vpnlands.com
Open in
urlscan Pro
188.114.97.3
Public Scan
Effective URL: https://vpnlands.com/general/pl/new/lp4_tr_xxwkng/?clickid=owu5bt&trackingid=ci3lbpamidmc73ed8j80&affclickid=5z83bmsb...
Submission: On June 12 via api from JP — Scanned from PL
Summary
TLS certificate: Issued by E1 on May 4th 2023. Valid for: 3 months.
This is the only time vpnlands.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 5.187.52.246 5.187.52.246 | 197155 (ARTNET) (ARTNET) | |
1 | 155.94.219.251 155.94.219.251 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 4 | 104.21.28.174 104.21.28.174 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.158.251 172.67.158.251 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 94.237.103.119 94.237.103.119 | 202053 (UPCLOUD) (UPCLOUD) | |
1 9 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 172.67.202.87 172.67.202.87 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 69.16.175.42 69.16.175.42 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 | 157.240.0.6 157.240.0.6 | 32934 (FACEBOOK) (FACEBOOK) | |
16 | 7 |
ASN197155 (ARTNET, PL)
PTR: d52246.artnet.gda.pl
thzss.mail.riaueventorganizer.com |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: ns1.miami-servers.com
theshiningtree.com |
ASN202053 (UPCLOUD, FI)
PTR: 94-237-103-119.de-fra1.upcloud.host
1d706b4e081.megatrffc.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
vpnlands.com
vpnlands.com |
24 KB |
4 |
jukminung.com
1 redirects
lynku.jukminung.com |
6 KB |
1 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170 |
28 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 768 |
30 KB |
1 |
trankingo.com
1 redirects
trankingo.com |
555 B |
1 |
bohaweras.com
1 redirects
bohaweras.com |
729 B |
1 |
megatrffc.com
1d706b4e081.megatrffc.com |
1 KB |
1 |
addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 446257 |
1015 B |
1 |
theshiningtree.com
theshiningtree.com |
450 B |
1 |
riaueventorganizer.com
1 redirects
thzss.mail.riaueventorganizer.com |
320 B |
16 | 10 |
Domain | Requested by | |
---|---|---|
8 | vpnlands.com |
vpnlands.com
|
4 | lynku.jukminung.com |
1 redirects
theshiningtree.com
lynku.jukminung.com |
1 | connect.facebook.net |
vpnlands.com
|
1 | code.jquery.com |
vpnlands.com
|
1 | trankingo.com | 1 redirects |
1 | bohaweras.com | 1 redirects |
1 | 1d706b4e081.megatrffc.com |
lynku.jukminung.com
|
1 | cdn.addlnk.com |
lynku.jukminung.com
|
1 | theshiningtree.com | |
1 | thzss.mail.riaueventorganizer.com | 1 redirects |
16 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
theshiningtree.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-16 - 2023-12-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-20 - 2024-03-18 |
a year | crt.sh |
addlnk.com GTS CA 1P5 |
2023-04-15 - 2023-07-14 |
3 months | crt.sh |
*.megatrffc.com R3 |
2023-05-12 - 2023-08-10 |
3 months | crt.sh |
vpnlands.com E1 |
2023-05-04 - 2023-08-02 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-03-22 - 2023-06-20 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://vpnlands.com/general/pl/new/lp4_tr_xxwkng/?clickid=owu5bt&trackingid=ci3lbpamidmc73ed8j80&affclickid=5z83bmsbp31nullxjrawwkk44,17085029,5,4379&sub1=4379&sub4=unknown&sub5=unknown&ssid=unknown
Frame ID: CCB5077B701F8612059953BF42EA09B0
Requests: 14 HTTP requests in this frame
Frame:
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: 4AFCFFE3D812198DC20E399ABC0AA4A6
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
VPN PlanetPage URL History Show full URLs
-
http://thzss.mail.riaueventorganizer.com//t/mnk75x0ye/r7067471051x478x84579x25910703x2955555x7082228119x4511019
HTTP 302
https://theshiningtree.com/176468384e715116f32/947_150174_97548_874/9101154_5555592/53012952 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1350885633&pubid=690416 Page URL
- https://1d706b4e081.megatrffc.com/?p=4379&media_type=mainstream&sub_id=pubdc4efa8afd2a4e91a730e2dc1bf75a52&pub... Page URL
-
https://bohaweras.com/click?key=9fb51a5d7b71f5b5bd8e&partnerid=25&clickid=5z83bmsbp31nullxjrawwkk4...
HTTP 307
https://trankingo.com/?utm_campaign=205&bclickid=ci3lbpamidmc73ed8j80&pclickid=5z83bmsbp31nullxjra... HTTP 302
https://vpnlands.com/general/pl/new/lp4_tr_xxwkng/?clickid=owu5bt&trackingid=ci3lbpamidmc73ed8j80... Page URL
Detected technologies
Facebook (Widgets) ExpandDetected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://thzss.mail.riaueventorganizer.com//t/mnk75x0ye/r7067471051x478x84579x25910703x2955555x7082228119x4511019
HTTP 302
https://theshiningtree.com/176468384e715116f32/947_150174_97548_874/9101154_5555592/53012952 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1350885633&pubid=690416 Page URL
- https://1d706b4e081.megatrffc.com/?p=4379&media_type=mainstream&sub_id=pubdc4efa8afd2a4e91a730e2dc1bf75a52&pubid=690416&pi=690416 Page URL
-
https://bohaweras.com/click?key=9fb51a5d7b71f5b5bd8e&partnerid=25&clickid=5z83bmsbp31nullxjrawwkk44,17085029,5,4379&pubid=4379
HTTP 307
https://trankingo.com/?utm_campaign=205&bclickid=ci3lbpamidmc73ed8j80&pclickid=5z83bmsbp31nullxjrawwkk44,17085029,5,4379&partnerid=25&pubid=4379&sourceid=&sub1=&sub2=&sub3=&sub4=&sub5=&sub6= HTTP 302
https://vpnlands.com/general/pl/new/lp4_tr_xxwkng/?clickid=owu5bt&trackingid=ci3lbpamidmc73ed8j80&affclickid=5z83bmsbp31nullxjrawwkk44,17085029,5,4379&sub1=4379&sub4=unknown&sub5=unknown&ssid=unknown Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://thzss.mail.riaueventorganizer.com//t/mnk75x0ye/r7067471051x478x84579x25910703x2955555x7082228119x4511019 HTTP 302
- https://theshiningtree.com/176468384e715116f32/947_150174_97548_874/9101154_5555592/53012952
- https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
53012952
theshiningtree.com/176468384e715116f32/947_150174_97548_874/9101154_5555592/ Redirect Chain
|
137 B 450 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9e8aef8068
lynku.jukminung.com/rc/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.css
cdn.addlnk.com/ |
1 KB 1015 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame 4AFC Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7d63d2db8f81ffbc
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 4AFC |
0 568 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
1d706b4e081.megatrffc.com/ |
966 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
vpnlands.com/general/pl/new/lp4_tr_xxwkng/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
vpnlands.com/general/pl/new/lp4_tr_xxwkng/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getUrlParams.js
vpnlands.com/general/pl/new/lp4_tr_xxwkng/js/ |
920 B 693 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mobile.png
vpnlands.com/general/pl/new/lp4_tr_xxwkng/img/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
vpnlands.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ajax.min.js
vpnlands.com/general/pl/new/lp4_tr_xxwkng/js/ |
1 KB 959 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nbb.min.js
vpnlands.com/general/scripts/ |
696 B 853 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
108 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_blue.png
vpnlands.com/general/pl/new/lp4_tr_xxwkng/img/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| getAllUrlParams string| sub5 function| fbq function| _fbq function| $ function| jQuery function| newLand8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
theshiningtree.com/ | Name: uid15295 Value: 1350885633-20230612133046-80d84a77d8dcfb4279ed48830cf573d2- |
|
lynku.jukminung.com/ | Name: AWSALB Value: ebLjVmbmG/PemqsutcbLMkxIlhpLrYCONmI7I1hyqEBwrEFAyjJDpxWV/oNyjIo2agy4snM1NQ89qRLZjGoy1Z/R839bfwX0Kj1HIS8lQqD7TO4AC0PMEKScrq+q |
|
.jukminung.com/ | Name: __cf_bm Value: uZHg97HALBCuZb39PUjZACgmjyibke4I_Si5CADi0nk-1686591047-0-AS27QcerbUXBuPfXs/szGY4BJ0KKY7JIfvB1Zym8SOO9caUN11W9iUi0II8KXWQ8yA== |
|
.1d706b4e081.megatrffc.com/ | Name: rts-trck Value: 1 |
|
.megatrffc.com/ | Name: t-uuid Value: 5z83bmsbs9wk80i0tvhsskk80 |
|
.megatrffc.com/ | Name: traffic-back Value: ok |
|
bohaweras.com/ | Name: uclick Value: mO+NwVYOOY4137bxP2CYsf9WsqR0Osxgvez+84nzdnCKG7r8/4CTMCNFBx9RGVUplfnbXII= |
|
bohaweras.com/ | Name: clickinfo Value: ci3lbpamidmc73ed8j80 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d706b4e081.megatrffc.com
bohaweras.com
cdn.addlnk.com
code.jquery.com
connect.facebook.net
lynku.jukminung.com
theshiningtree.com
thzss.mail.riaueventorganizer.com
trankingo.com
vpnlands.com
104.21.28.174
155.94.219.251
157.240.0.6
172.67.158.251
172.67.202.87
188.114.97.3
5.187.52.246
69.16.175.42
94.237.103.119
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2abe29f6cd412e607acb020ef631f1e0b589c7375126001cf31241c5d1b3fc0e
2b70af8f9425d6795e8ed9badbbe8e702e2d1a653e53dd0d62a24ee6b6d65ad3
34fcca039a9e230726318fc2dd0206acd919ba891404808d1989f90e6bd9283d
3c546c7448c99f07dd1f124a03cfbd76d251357810406a132854962f4935d9b6
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
b67523f069c217d0f386a4c33c8fc9f99dfb82b6aee634f27a4d6c4fd4a3141a
b683dbc4c6c16119b8bc0fb46c65ae500aaca228785c7e53db9fa98359f138dd
d8645d704c933bcab37eecdc9a4efb73482a1e27e4adca4e1fc492fd1931387b
e3a815697af3e530b661d0e4b4de7f986774bae41295ec78c06dc31af2b69328
f9391cdc2db87c9dd1cdf101d0e3bb6287fad50d73aeb04451ca9e1dc992e270
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e