urlscan.io logo urlscan.io
SecurityTrails logo

shopykn.com Open in urlscan Pro
18.162.206.28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shopykn.com/login
Effective URL: https://shopykn.com/login
Submission: On April 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 18.162.206.28, located in Hong Kong and belongs to AMAZON-02, US. The main domain is shopykn.com.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.
This is the only time shopykn.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Target (Retail)

Domain & IP information

IP Address AS Autonomous System
8 18.162.206.28 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 3
Apex Domain
Subdomains		 Transfer
8 shopykn.com
shopykn.com
1 MB
2 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
872 B
11 3
Domain Requested by
8 shopykn.com shopykn.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com shopykn.com
11 3

This site contains no links.

Subject Issuer Validity Valid
shopjuz.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://shopykn.com/login
Frame ID: CA8E78AC797B193C700F3FAE98321A80
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Target Best e-commerce website

Page URL History Show full URLs

  1. http://shopykn.com/login HTTP 307
    https://shopykn.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

27 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1399 kB
Transfer

2859 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shopykn.com/login HTTP 307
    https://shopykn.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
shopykn.com/
Redirect Chain
  • http://shopykn.com/login
  • https://shopykn.com/login
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shopykn.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.162.206.28 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-206-28.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da554fb915653db5d9320d545ce9d833114aa092f484e296e13805b0e91b5062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 17 Apr 2024 16:25:20 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

Location
https://shopykn.com/login
Non-Authoritative-Reason
HttpsUpgrades
css
fonts.googleapis.com/ 		4 KB
872 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: shopykn.com
URL: https://shopykn.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shopykn.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Apr 2024 16:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Apr 2024 16:10:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Apr 2024 16:25:20 GMT
vendors.css
shopykn.com/public/assets/css/ 		437 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shopykn.com/public/assets/css/vendors.css
Requested by
Host: shopykn.com
URL: https://shopykn.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.162.206.28 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-206-28.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
80788cb10255b2093da150862c8566b3b29f51f3f7c9fc6e357c8ad71cee3282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shopykn.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 16:25:20 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 16 Jul 2022 07:14:30 GMT
server
nginx
etag
W/"62d26556-6d5a5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 18 Apr 2024 04:25:20 GMT
aiz-core.css
shopykn.com/public/assets/css/ 		172 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shopykn.com/public/assets/css/aiz-core.css
Requested by
Host: shopykn.com
URL: https://shopykn.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.162.206.28 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-206-28.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d5248ccf7163e268f2124917f9796fe892341d92d226797605a157c2f1274306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shopykn.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 16:25:20 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 16 Jul 2023 07:17:33 GMT
server
nginx
etag
W/"64b3998d-2af6e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Thu, 18 Apr 2024 04:25:20 GMT
1h8tOkBeuNJGnn8VeLL0wfdh8yJaC4zcfyOvQTyz.png
shopykn.com/public/uploads/all/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shopykn.com/public/uploads/all/1h8tOkBeuNJGnn8VeLL0wfdh8yJaC4zcfyOvQTyz.png
Requested by
Host: shopykn.com
URL: https://shopykn.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.162.206.28 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-206-28.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b0144877fe4c6593b300dc5b0701296a92e3bb3727eac5b0ed9d892e32d1a29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shopykn.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 16:25:20 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 29 Oct 2023 16:25:53 GMT
server
nginx
etag
"653e8791-aa5"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2725
expires
Fri, 17 May 2024 16:25:20 GMT
vendors.js
shopykn.com/public/assets/js/ 		1 MB
418 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopykn.com/public/assets/js/vendors.js
Requested by
Host: shopykn.com
URL: https://shopykn.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.162.206.28 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-206-28.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c4e35efc01e8a1dfa7e224e52fe8e66f5a10ed955e606542bed8cc48d8829902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shopykn.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 16:25:20 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 05 Mar 2022 15:47:42 GMT
server
nginx
etag
W/"6223861e-147f5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 18 Apr 2024 04:25:20 GMT
aiz-core.js
shopykn.com/public/assets/js/ 		83 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shopykn.com/public/assets/js/aiz-core.js
Requested by
Host: shopykn.com
URL: https://shopykn.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.162.206.28 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-206-28.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4c5d3f6eb60b3e069ed27e48627c2d5f39119128770393e903391087ceae5a6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shopykn.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 16:25:21 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 03 Apr 2024 11:54:22 GMT
server
nginx
etag
W/"660d436e-14aab"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 18 Apr 2024 04:25:21 GMT
gmabcZarenmyWWamtoj1iwJdENPcAdm3A8Goc0a0.png
shopykn.com/public/uploads/all/ 		767 KB
768 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shopykn.com/public/uploads/all/gmabcZarenmyWWamtoj1iwJdENPcAdm3A8Goc0a0.png
Requested by
Host: shopykn.com
URL: https://shopykn.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.162.206.28 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-206-28.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f1416dfbc2420899b3b664f422c0b07d9de1310c28eaf08bb67086d07c72c15c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shopykn.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 16:25:21 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 13 Jan 2022 11:21:38 GMT
server
nginx
etag
"61e00b42-bfa83"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
785027
expires
Fri, 17 May 2024 16:25:21 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://shopykn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 03:51:39 GMT
x-content-type-options
nosniff
age
390822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 03:51:39 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://shopykn.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 13:26:32 GMT
x-content-type-options
nosniff
age
356329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 13:26:32 GMT
CYFVMHDRJEQfxY2N4yVEoXGcwhC0gHpFDB1Osbg1.jpg
shopykn.com/public/uploads/all/ 		62 KB
62 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://shopykn.com/public/uploads/all/CYFVMHDRJEQfxY2N4yVEoXGcwhC0gHpFDB1Osbg1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.162.206.28 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-206-28.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
59049c908d091112afdf15ad7d5b384f06ed2ee51467857a04ddd1a4a28d8e6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://shopykn.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 16:25:22 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 29 Oct 2023 16:55:26 GMT
server
nginx
etag
"653e8e7e-f69c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
63132
expires
Fri, 17 May 2024 16:25:22 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Target (Retail)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AIZ function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| ownKeys function| _objectSpread function| _defineProperty function| $ function| jQuery function| Popper object| bootstrap function| metisMenu function| moment object| intlTelInputGlobals function| intlTelInput object| noUiSlider function| daterangepicker object| Base64 object| Uppy object| FooTable object| lazySizes object| jsSocials function| Color function| Chart function| autoFill

1 Cookies

Domain/Path Name / Value
shopykn.com/ Name: target_session
Value: CBNj60i35p98oJDrixd4R9iSD8PAYOeSgK4ucSPa

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://shopykn.com/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000