www.lokumdukkani.com
Open in
urlscan Pro
78.40.230.207
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On May 03 via api from GB
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 16th 2019. Valid for: a year.
This is the only time www.lokumdukkani.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
29 | 78.40.230.207 78.40.230.207 | 43391 (NETDIREKT-AS) (NETDIREKT-AS) | |
29 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
lokumdukkani.com
www.lokumdukkani.com |
593 KB |
29 | 1 |
Domain | Requested by | |
---|---|---|
29 | www.lokumdukkani.com |
www.lokumdukkani.com
|
29 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.lokumdukkani.com Sectigo RSA Domain Validation Secure Server CA |
2019-08-16 - 2020-08-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/i1.html?US=_85982f347be7df2b50bc66cb276edca3=United+States
Frame ID: 141264D308FD41EACB452505F8FDA443
Requests: 29 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
i1.html
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
31 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i1.css
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
40 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i3.js
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
31 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i4.svg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i2.svg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
2 KB 904 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i5.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
299 B 380 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i3.svg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
2 KB 907 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i3.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
15 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
56 KB 56 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i5.svg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
556 B 446 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i6.svg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
552 B 447 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i12.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i11.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
2 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i10.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i7.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
810 B 883 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i8.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i2.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i4.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
15 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i6.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
279 B 351 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i2.js
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
86 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i1.js
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
81 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i8.svg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
516 B 432 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-marquee-dot-inactive.svg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-image-sprite.png
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
0 54 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jslog
www.lokumdukkani.com/as/common/ |
968 KB 115 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i7.svg
www.lokumdukkani.com/admin/language/en-gb/extension/extension/wells/ |
667 B 495 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ls_pagespeed_beacon
www.lokumdukkani.com/ |
0 60 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.gif
www.lokumdukkani.com/assets/images/global/ |
970 KB 115 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s.gif
www.lokumdukkani.com/assets/images/global/ |
970 KB 115 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)148 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| Validator function| sfm_validator_enable_focus function| add_addnl_vfunction function| set_addnl_vfunction function| run_addnl_validations function| sfm_set_focus function| sfm_disable_validations function| sfm_enable_show_msgs_together function| sfm_validator_message_disp_pos function| clear_all_validations function| form_submit_handler function| add_validation function| handle_item_on_killfocus function| validator_enable_OPED function| validator_enable_OPED_SB function| sfm_ErrorDisplayHandler function| edh_clear_msgs function| edh_FinalShowMsg function| edh_EnableOnPageDisplay function| edh_ShowMsg function| AlertMsgDisplayer function| alert_clearmsg function| alert_showmsg function| sfm_show_error_msg function| SingleBoxErrorDisplay function| sb_div_clearmsg function| sb_div_showmsg function| form_error_div_name function| sfm_show_div_msg function| DivMsgDisplayer function| div_clearmsg function| element_div_name function| div_showmsg function| show_div_msg function| ValidationDesc function| vdesc_validate function| ValidationSet function| add_validationdesc function| vset_validate function| validateEmail function| TestComparison function| TestSelMin function| TestSelMax function| IsCheckSelected function| TestDontSelectChk function| TestShouldSelectChk function| TestRequiredInput function| TestFileExtension function| TestMaxLen function| TestMinLen function| TestInputType function| TestEmail function| TestLessThan function| TestGreaterThan function| TestRegExp function| TestDontSelect function| TestSelectOneRadio function| TestSelectRadio function| validateInput function| VWZ_IsListItemSelected function| VWZ_IsChecked function| sfm_str_trim function| VWZ_IsEmpty object| pagespeed object| frmvalidator function| domReady object| jsData object| tasInfo function| $ function| jQuery object| WF function| GSA_getSearchRootPathPrefix function| GSA_getResourceRootPathPrefix function| GSA_isEmbeddedMode string| ss_form_element string| ss_popup_element object| ss_seq string| ss_g_one_name_to_display string| ss_g_more_names_to_display number| ss_g_max_to_display number| ss_max_to_display number| ss_wait_millisec number| ss_delay_millisec object| ss_gsa_host string| SS_OUTPUT_FORMAT_LEGACY string| SS_OUTPUT_FORMAT_OPEN_SEARCH string| SS_OUTPUT_FORMAT_RICH string| ss_protocol boolean| ss_allow_non_query string| ss_non_query_empty_title boolean| ss_allow_debug object| URI_RE_ object| URI_DISALLOWED_IN_SCHEME_OR_CREDENTIALS_ object| URI_DISALLOWED_IN_PATH_ object| ss_cached object| ss_qbackup object| ss_qshown number| ss_loc number| ss_waiting boolean| ss_painting object| ss_key_handling_queue object| ss_painting_queue boolean| ss_dismissed boolean| ss_panic string| SS_ROW_CLASS string| SS_ROW_SELECTED_CLASS undefined| XH_ieProgId_ number| XML_READY_STATE_UNINITIALIZED number| XML_READY_STATE_LOADING number| XML_READY_STATE_LOADED number| XML_READY_STATE_INTERACTIVE number| XML_READY_STATE_COMPLETED function| XH_XmlHttpInit_ function| XH_XmlHttpCreate function| XH_XmlHttpGET function| XH_XmlHttpPOST function| XH_XmlHttpOpen function| XH_XmlHttpSetRequestHeader function| XH_XmlHttpSend function| XH_XmlHttpAbort object| ss_debug function| ss_composeSuggestUri function| ss_suggest function| ss_processed function| ss_handleAllKey function| ss_handleKey function| ss_isEmbeddedMode_ function| ss_handleQuery function| ss_removeNode_ function| ss_replaceNode_ function| ss_initEmbedMode_ function| ss_sf function| ss_clear function| ss_hide function| ss_show function| ss_showSuggestion function| ss_showRelatedSuggestion function| ss_handleMouseM function| ss_handleMouseC function| ss_countSuggestions function| ss_locateSuggestion function| ss_escape function| ss_escapeDbg function| ss_Debugger object| ss_use object| root3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.lokumdukkani.com/ | Name: currency Value: TRY |
|
.www.lokumdukkani.com/ | Name: language Value: tr-tr |
|
www.lokumdukkani.com/ | Name: OCSESSID Value: 4155a8ca7d721a3086bcfbbbfa |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.lokumdukkani.com
78.40.230.207
073dbd57bfaadacd622a9b8e4f1aee42b16cd432baf7ca48a60664df80f63cb1
2200a9e375e3d5c525c25761c491bbdcd87c9d12768b7817ace6dff27ef99b8a
33a3eba0d1bf0259447ae0786847eb09f02e6947f3d2f295b11ecd30872035bf
3fa602c635448d258a7392d89046409850a41bb34bee28e7c6397ed8ca20e60c
448d185a92a5c04173b88a49c9d5576e7f9a4fc3ed866486d607c20a1362d5ad
44a0cfd7074e7ad69c45ddbf4858d30af48f38b56e9661a5361b1603dfb5ad59
583dfe454a46b66a216954e48da51770f9757b8e8a61e779575b5e8e6e502cc2
61ac8ffd5933c59707d7ac39764272f6e5fcfd21bc1eabedc0dd4061e68790fe
76425f1bc7897764846ff586b81d1495a6e807cb3ffda71ff6f51a5186b77634
7bfab3d904c5effc47fe1577c20615a1efcf84f2a6e1b8e5ccaa501ac657fcab
7e9697a48939ce70ad22c87cc964f9701ce8f47eb3747ddbf8a1f9f3297fc5c3
9a0c56b96d50d172b45d8106cc0eb02adbbe81c05ce68082e42df2566219db79
9b6230164ae629001d38a5e9893f5ccd9dba2393ea9595b567e6ecbea795396c
9f85681d0440b97cf336dc26315c3c895f89ca031d0675441553623ce27e2a11
a371df933fe924b2c3423c9b178eb64152a9a0174bfe1788d14c8104b06116fc
ae0e8e76385a4f9156aa297d205932334a753d2d9d834ad23b736ea5aeebba12
b1342566da1681c745717f614e6310690d9fff973cf06a450a9c4570d0a7b73d
ba301c5ae0d795e133519ac0d2891d8f9cf3820c487e029dbfef86cf61a0c5d2
bdf3a27fe6239098b329059b9c3c4614d5d455da4bd48519bd9d09702a6fbf78
c11155f5dc039dc2543740015a6851926a264fbb14d3549ddf976b90701c96b6
c3ff2d939394bb7e0d4281751e28ec17f99af931cbea9733483794d6f77b9016
dbc72e53b1e860f0550c6d21b22ffa821c88618f6736f41b1de06ffbeae536a3
e07b5c1a91bcb918cae3188c71f28a146175a066c772e9a9f9200577e6f7da36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41c0acb1e3d7b78375a884b693a1d151899b47ec53882aa81aea1cb8989c736
f5e90d9eb8e07ccd4ebe0f25331a39d78d02af0405a32b93613f4b89fe472bbd