![](/screenshots/8fab5fb2-0ea7-4245-bdec-6c349d8d0319.png)
keungz.store
Open in
urlscan Pro
45.142.212.234
Malicious Activity!
Public Scan
Effective URL: https://keungz.store/
Submission Tags: @ecarlesi threat phishing nhs Search All
Submission: On December 17 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on December 17th 2023. Valid for: 3 months.
This is the only time keungz.store was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NHS UK (Healthcare)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 45.142.212.234 45.142.212.234 | 44477 (STARK-IND...) (STARK-INDUSTRIES) | |
3 | 23.197.138.50 23.197.138.50 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
10 | 3 |
ASN44477 (STARK-INDUSTRIES, GB)
PTR: vm1919143.stark-industries.solutions
keungz.store |
ASN16625 (AKAMAI-AS, US)
PTR: a23-197-138-50.deploy.static.akamaitechnologies.com
assets.nhs.uk | |
www.nhs.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
keungz.store
1 redirects
keungz.store |
103 KB |
2 |
assets.nhs.uk
assets.nhs.uk — Cisco Umbrella Rank: 51416 |
35 KB |
1 |
www.nhs.uk
www.nhs.uk — Cisco Umbrella Rank: 53472 |
|
10 | 3 |
Domain | Requested by | |
---|---|---|
6 | keungz.store |
1 redirects
keungz.store
|
2 | assets.nhs.uk |
keungz.store
|
1 | www.nhs.uk |
keungz.store
|
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.nhs.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
keungz.store R3 |
2023-12-17 - 2024-03-16 |
3 months | crt.sh |
www.nhs.uk DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-28 - 2024-07-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://keungz.store/
Frame ID: BE3DA12C139EA054E168282AAA030B50
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/8fab5fb2-0ea7-4245-bdec-6c349d8d0319.png)
Page Title
8 tips for healthy eating - NHSPage URL History Show full URLs
-
http://keungz.store/
HTTP 301
https://keungz.store/ Page URL
Page Statistics
46 Outgoing links
These are links going to different origins than the main page.
Title: read more about our cookies
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: My account
Search URL Search Domain Scan URL
Title: Health A-Z
Search URL Search Domain Scan URL
Title: NHS services
Search URL Search Domain Scan URL
Title: Live Well
Search URL Search Domain Scan URL
Title: Mental health
Search URL Search Domain Scan URL
Title: Care and support
Search URL Search Domain Scan URL
Title: Pregnancy
Search URL Search Domain Scan URL
Title: Eat well
Search URL Search Domain Scan URL
Title: How to eat a balanced diet
Search URL Search Domain Scan URL
Title: Starchy carbohydrates
Search URL Search Domain Scan URL
Title: 5 A Day
Search URL Search Domain Scan URL
Title: vitamins and minerals
Search URL Search Domain Scan URL
Title: Find out more about fish and shellfish
Search URL Search Domain Scan URL
Title: eat less saturated fat
Search URL Search Domain Scan URL
Title: sugar
Search URL Search Domain Scan URL
Title: obesity
Search URL Search Domain Scan URL
Title: tooth decay
Search URL Search Domain Scan URL
Title: Food labels
Search URL Search Domain Scan URL
Title: Find out how to cut down on sugar in your diet
Search URL Search Domain Scan URL
Title: high blood pressure
Search URL Search Domain Scan URL
Title: Get tips for a lower salt diet
Search URL Search Domain Scan URL
Title: benefits of exercise
Search URL Search Domain Scan URL
Title: physical activity guidelines for adults
Search URL Search Domain Scan URL
Title: BMI healthy weight calculator
Search URL Search Domain Scan URL
Title: Lose weight with the NHS weight loss plan
Search URL Search Domain Scan URL
Title: underweight adults
Search URL Search Domain Scan URL
Title: Eatwell Guide
Search URL Search Domain Scan URL
Title: eating a balanced diet
Search URL Search Domain Scan URL
Title: understanding calories
Search URL Search Domain Scan URL
Title: The vegan diet
Search URL Search Domain Scan URL
Title: The vegetarian diet
Search URL Search Domain Scan URL
Title: Eating processed foods
Search URL Search Domain Scan URL
Title: Coronavirus (COVID-19)
Search URL Search Domain Scan URL
Title: NHS App
Search URL Search Domain Scan URL
Title: Find my NHS number
Search URL Search Domain Scan URL
Title: View your GP health record
Search URL Search Domain Scan URL
Title: About the NHS
Search URL Search Domain Scan URL
Title: Healthcare abroad
Search URL Search Domain Scan URL
Title: Contact us
Search URL Search Domain Scan URL
Title: Other NHS websites
Search URL Search Domain Scan URL
Title: Profile editor login
Search URL Search Domain Scan URL
Title: About us
Search URL Search Domain Scan URL
Title: Accessibility statement
Search URL Search Domain Scan URL
Title: Our policies
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://keungz.store/
HTTP 301
https://keungz.store/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
keungz.store/ Redirect Chain
|
53 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FrutigerLTW01-55Roman.woff2
assets.nhs.uk/fonts/ |
17 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FrutigerLTW01-65Bold.woff2
assets.nhs.uk/fonts/ |
17 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.483ebeb3425e.css
keungz.store/8%20tips%20for%20healthy%20eating%20-%20NHS_files/ |
226 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.5d922234f8af.js
keungz.store/8%20tips%20for%20healthy%20eating%20-%20NHS_files/ |
75 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie-consent.js
keungz.store/8%20tips%20for%20healthy%20eating%20-%20NHS_files/ |
105 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
keungz.store/8%20tips%20for%20healthy%20eating%20-%20NHS_files/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
296 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
bannerfeed
www.nhs.uk/externalservices/surveyfeedapi/api/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bannerfeed
www.nhs.uk/externalservices/surveyfeedapi/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
www.nhs.uk/our-policies/cookies-policy/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.nhs.uk
- URL
- https://www.nhs.uk/externalservices/surveyfeedapi/api/bannerfeed
- Domain
- www.nhs.uk
- URL
- https://www.nhs.uk/our-policies/cookies-policy/?policy-action=seen
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NHS UK (Healthcare)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| digitalData object| NHSUK_SETTINGS object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| NHSCookieConsent1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
keungz.store/ | Name: nhsuk-cookie-consent Value: %7B%22necessary%22%3Atrue%2C%22preferences%22%3Afalse%2C%22statistics%22%3Afalse%2C%22marketing%22%3Afalse%2C%22consented%22%3Afalse%2C%22version%22%3A4%7D |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nhs.uk
keungz.store
www.nhs.uk
www.nhs.uk
23.197.138.50
45.142.212.234
05ce4d18c096e5f89940ada97c05fcee34c1887cc023271e8e18628eac797d92
2282f90780c5ff5b796c1a88d3f550483b2f0780fe3e5d671f9019cae70fd7c3
453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c
64e70bc34a11a62fb7fddd40dad684178474c4888bee50ed042305c6d9c04f0b
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
89f98a39be95eb365f7dfa02ea591cfa4bb679b87931969a815e1a54e65c45e7
8a69b0bb521ca0d8791c4c67530cb1b4d216e931eb2e31de9918e03720f2e180
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842