116.212.66.214 Open in urlscan Pro
116.212.66.214  Malicious Activity! Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 116.212.66.214/gmx/	9 KB 4 KB	651ms 630ms	Document text/html	116.212.66.214 INTRACEPTIVES-AU-...
General Check archive.org Show headers Download Go to Full URL http://116.212.66.214/gmx/ Protocol HTTP/1.1 Server 116.212.66.214 Cronulla, Australia, ASN17889 (INTRACEPTIVES-AU-AS-AP Intraceptives Pty Ltd, AU), Reverse DNS 116-212-66-214.i3.net.au Software Apache/2.2.22 (Debian) / Resource Hash 658e4babe74d0405ded18905cc8b873c0de94b03393707631001d7d5db4b3a2f Request headers Host 116.212.66.214 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 27 Oct 2020 13:41:03 GMT Server Apache/2.2.22 (Debian) Last-Modified Wed, 21 Oct 2020 10:51:15 GMT ETag "a01ad-23cd-5b22c206a2ad5" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 3320 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H2	200	base.css js.ui-portal.de/ci/gmx/global/20180208/	145 KB 22 KB	195ms 110ms	Stylesheet text/css	23.210.249.45 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/base.css Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.45 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-45.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9c84d35ec71a99f16ce60bfa2977e5ce025e31143fad8736bca43ceb651cffc5 Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 27 Oct 2020 13:52:07 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 13:02:05 GMT server Apache etag "24431-58c4dc4c84590" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=1434 accept-ranges bytes x-robots-tag noindex content-length 22591 x-akamai-path-stats [1:4109:4294964187]
GET H2	200	adaptive.css js.ui-portal.de/ci/gmx/global/20180208/	45 KB 8 KB	256ms 172ms	Stylesheet text/css	23.210.249.45 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/adaptive.css Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.45 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-45.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 634e8eccad8d3201faf04e702d575aa23057f5f6ce499f25b1dca77f336ae1ef Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 27 Oct 2020 13:52:07 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 13:25:12 GMT server Apache etag "b450-58c4e177895a3" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=1725 accept-ranges bytes x-robots-tag noindex content-length 7865 x-akamai-path-stats [1:4763:4294966533]
GET H2	200	base-adaptive.js Show response js.ui-portal.de/ci/gmx/global/20180208/	203 KB 63 KB	126ms 42ms	Script application/javascript	23.210.249.45 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/base-adaptive.js Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.45 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-45.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 987951c68e0c376b1b3751afb182729c272b2f77b8beb8be436cd0b4d61c82d9 Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 27 Oct 2020 13:52:07 GMT content-encoding gzip last-modified Fri, 07 Sep 2018 14:12:36 GMT server Apache etag "32b00-57548997b03f3" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=714 accept-ranges bytes x-robots-tag noindex content-length 64113 x-akamai-path-stats [1:1788:4294966508]
GET H/1.1	200 OK	internet_made_in_germany.png 116.212.66.214/gmx/a/	4 KB 4 KB	328ms 327ms	Image image/png	116.212.66.214 INTRACEPTIVES-AU-...
General Check archive.org Show headers Download Go to Show image Full URL http://116.212.66.214/gmx/a/internet_made_in_germany.png Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol HTTP/1.1 Server 116.212.66.214 Cronulla, Australia, ASN17889 (INTRACEPTIVES-AU-AS-AP Intraceptives Pty Ltd, AU), Reverse DNS 116-212-66-214.i3.net.au Software Apache/2.2.22 (Debian) / Resource Hash f47999ceb30f952debf5e9aa5f6a86f881da6cb7c4fafca57fce00d18c1f511d Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 27 Oct 2020 13:41:04 GMT Last-Modified Wed, 21 Oct 2020 10:51:40 GMT Server Apache/2.2.22 (Debian) ETag "a01b1-ed4-5b22c21e67a35" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3796
GET H/1.1	200 OK	EmiG.png 116.212.66.214/gmx/a/	4 KB 5 KB	644ms 620ms	Image image/png	116.212.66.214 INTRACEPTIVES-AU-...
General Check archive.org Show headers Download Go to Show image Full URL http://116.212.66.214/gmx/a/EmiG.png Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol HTTP/1.1 Server 116.212.66.214 Cronulla, Australia, ASN17889 (INTRACEPTIVES-AU-AS-AP Intraceptives Pty Ltd, AU), Reverse DNS 116-212-66-214.i3.net.au Software Apache/2.2.22 (Debian) / Resource Hash c7cf6e45fc63c15df0adc9ac96cd0d503a3ac6d1ce9d89192855e3b623dec2ba Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 27 Oct 2020 13:41:04 GMT Last-Modified Wed, 21 Oct 2020 10:51:43 GMT Server Apache/2.2.22 (Debian) ETag "a01b2-1110-5b22c2214ecd5" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4368
GET H/1.1	200 OK	cloud_made_in_germany.png 116.212.66.214/gmx/a/	3 KB 4 KB	603ms 579ms	Image image/png	116.212.66.214 INTRACEPTIVES-AU-...
General Check archive.org Show headers Download Go to Show image Full URL http://116.212.66.214/gmx/a/cloud_made_in_germany.png Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol HTTP/1.1 Server 116.212.66.214 Cronulla, Australia, ASN17889 (INTRACEPTIVES-AU-AS-AP Intraceptives Pty Ltd, AU), Reverse DNS 116-212-66-214.i3.net.au Software Apache/2.2.22 (Debian) / Resource Hash e6782181125e9be5ed53e2d937890999a1d39c50d34127af5bb1b7adf30fa313 Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 27 Oct 2020 13:41:04 GMT Last-Modified Wed, 21 Oct 2020 10:51:50 GMT Server Apache/2.2.22 (Debian) ETag "a01b4-d1a-5b22c227be435" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3354
GET H/1.1	200 OK	unicef.png 116.212.66.214/gmx/a/	5 KB 5 KB	632ms 608ms	Image image/png	116.212.66.214 INTRACEPTIVES-AU-...
General Check archive.org Show headers Download Go to Show image Full URL http://116.212.66.214/gmx/a/unicef.png Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol HTTP/1.1 Server 116.212.66.214 Cronulla, Australia, ASN17889 (INTRACEPTIVES-AU-AS-AP Intraceptives Pty Ltd, AU), Reverse DNS 116-212-66-214.i3.net.au Software Apache/2.2.22 (Debian) / Resource Hash 5db6c1e738317112c38990d5f2586dc1c547bc140798e65b898457bbb6422904 Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 27 Oct 2020 13:41:04 GMT Last-Modified Wed, 21 Oct 2020 10:51:31 GMT Server Apache/2.2.22 (Debian) ETag "a01b0-14cf-5b22c21610df5" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5327
GET H/1.1	200 OK	de-mail.png 116.212.66.214/gmx/a/	4 KB 4 KB	588ms 565ms	Image image/png	116.212.66.214 INTRACEPTIVES-AU-...
General Check archive.org Show headers Download Go to Show image Full URL http://116.212.66.214/gmx/a/de-mail.png Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol HTTP/1.1 Server 116.212.66.214 Cronulla, Australia, ASN17889 (INTRACEPTIVES-AU-AS-AP Intraceptives Pty Ltd, AU), Reverse DNS 116-212-66-214.i3.net.au Software Apache/2.2.22 (Debian) / Resource Hash f6d18f1a0126027cf6dbcde0b163fc06d8eeeff86569fb1e08a29037acfb0576 Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 27 Oct 2020 13:41:04 GMT Last-Modified Wed, 21 Oct 2020 10:51:46 GMT Server Apache/2.2.22 (Debian) ETag "a01b3-e56-5b22c22469b95" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3670
GET H/1.1	200 OK	1346.js Show response uim.tifbs.net/js/	31 KB 10 KB	135ms 31ms	Script application/javascript	195.20.250.111 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Full URL https://uim.tifbs.net/js/1346.js Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 195.20.250.111 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS uim-bs.tifbs.net Software Apache / Resource Hash 04582818bc3da38bd59573f71f3c9d1dfed34cecddebdbe8be701886c56bf012 Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 27 Oct 2020 13:52:07 GMT Content-Encoding gzip Last-Modified Thu, 22 Oct 2020 14:10:06 GMT Server Apache ETag "7bb7-5b243055bab80-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, public Connection close Accept-Ranges bytes Content-Length 10412
GET H2	200	logoCI2018_de.png img.ui-portal.de/ci/gmx/global/	3 KB 3 KB	162ms 159ms	Image image/png	23.210.249.45 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/logoCI2018_de.png Requested by Host: js.ui-portal.de URL: https://js.ui-portal.de/ci/gmx/global/20180208/base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.45 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-45.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 0b546c8297848467d2a26d1f48a00fa3691f2b65edebc4e220b312718e07b46f Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 27 Oct 2020 13:52:07 GMT last-modified Sun, 21 Jan 2018 14:09:40 GMT server Apache etag "c7d-56349dd51c0bf" content-type image/png status 200 cache-control public, max-age=401 accept-ranges bytes x-robots-tag noindex content-length 3197 x-akamai-path-stats [1:3463:4294964833]
GET H2	200	header_home_icon_24_hellgrau.svg img.ui-portal.de/ci/gmx/global/nav/	1018 B 808 B	139ms 137ms	Image image/svg+xml	23.210.249.45 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/nav/header_home_icon_24_hellgrau.svg Requested by Host: js.ui-portal.de URL: https://js.ui-portal.de/ci/gmx/global/20180208/base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.45 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-45.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 19ff286b0fc42c787e805701d2a39a3be91361e9b53e804ba458724464d35652 Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 27 Oct 2020 13:52:07 GMT content-encoding gzip last-modified Fri, 26 Jan 2018 13:42:00 GMT server Apache status 200 etag "3fa-563ae0f94d224" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=1657 accept-ranges bytes x-robots-tag noindex content-length 582 x-akamai-path-stats [1:2013:4294966283]
GET H2	200	breadcrumb.gif img.ui-portal.de/ci/gmx/global/icon/	49 B 409 B	171ms 170ms	Image image/gif	23.210.249.45 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/icon/breadcrumb.gif Requested by Host: js.ui-portal.de URL: https://js.ui-portal.de/ci/gmx/global/20180208/base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.45 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-45.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 1b9fec2191fc270b09bd76974d73e73ed5a2ad12717e0dc9c7099f8089c4c431 Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-im-lunatoken ui-https-166990 last-modified Fri, 15 Nov 2013 10:25:39 GMT server Apache etag "31-4eb349ea0aec0" x-im2g-akamai-auth-data salt=4403660608638223199 parse=1 adapted=1 x-im-original-width 6 status 200 x-im2g-akamai-auth-sign x0iX2gtfiODUtX3sLifeRYo4CxXr1qdUxFIwE+7KlZg= cache-control public, max-age=1320 x-im-original-size 49 x-im-encoding-quality 100 content-type image/gif content-length 49 date Tue, 27 Oct 2020 13:52:07 GMT x-akamai-path-stats [1:4341:4294963955]
GET H2	200	l-hero_desktop_1000x496.jpg img.ui-portal.de/cms/gmx/produkte/grusskarten/	27 KB 28 KB	186ms 185ms	Image image/jpeg	23.210.249.45 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/cms/gmx/produkte/grusskarten/l-hero_desktop_1000x496.jpg Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.45 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-45.deploy.static.akamaitechnologies.com Software Apache / Resource Hash bd77bf22bb45184e0bc86eac9100d0e1dbaa8cf7c4e0c4fa94819408249bf80a Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 27 Oct 2020 13:52:07 GMT last-modified Thu, 18 Dec 2014 08:32:04 GMT server Apache etag "6d58-50a796d434900" content-type image/jpeg status 200 cache-control public, max-age=1779 accept-ranges bytes x-robots-tag noindex content-length 27992 x-akamai-path-stats [1:3081:4294965215]
GET H2	200	RobotoCondensed-Regular-webfont.woff img.ui-portal.de/ci/gmx/global/fonts/roboto/	25 KB 25 KB	125ms 40ms	Font application/font-woff	23.210.249.45 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff Requested by Host: js.ui-portal.de URL: https://js.ui-portal.de/ci/gmx/global/20180208/base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.45 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-45.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6 Request headers Origin http://116.212.66.214 Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 27 Oct 2020 13:52:07 GMT last-modified Thu, 27 Feb 2014 04:45:48 GMT server Apache etag "62b4-4f35bfeb9b700" status 200 content-type application/font-woff access-control-allow-origin * cache-control public, max-age=2205730 accept-ranges bytes x-robots-tag noindex content-length 25268
GET H/1.1	200 OK	s wa.ui-portal.de/gmx/gmx/	43 B 530 B	66ms 45ms	Image image/gif	82.165.229.54 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Show image Full URL http://wa.ui-portal.de/gmx/gmx/s?produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1603806727313&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=http%3A//116.212.66.214/gmx/&ns_referrer= Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol HTTP/1.1 Server 82.165.229.54 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS Software Apache / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Oct 2020 13:52:07 GMT Server Apache P3P CP="this is not a p3p policy" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Content-Type image/gif Keep-Alive timeout=3, max=100 Content-Length 43 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200	/ t.uimserv.net/traffic_p/	42 B 611 B	86ms 58ms	Image image/gif	195.20.250.183 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Show image Full URL http://t.uimserv.net/traffic_p/?md=gmx&et=CP&agof=89&sc=produkte/grusskarten/index&brand=gmx&region=de&dclass=desktop&tif=1346&tifts=2020-10-22T14:10:06Z&d=45790&anon=1 Requested by Host: 116.212.66.214 URL: http://116.212.66.214/gmx/ Protocol HTTP/1.1 Server 195.20.250.183 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS t-bs.uimserv.net Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer http://116.212.66.214/gmx/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 27 Oct 2020 13:52:06 GMT Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Content-Type image/gif Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive TS-UUID 1b924ae6-a04e-4145-9c8b-4ff5790977be Keep-Alive timeout=60 Content-Length 42 Expires Wed, 20 Oct 2010 20:10:20 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: GMX (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| addOnWidthChangeListener function| pageBegin function| pageEnd function| initButtons function| deleteSavedData function| FormValidation function| hashparam function| $ function| jQuery function| layerApv object| jQuery1112019467636144910916 object| bodyElement object| NSfTIF string| szmvars object| iom object| formValidationConfig

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://uim.tifbs.net/js/1346.js(Line 53) Message: TIF does NOT see TCF-API. Fallback to 'Privacy by default'.
console-api	log	URL: https://uim.tifbs.net/js/1346.js(Line 46) Message: TIF tracks for TGP/WTR anonymously.
console-api	log	URL: https://uim.tifbs.net/js/1346.js(Line 53) Message: TIF does NOT see TCF-API. Fallback to 'Privacy by default'.
console-api	log	URL: https://uim.tifbs.net/js/1346.js(Line 48) Message: TIF does not track for DRP.
console-api	log	URL: https://uim.tifbs.net/js/1346.js(Line 53) Message: TIF does NOT see TCF-API. Fallback to 'Privacy by default'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.ui-portal.de
js.ui-portal.de
t.uimserv.net
uim.tifbs.net
wa.ui-portal.de
116.212.66.214
195.20.250.111
195.20.250.183
23.210.249.45
82.165.229.54
04582818bc3da38bd59573f71f3c9d1dfed34cecddebdbe8be701886c56bf012
0b546c8297848467d2a26d1f48a00fa3691f2b65edebc4e220b312718e07b46f
19ff286b0fc42c787e805701d2a39a3be91361e9b53e804ba458724464d35652
1b9fec2191fc270b09bd76974d73e73ed5a2ad12717e0dc9c7099f8089c4c431
5db6c1e738317112c38990d5f2586dc1c547bc140798e65b898457bbb6422904
634e8eccad8d3201faf04e702d575aa23057f5f6ce499f25b1dca77f336ae1ef
658e4babe74d0405ded18905cc8b873c0de94b03393707631001d7d5db4b3a2f
7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6
987951c68e0c376b1b3751afb182729c272b2f77b8beb8be436cd0b4d61c82d9
9c84d35ec71a99f16ce60bfa2977e5ce025e31143fad8736bca43ceb651cffc5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bd77bf22bb45184e0bc86eac9100d0e1dbaa8cf7c4e0c4fa94819408249bf80a
c7cf6e45fc63c15df0adc9ac96cd0d503a3ac6d1ce9d89192855e3b623dec2ba
e6782181125e9be5ed53e2d937890999a1d39c50d34127af5bb1b7adf30fa313
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47999ceb30f952debf5e9aa5f6a86f881da6cb7c4fafca57fce00d18c1f511d
f6d18f1a0126027cf6dbcde0b163fc06d8eeeff86569fb1e08a29037acfb0576