる不正出金にご注意ください

Search URL Search Domain Scan URL

URL: https://sp.shinseibank.com/rd/spd/MLG000106_jp.html
Title: 新生パワーダイレクトについて詳しくはこちら

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lumuton.com/ HTTP 302
https://lumuton.com/bk/index.php Page URL
https://lumuton.com/bk/client/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://lumuton.com/ HTTP 302
https://lumuton.com/bk/index.php

Request Chain 12

https://www.shinseibank.com/inc/pd/image/hr_colorbar.png HTTP 301
https://www.sbishinseibank.co.jp/inc/pd/image/hr_colorbar.png

Request Chain 13

https://www.shinseibank.com/inc/pd/image/pd_logo_sp.png HTTP 301
https://www.sbishinseibank.co.jp/inc/pd/image/pd_logo_sp.png

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.php Show response
lumuton.com/bk/
Redirect Chain

https://lumuton.com/
https://lumuton.com/bk/index.php

1009 B
587 B

236ms
235ms

Document
text/html

204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

cfe0dbd5a71d312b2eda46d5719f123e55022a5fe9f5b90511384b44e9e5b7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 28 Jun 2023 04:33:15 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html;charset=utf-8
date: Wed, 28 Jun 2023 04:33:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ./bk/index.php
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 Primary Request index.php Show response
lumuton.com/bk/client/ 16 KB
6 KB 474ms
474ms Document
text/html 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/client/index.php

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

5a84099509055425d11639d3018bf634177fc899e3cf842a0cbefda0645dc2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://lumuton.com/bk/index.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 28 Jun 2023 04:33:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 start.css
lumuton.com/bk/css/ 23 B
225 B 242ms
236ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/start.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

41a0a94ab68af12300638e6f7c87a6ce212662f8f534f9952b308335fe678625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 09:16:51 GMT
server: nginx
etag: "63511203-17"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 23
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 angular-block-ui.css
lumuton.com/bk/css/ 1 KB
700 B 245ms
237ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/angular-block-ui.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

2348d2781b1b5da65790dbbc8a2a93091b86c3a4f28388eb272e6a9683887bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 09:16:21 GMT
server: nginx
etag: W/"635111e5-4bb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 block.css
lumuton.com/bk/css/ 345 B
548 B 246ms
239ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/block.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

e925f55644a5103e08b6a71c4d9f036d395abccd28f2cc917a6c122b93d3d72a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 09:16:25 GMT
server: nginx
etag: "635111e9-159"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 345
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 styles_sp.css
lumuton.com/bk/css/ 27 KB
6 KB 247ms
240ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/styles_sp.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

2d9b543170f76721a1e0f9274d6f2f13dcca4610fa4256185140ba845359f027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 22 Oct 2022 07:05:28 GMT
server: nginx
etag: W/"63539638-6bb2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 pages_sp.css
lumuton.com/bk/css/ 49 KB
11 KB 477ms
471ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/pages_sp.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

d72d8e54b7289ed5ba53e496050d7aa5f8b1462523e0839d0a3e65c14cbb16cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 22 Oct 2022 09:18:53 GMT
server: nginx
etag: W/"6353b57d-c4f1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 keyboard_pc.css
lumuton.com/bk/css/ 8 KB
2 KB 478ms
472ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/keyboard_pc.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

3c54aac6bc89a7179d59c39303ac082675ee22358a5a071740cb88424f06c52f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 09:16:40 GMT
server: nginx
etag: W/"635111f8-1fab"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 fileDragDrop_sp.css
lumuton.com/bk/css/ 842 B
1 KB 477ms
472ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/fileDragDrop_sp.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

b2eb4ef4e596b2af8284b0dd26b5a1974f1be4204e74eea0e11086f7767d3b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 09:16:36 GMT
server: nginx
etag: "635111f4-34a"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 842
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 common.css
lumuton.com/bk/css/ 599 B
802 B 477ms
473ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/common.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

fd1acd9fc9daacb1666544b83ee235d12fc50c966eb3ad3f881e38be1c6bef0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 09:16:29 GMT
server: nginx
etag: "635111ed-257"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 599
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 new_pages_sp.css
lumuton.com/bk/css/ 16 KB
4 KB 477ms
473ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/new_pages_sp.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

501063bd8742638bc916ec113959fd2ab6c08e773385ef48e6b08db007c2ada2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 20 Oct 2022 09:16:44 GMT
server: nginx
etag: W/"635111fc-3e2a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 end.css
lumuton.com/bk/css/ 24 B
226 B 477ms
473ms Stylesheet
text/css 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/css/end.css

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

aabd9b724d9a61b77159f3f88696b3e7a9d1e248cafe0071ddf820cbe86f46d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 09:16:32 GMT
server: nginx
etag: "635111f0-18"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 24
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 logo-main.png
bk.web.sbishinseibank.co.jp/SFC/apps/services/www/SFC/desktopbrowser/default/images/ 4 KB
5 KB 27ms
16ms Image
image/png 13.225.165.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bk.web.sbishinseibank.co.jp/SFC/apps/services/www/SFC/desktopbrowser/default/images/logo-main.png

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-5.nrt12.r.cloudfront.net

Software

/ Servlet/4.0

Resource Hash

eab1fbdb32d1d5f256f0f9bbd967938082934ee5773edfba5bf082267003e10f

Security Headers

Name	Value
Content-Security-Policy	self
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Security-Policy	self
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 28 Jun 2023 04:33:16 GMT
content-security-policy: self
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 c0453ef0821edb3a228664426f248130.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C4
x-powered-by: Servlet/4.0
x-cache: Miss from cloudfront
content-length: 3768
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 07 Jun 2023 05:06:34 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
content-language: en-US
cache-control: no-cache, no-store, must-revalidate
x-webkit-csp: self
x-amz-cf-id: rCP6ePmMwTOHSibD3bTt5Vo5Qf9plluTI0n1qtMtxT5lG77NFfBztg==
x-content-security-policy: self

GET
H2

200

hr_colorbar.png
www.sbishinseibank.co.jp/inc/pd/image/
Redirect Chain

https://www.shinseibank.com/inc/pd/image/hr_colorbar.png
https://www.sbishinseibank.co.jp/inc/pd/image/hr_colorbar.png

68 KB
68 KB

17ms
7ms

Image
image/x-png

143.204.86.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sbishinseibank.co.jp/inc/pd/image/hr_colorbar.png

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Server

143.204.86.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-86-31.nrt12.r.cloudfront.net

Software

Apache /

Resource Hash

ac64357c79207e41391f5c6fa9a5333bb571151b0350b4c661626befaa57a129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:30:26 GMT
via: 1.1 834e9cf6bb1bfd10d465a5562d06d926.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: NRT12-C2
age: 170
x-cache: Hit from cloudfront
content-disposition: filename="hr_colorbar.png"; filename*=UTF-8''"hr_colorbar.png"
content-length: 69178
x-xss-protection: 1; mode=block
last-modified: Sun, 30 Oct 2022 23:10:37 GMT
server: Apache
etag: W/"69178-1667171437232"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,HEAD
content-type: image/x-png
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 0czr1t_Oe2zic-79-nt83wY25IXiPd0_uofrvEDYJKnl5vpQ6nFUww==
expires: Thu, 29 Jun 2023 04:30:26 GMT

Redirect headers

date: Wed, 28 Jun 2023 04:33:16 GMT
via: 1.1 5fd303e4294789c9f7d3efeddb26eaf4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT57-C3
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.sbishinseibank.co.jp/inc/pd/image/hr_colorbar.png
content-length: 0
x-amz-cf-id: RfhdwMGNAPmbFq5SAb8WZbfXHPd5ey-5YCprXQ57dm1vzKoyxBUGVg==

GET
H2

200

pd_logo_sp.png
www.sbishinseibank.co.jp/inc/pd/image/
Redirect Chain

https://www.shinseibank.com/inc/pd/image/pd_logo_sp.png
https://www.sbishinseibank.co.jp/inc/pd/image/pd_logo_sp.png

3 KB
3 KB

20ms
11ms

Image
image/x-png

143.204.86.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sbishinseibank.co.jp/inc/pd/image/pd_logo_sp.png

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Server

143.204.86.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-86-31.nrt12.r.cloudfront.net

Software

Apache /

Resource Hash

563f92935d003c9ab38a0cb0753ab9d58028c58a2e2a1df86bf2b3e98176ba63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:30:26 GMT
via: 1.1 834e9cf6bb1bfd10d465a5562d06d926.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: NRT12-C2
age: 170
x-cache: Hit from cloudfront
content-disposition: filename="pd_logo_sp.png"; filename*=UTF-8''"pd_logo_sp.png"
content-length: 2891
x-xss-protection: 1; mode=block
last-modified: Wed, 16 Nov 2022 14:07:21 GMT
server: Apache
etag: W/"2891-1668607641722"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,HEAD
content-type: image/x-png
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: X7ZnwFmUpw7TitDlFmiR9utR27K4adkQ9YN_4kzJgNtjQQ6DTv75hQ==
expires: Thu, 29 Jun 2023 04:30:26 GMT

Redirect headers

date: Wed, 28 Jun 2023 04:33:16 GMT
via: 1.1 5fd303e4294789c9f7d3efeddb26eaf4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: NRT57-C3
x-cache: FunctionGeneratedResponse from cloudfront
location: https://www.sbishinseibank.co.jp/inc/pd/image/pd_logo_sp.png
content-length: 0
x-amz-cf-id: h48WYZv5pcuP8aOUDSrg5dL-rIw3JycfRQmv4c7mseKov9rQzQRBNA==

GET
H2 200 vue.js Show response
lumuton.com/bk/js/ 334 KB
104 KB 668ms
667ms Script
application/javascript 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/js/vue.js

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 12:12:46 GMT
server: nginx
etag: W/"6089513e-53882"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 jquery-3.5.1.js Show response
lumuton.com/bk/js/ 281 KB
97 KB 669ms
668ms Script
application/javascript 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/js/jquery-3.5.1.js

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 07:11:14 GMT
server: nginx
etag: W/"5ef1ab12-4638e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 index.js Show response
lumuton.com/bk/js/ 4 KB
1 KB 669ms
668ms Script
application/javascript 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to

Full URL

https://lumuton.com/bk/js/index.js

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/client/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

ecbfebf6d61b69f6c9d7ff07450ef4a8c043025282b21a370ae552b550a5b57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/client/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 27 Jun 2023 18:00:55 GMT
server: nginx
etag: W/"649b23d7-f8a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 28 Jun 2023 16:33:16 GMT

GET
H2 200 ltBorder_sp.png
lumuton.com/bk/img/ 126 B
331 B 505ms
505ms Image
image/png 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lumuton.com/bk/img/ltBorder_sp.png

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/css/pages_sp.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

b11ec3b46e4cd4bfad56466afd5d4d312d6bd78d3625312b6fae91fabc067bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/css/pages_sp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 09:23:45 GMT
server: nginx
etag: "635113a1-7e"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 126
expires: Fri, 28 Jul 2023 04:33:17 GMT

GET
H2 200 icn_beginner.png
lumuton.com/bk/img/ 1 KB
2 KB 504ms
504ms Image
image/png 204.44.75.99
PACIFICRACK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lumuton.com/bk/img/icn_beginner.png

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/css/pages_sp.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.44.75.99 Los Angeles, United States, ASN64270 (PACIFICRACK, US),

Reverse DNS

204.44.75.99.static.quadranet.com

Software

nginx /

Resource Hash

10f98af360860db05d10887ba9b644d210d1e952490e41347a2093114d027ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/bk/css/pages_sp.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 04:33:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 09:23:40 GMT
server: nginx
etag: "6351139c-5eb"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1515
expires: Fri, 28 Jul 2023 04:33:17 GMT

GET
H2 200 logo-main.png
bk.web.sbishinseibank.co.jp/SFC/apps/services/www/SFC/desktopbrowser/default/images/ 4 KB
5 KB 15ms
15ms Image
image/png 13.225.165.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bk.web.sbishinseibank.co.jp/SFC/apps/services/www/SFC/desktopbrowser/default/images/logo-main.png

Requested by

Host: lumuton.com
URL: https://lumuton.com/bk/js/vue.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-5.nrt12.r.cloudfront.net

Software

/ Servlet/4.0

Resource Hash

eab1fbdb32d1d5f256f0f9bbd967938082934ee5773edfba5bf082267003e10f

Security Headers

Name	Value
Content-Security-Policy	self
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Security-Policy	self
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://lumuton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Wed, 28 Jun 2023 04:33:17 GMT
content-security-policy: self
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
via: 1.1 c0453ef0821edb3a228664426f248130.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C4
x-powered-by: Servlet/4.0
x-cache: Miss from cloudfront
content-length: 3768
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 07 Jun 2023 05:06:34 GMT
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
content-language: en-US
cache-control: no-cache, no-store, must-revalidate
x-webkit-csp: self
x-amz-cf-id: fKTPclg5PyS9MxUsFjSZ1rSuCZTrCRUMlyxM1dyf2mcEf8PX-fqftw==
x-content-security-policy: self

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shinsei Bank (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lumuton.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: ckr37enkqtjtqkauetumnitlj5
			bk.web.sbishinseibank.co.jp/	1970-01-20 13:02:11	Name: AWSALBCORS Value: DwEFWDwIqXZWn/Guv4damMbTxqcbn7ru3HYXADoptANrHTj3puJeSqOrqfhsQtPySrY/KByM0M1XROBZbALZ7Fi6xLMt3MXGlqGVTU87XMjSgJ7LYZQMGL+EKrGe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bk.web.sbishinseibank.co.jp
lumuton.com
www.sbishinseibank.co.jp
www.shinseibank.com
13.225.165.5
143.204.86.31
204.44.75.99
99.84.133.31
10f98af360860db05d10887ba9b644d210d1e952490e41347a2093114d027ea6
2348d2781b1b5da65790dbbc8a2a93091b86c3a4f28388eb272e6a9683887bf7
2d9b543170f76721a1e0f9274d6f2f13dcca4610fa4256185140ba845359f027
352baa818da109925437a8433057ddc6f91ec48efe88bc5741b2f9e34450fdce
3c54aac6bc89a7179d59c39303ac082675ee22358a5a071740cb88424f06c52f
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
41a0a94ab68af12300638e6f7c87a6ce212662f8f534f9952b308335fe678625
501063bd8742638bc916ec113959fd2ab6c08e773385ef48e6b08db007c2ada2
563f92935d003c9ab38a0cb0753ab9d58028c58a2e2a1df86bf2b3e98176ba63
5a84099509055425d11639d3018bf634177fc899e3cf842a0cbefda0645dc2f8
aabd9b724d9a61b77159f3f88696b3e7a9d1e248cafe0071ddf820cbe86f46d9
ac64357c79207e41391f5c6fa9a5333bb571151b0350b4c661626befaa57a129
b11ec3b46e4cd4bfad56466afd5d4d312d6bd78d3625312b6fae91fabc067bd6
b2eb4ef4e596b2af8284b0dd26b5a1974f1be4204e74eea0e11086f7767d3b02
cfe0dbd5a71d312b2eda46d5719f123e55022a5fe9f5b90511384b44e9e5b7d1
d72d8e54b7289ed5ba53e496050d7aa5f8b1462523e0839d0a3e65c14cbb16cc
e925f55644a5103e08b6a71c4d9f036d395abccd28f2cc917a6c122b93d3d72a
eab1fbdb32d1d5f256f0f9bbd967938082934ee5773edfba5bf082267003e10f
ecbfebf6d61b69f6c9d7ff07450ef4a8c043025282b21a370ae552b550a5b57d
fd1acd9fc9daacb1666544b83ee235d12fc50c966eb3ad3f881e38be1c6bef0a

lumuton.com Open in urlscan Pro 204.44.75.99 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

90 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

1 Countries

317 kBTransfer

818 kBSize

2 Cookies

9 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

lumuton.com Open in urlscan Pro
204.44.75.99 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

317 kB
Transfer

818 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!