kl-ein-an.pro Open in urlscan Pro
95.179.244.177 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fastpokernews.com/a/
Effective URL:
https://kl-ein-an.pro/auth/login/
Submission: On February 01 via manual (February 1st 2024, 8:40:12 am UTC) from DE — Scanned from DE

Summary HTTP 15 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 95.179.244.177, located in Frankfurt am Main, Germany and belongs to AS-CHOOPA, US. The main domain is kl-ein-an.pro.
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.

This is the only time kl-ein-an.pro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: eBay (E-commerce)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::6815:4c85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	193.149.185.106 193.149.185.106	399629 (BLNWX) (BLNWX)
1	95.179.244.177 95.179.244.177	20473 (AS-CHOOPA) (AS-CHOOPA)
11	2a02:26f0:480... 2a02:26f0:480:d::210:f151	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:210... 2a02:26f0:2100::58dd:c4a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	5

1 2606:4700:3033::6815:4c85 (United States)

ASN13335 (CLOUDFLARENET, US)

fastpokernews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.149.185.106 (London, United Kingdom)

ASN399629 (BLNWX, US)

fingerprintweb.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.179.244.177 (Frankfurt am Main, Germany)

ASN20473 (AS-CHOOPA, US)
PTR: 95.179.244.177.vultrusercontent.com

kl-ein-an.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:480:d::210:f151 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.kleinanzeigen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2100::58dd:c4a1 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.kleinanzeigen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	kleinanzeigen.de static.kleinanzeigen.de — Cisco Umbrella Rank: 72608 www.kleinanzeigen.de — Cisco Umbrella Rank: 54244	468 KB
1	kl-ein-an.pro kl-ein-an.pro	9 KB
1	fingerprintweb.pro fingerprintweb.pro	364 B
1	fastpokernews.com fastpokernews.com	765 B
15	4

	Domain	Requested by
11	static.kleinanzeigen.de	kl-ein-an.pro static.kleinanzeigen.de
1	www.kleinanzeigen.de	kl-ein-an.pro
1	kl-ein-an.pro	fastpokernews.com
1	fingerprintweb.pro	fastpokernews.com
1	fastpokernews.com
15	5

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
www.microsoft.com
support.apple.com
themen.ebay-kleinanzeigen.de
advertising.mobile.de
www.facebook.com
www.youtube.com
www.instagram.com
twitter.com
www.pinterest.de
www.tiktok.com

Subject Issuer	Validity	Valid
fastpokernews.com E1	`2023-12-16` - `2024-03-15`	3 months	crt.sh
fingerprintweb.pro R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
kl-ein-an.pro R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
kleinanzeigen.de DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-18` - `2024-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://kl-ein-an.pro/auth/login/
Frame ID: ED46F556D292D130ABCEC68C71955E34
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Anmelden bei eBay Kleinanzeigen

Page URL History Show full URLs

https://fastpokernews.com/a/ Page URL
https://kl-ein-an.pro/auth/login/ Page URL

Page Statistics

15
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

478 kB
Transfer

534 kB
Size

1
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/intl/de/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/de/firefox/new/
Title: Mozilla Firefox

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/de-de/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://support.apple.com/de-de/HT204416
Title: Safari

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/ueber-uns/
Title: Über uns

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/careers/
Title: Karriere

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/medien
Title: Presse

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/magazin/
Title: eBay Kleinanzeigen Magazin

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/nachhaltigkeit/
Title: Nachhaltigkeit

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/mobile-apps/
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/ebay-kleinanzeigen-bug-bounty/
Title: Bug Bounty

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/hilfe/
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/sicherheitshinweise/
Title: Tipps für deine Sicherheit

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/datenschutzerklaerung/
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/nutzungsbedingungen/
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/immobilienprofis/
Title: Immobilienprofis

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/pro-fuer-unternehmen/
Title: PRO für Unternehmen

Search URL Search Domain Scan URL

URL: https://advertising.mobile.de/ebay-kleinanzeigen
Title: Werben auf eBay Kleinanzeigen

Search URL Search Domain Scan URL

URL: https://www.facebook.com/eBayKleinanzeigen/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eBayKleinanzeigen
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ebay_kleinanzeigen/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/eBay_KA
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/eBay_KA/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@kleinanzeigen
Title: TikTok

Search URL Search Domain Scan URL

URL: https://themen.ebay-kleinanzeigen.de/autobewertung
Title: Autobewertung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fastpokernews.com/a/ Page URL
https://kl-ein-an.pro/auth/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ fastpokernews.com/a/	631 B 765 B	3868ms 501ms	Document text/html	2606:4700:3033::6815:4c85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fastpokernews.com/a/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4c85 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84e8e3350b6f3cc5-CDG content-encoding br content-type text/html date Thu, 01 Feb 2024 08:40:05 GMT last-modified Tue, 30 Jan 2024 16:15:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkvgF%2B5SBXLW665juqEiru02Nt%2Fl7aMjOIvvH7Mw9Q%2BAiN7a9tWCnq3RRcmY1ExvlRWhGBAFRjm6HtewwvxgWBiESQzo1rulyQTFD63EeuxJROYPCiaFKoYh6iHRRMizAYKlx37pQsRy2JV%2FyHlwYQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
POST H/1.1	200 OK	/ fingerprintweb.pro/fingerprintjs/api/klein/	33 B 364 B	1995ms 1654ms	XHR text/html	193.149.185.106 BLNWX
General Check archive.org Show headers Download Go to Full URL https://fingerprintweb.pro/fingerprintjs/api/klein/ Requested by Host: fastpokernews.com URL: https://fastpokernews.com/a/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 193.149.185.106 London, United Kingdom, ASN399629 (BLNWX, US), Reverse DNS Software Apache/2.4.52 (Ubuntu) / Resource Hash Request headers Referer https://fastpokernews.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 01 Feb 2024 08:40:05 GMT Server Apache/2.4.52 (Ubuntu) Access-Control-Max-Age 86400 Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://fastpokernews.com Access-Control-Allow-Credentials true Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 33
GET H/1.1	200 OK	Primary Request / Show response kl-ein-an.pro/auth/login/	66 KB 9 KB	808ms 515ms	Document text/html	95.179.244.177 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://kl-ein-an.pro/auth/login/ Requested by Host: fastpokernews.com URL: https://fastpokernews.com/a/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.179.244.177 Frankfurt am Main, Germany, ASN20473 (AS-CHOOPA, US), Reverse DNS 95.179.244.177.vultrusercontent.com Software Apache/2.4.52 (Ubuntu) / Resource Hash `dfb654d38661e94422750b96cabed1b39852869e59d74582bca5d8ddc13e6ec6` Request headers Referer https://fastpokernews.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 9104 Content-Type text/html; charset=UTF-8 Date Thu, 01 Feb 2024 08:40:07 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache/2.4.52 (Ubuntu) Vary Accept-Encoding
GET H2	200	all.1rodmv4jc8i6.css static.kleinanzeigen.de/static/css/	444 KB 445 KB	407ms 331ms	Stylesheet text/css	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Requested by Host: kl-ein-an.pro URL: https://kl-ein-an.pro/auth/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `059faed151692ee83a5026a02f15b33668f7976ad2e00b56fd49a6b4f2f3795f` Request headers accept-language de-DE,de;q=0.9 Referer https://kl-ein-an.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Tue, 09 May 2023 14:17:41 GMT x-amz-request-id JQDH3XGNJ4AS5QSY etag "f256ccdd00e1c4fc34ff9c1d491bae8a" x-amz-server-side-encryption AES256 content-type text/css cache-control public, max-age=31536000 accept-ranges bytes content-length 455125 x-amz-id-2 mxtNlboKa/N6Ovk2BOlsfUrx3DiRvF42C1OlX5jesAqTG4/P4m7q42LA8dAkYP6Iikzflnwj8Gw=
GET H2	200	liberty.css www.kleinanzeigen.de/liberty/liberty-js/	4 KB 842 B	165ms 88ms	Stylesheet text/css	2a02:26f0:2100::58dd:c4a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.kleinanzeigen.de/liberty/liberty-js/liberty.css Requested by Host: kl-ein-an.pro URL: https://kl-ein-an.pro/auth/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:2100::58dd:c4a1 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `bc9aa13b65835041d8ebe33a6962ae2b6f9ff76877146c0b4f89c5c378c2cab9` Request headers accept-language de-DE,de;q=0.9 Referer https://kl-ein-an.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT content-encoding gzip last-modified Thu, 25 Jan 2024 10:27:07 GMT x-amz-request-id JQDZD7DNJ9R5GSPH etag "04ace8005d08fc8fc010b9339ce550a3" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/css cache-control public, max-age=60 accept-ranges bytes content-length 545 x-amz-id-2 sPuYFtFr/KrSk23AflR+wQvaB/NfVjrtg4w1mSf6Y3Fuqpc71RslQpybINqstUFo4NLck/BnsWoI3QNtskRhHg==
GET H2	200	logo-ebayk-402x80.hsn0x4ev0qi.png static.kleinanzeigen.de/static/img/common/logo/	12 KB 12 KB	167ms 92ms	Image image/png	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/logo/logo-ebayk-402x80.hsn0x4ev0qi.png Requested by Host: kl-ein-an.pro URL: https://kl-ein-an.pro/auth/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `067d46a8c9209489c305447832281be90040337c981092b3ab0791585868e3d0` Request headers accept-language de-DE,de;q=0.9 Referer https://kl-ein-an.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Thu, 11 May 2023 15:47:40 GMT x-amz-request-id JQDWFYGVM60KBKQZ etag "7a835ffac026e7000fc57479da880dbf" x-amz-server-side-encryption AES256 content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 11840 x-amz-id-2 uoj5vHyWINjLkgWU3/CDbqLGUmQ83tY9x3SWULiHvOC4UiZITpO6HrcE4YA1aHqVblVr8IXtGiM=
GET H2	200	connection-issue.19tgaem4ty5h3.png static.kleinanzeigen.de/static/img/common/illustrations/	3 KB 3 KB	140ms 89ms	Image image/png	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/illustrations/connection-issue.19tgaem4ty5h3.png Requested by Host: kl-ein-an.pro URL: https://kl-ein-an.pro/auth/login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `1c9245cbcd4f11125db5eb347f100ac274ce4c0d1d270501f27568f73f782e9a` Request headers accept-language de-DE,de;q=0.9 Referer https://kl-ein-an.pro/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Mon, 03 Jul 2023 06:47:47 GMT x-amz-request-id JQDM9P88WAYGZPSD etag "37fdd672f034b15345e932e109aef076" x-amz-server-side-encryption AES256 content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 2888 x-amz-id-2 IYq6A/MjiTlnYF1zrbdhd9jXwiMiCbRweGwZ0Jyr2dZarTJchN4f7UVEP9znHfSO0Kj8QAynz2QWgA0IEVZsjg==
GET H2	200	kds-icn-my-interactive.svg static.kleinanzeigen.de/static/img/common/icons/	550 B 828 B	65ms 65ms	Image image/svg+xml	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/icons/kds-icn-my-interactive.svg Requested by Host: static.kleinanzeigen.de URL: https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `7d390ab06f7a2cc1c3a398012f3d5a063ee4e7485c7ba2cd4895e5ac66af6acf` Request headers accept-language de-DE,de;q=0.9 Referer https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Wed, 31 May 2023 11:15:05 GMT x-amz-request-id JQDSRM75BRAWHGNJ etag "5025a32c0268ffb8ee5a9d8c064b3b04" x-amz-server-side-encryption AES256 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes content-length 550 x-amz-id-2 D+86njueQmE/E+StRXGc5VztlJphWcKdciT65k/yRtXYYUfuGlJV3BYz3vuxUiFDncDiUUpTK70=
GET H2	200	icn-dropdown.svg static.kleinanzeigen.de/static/img/common/icons/	167 B 444 B	63ms 62ms	Image image/svg+xml	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/icons/icn-dropdown.svg Requested by Host: static.kleinanzeigen.de URL: https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `32fe82c25512c2bb4c3a8d9a1d3b4f7dda5c6f8da17d2591ee0d6b33a2692f87` Request headers accept-language de-DE,de;q=0.9 Referer https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Wed, 31 Jan 2024 13:38:20 GMT x-amz-request-id JQDW2F3E1ZBFNYQF etag "9f14a518a1fe45f4370bbd0c48156e03" x-amz-server-side-encryption AES256 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes content-length 167 x-amz-id-2 oKQDfUOpGYtPag6APjq4Z5bd2OafKWl5lV6duR9QxrS4Ij0I5XxjbPNM2eE06napE/ZF9Gb8FGY=
GET H2	200	icn-magnifier-white.svg static.kleinanzeigen.de/static/img/common/icons/	232 B 510 B	62ms 62ms	Image image/svg+xml	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/icons/icn-magnifier-white.svg Requested by Host: static.kleinanzeigen.de URL: https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `24dca10edc6ca9a1880c6b037b462a3501caa560ebd9b6666877205c530ce54a` Request headers accept-language de-DE,de;q=0.9 Referer https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Wed, 31 Jan 2024 13:38:21 GMT x-amz-request-id JQDGTCKKYVJ9REZN etag "7bc277a9e95ee53c5655ec3ffd308efa" x-amz-server-side-encryption AES256 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes content-length 232 x-amz-id-2 LUYTJP9mW8DPJK6xVp91i/AXMcvzCNDEpUIt++p2Q2mHGNiGsseegDSXZIiGpvyFdPtQdN7AGOI=
GET H2	200	kds-icn-postad.svg static.kleinanzeigen.de/static/img/common/navigation-bar/	2 KB 2 KB	80ms 80ms	Image image/svg+xml	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/navigation-bar/kds-icn-postad.svg Requested by Host: static.kleinanzeigen.de URL: https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `c8b8242e2d902b86b2f3e42a87c2def354d062ef53d11ef7f44e50e15e023242` Request headers accept-language de-DE,de;q=0.9 Referer https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Wed, 31 May 2023 11:15:06 GMT x-amz-request-id JQDV3T92Q8Y249SQ etag "94a18ff5f6eb29fafe335cda5fc0eebd" x-amz-server-side-encryption AES256 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes content-length 1638 x-amz-id-2 y5ZkivNrSWK2zkCUp4+ptVSI4nuEwzCNBfjwhNCgX9CIW9I/reSE7Ye5gz0J21Es20L1eU7GHpjJKtimF8pqIw==
GET H2	200	kds-icn-my-filled.svg static.kleinanzeigen.de/static/img/common/navigation-bar/	567 B 846 B	82ms 81ms	Image image/svg+xml	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/navigation-bar/kds-icn-my-filled.svg Requested by Host: static.kleinanzeigen.de URL: https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `a6e957f3597152b89f8f293e1f448450a38da6e161d9ec16c8ca1c666c3e3b95` Request headers accept-language de-DE,de;q=0.9 Referer https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Wed, 31 May 2023 11:15:06 GMT x-amz-request-id JQDM6Z254NK6GY5Y etag "4e8a71cea43df5336d92f21669b936ad" x-amz-server-side-encryption AES256 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes content-length 567 x-amz-id-2 F4vGSQx5t/FqPB8KUuk0MFON59ze3P5Yu2gDTn8DvmzqpYjoUo5pvYsltzQ/kkqunClC2mHxUdw=
GET H2	200	icn-star-open-black.svg static.kleinanzeigen.de/static/img/common/icons/	481 B 772 B	96ms 93ms	Image image/svg+xml	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/icons/icn-star-open-black.svg Requested by Host: static.kleinanzeigen.de URL: https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `d0d9a80a9e3e1067f8fc4da1c95e70b776a1d9f0562e134c8bd68722eb4c66ea` Request headers accept-language de-DE,de;q=0.9 Referer https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Mon, 09 Oct 2023 13:51:57 GMT x-amz-request-id JQDXHQG4JDFJHSQZ etag "30695ab2c786c412b65c8d6759b09635" x-amz-server-side-encryption AES256 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes content-length 481 x-amz-id-2 wrh6o7mQp70YiQY3AwvI338WuNTJwPvykJcBWdTeXvbSg+XYixiwskpWCJrCFTtz7+Q8e+j55hzPCZgLO28rFg==
GET H2	200	icn-message-gray.svg static.kleinanzeigen.de/static/img/common/icons/	1 KB 1 KB	64ms 61ms	Image image/svg+xml	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/icons/icn-message-gray.svg Requested by Host: static.kleinanzeigen.de URL: https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `9ecdb3bb16e105bcee619a22b228447356411df01d0aa44082a6af396a5c2127` Request headers accept-language de-DE,de;q=0.9 Referer https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Wed, 31 Jan 2024 13:38:21 GMT x-amz-request-id JQDRN6DDB7G3YYBX etag "e6641128a09d97b844d5f8d292b7810a" x-amz-server-side-encryption AES256 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes content-length 1229 x-amz-id-2 CilKxu6MTBjbPAJgSQixMnezUczE2Mz1h8cbwB/cHWtw85Pu6Zc4wt1nLHCPGDO3Y5CIEcXlfdo=
GET H2	200	icn-pencil-black.svg static.kleinanzeigen.de/static/img/common/icons/	302 B 582 B	60ms 57ms	Image image/svg+xml	2a02:26f0:480:d::210:f151 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://static.kleinanzeigen.de/static/img/common/icons/icn-pencil-black.svg Requested by Host: static.kleinanzeigen.de URL: https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:d::210:f151 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash `243226167b380e2578fe16768b83e825fd20db7d0a41274ff8cd9166eaf70f3e` Request headers accept-language de-DE,de;q=0.9 Referer https://static.kleinanzeigen.de/static/css/all.1rodmv4jc8i6.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 08:40:08 GMT last-modified Wed, 31 Jan 2024 13:38:21 GMT x-amz-request-id JQDXTZPPC9NTPRVC etag "e6369ddaad97828a353da2ae6537adf9" x-amz-server-side-encryption AES256 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes content-length 302 x-amz-id-2 uHaiJTk6eD+G8klKavYfWQJhriJuEvE+gHBkq555o1uCWRzWuAd1A0LQOHtxiTxM8YBIDDIB77U=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: eBay (E-commerce)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			kl-ein-an.pro/	1969-12-31 23:59:59	Name: PHPSESSID Value: ahjheus33la456o1i5pt4tn4k8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fastpokernews.com
fingerprintweb.pro
kl-ein-an.pro
static.kleinanzeigen.de
www.kleinanzeigen.de
193.149.185.106
2606:4700:3033::6815:4c85
2a02:26f0:2100::58dd:c4a1
2a02:26f0:480:d::210:f151
95.179.244.177
059faed151692ee83a5026a02f15b33668f7976ad2e00b56fd49a6b4f2f3795f
067d46a8c9209489c305447832281be90040337c981092b3ab0791585868e3d0
1c9245cbcd4f11125db5eb347f100ac274ce4c0d1d270501f27568f73f782e9a
243226167b380e2578fe16768b83e825fd20db7d0a41274ff8cd9166eaf70f3e
24dca10edc6ca9a1880c6b037b462a3501caa560ebd9b6666877205c530ce54a
32fe82c25512c2bb4c3a8d9a1d3b4f7dda5c6f8da17d2591ee0d6b33a2692f87
7d390ab06f7a2cc1c3a398012f3d5a063ee4e7485c7ba2cd4895e5ac66af6acf
9ecdb3bb16e105bcee619a22b228447356411df01d0aa44082a6af396a5c2127
a6e957f3597152b89f8f293e1f448450a38da6e161d9ec16c8ca1c666c3e3b95
bc9aa13b65835041d8ebe33a6962ae2b6f9ff76877146c0b4f89c5c378c2cab9
c8b8242e2d902b86b2f3e42a87c2def354d062ef53d11ef7f44e50e15e023242
d0d9a80a9e3e1067f8fc4da1c95e70b776a1d9f0562e134c8bd68722eb4c66ea
dfb654d38661e94422750b96cabed1b39852869e59d74582bca5d8ddc13e6ec6

kl-ein-an.pro Open in urlscan Pro 95.179.244.177 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

60 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

478 kBTransfer

534 kBSize

1 Cookies

25 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Indicators

kl-ein-an.pro Open in urlscan Pro
95.179.244.177 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

478 kB
Transfer

534 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!