annika.kenshung.com Open in urlscan Pro
50.28.1.43  Malicious Activity! Public Scan

Submitted URL: http://annika.kenshung.com/
Effective URL: https://annika.kenshung.com/
Submission: On June 17 via automatic, source openphish — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 50.28.1.43, located in United States and belongs to LIQUIDWEB, US. The main domain is annika.kenshung.com.
TLS certificate: Issued by R11 on June 15th 2024. Valid for: 3 months.
This is the only time annika.kenshung.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: GMX (Online)

Domain & IP information

IP Address AS Autonomous System
6 50.28.1.43 32244 (LIQUIDWEB)
9 23.32.100.187 16625 (AKAMAI-AS)
1 195.20.251.111 8560 (IONOS-AS ...)
1 82.165.229.39 8560 (IONOS-AS ...)
1 195.20.250.183 8560 (IONOS-AS ...)
18 5
Apex Domain
Subdomains
Transfer
10 ui-portal.de
js.ui-portal.de — Cisco Umbrella Rank: 40959
wa.ui-portal.de — Cisco Umbrella Rank: 29026
img.ui-portal.de — Cisco Umbrella Rank: 36480
155 KB
6 kenshung.com
annika.kenshung.com
23 KB
1 uimserv.net
t.uimserv.net — Cisco Umbrella Rank: 36137
612 B
1 tifbs.net
uim.tifbs.net — Cisco Umbrella Rank: 105287
12 KB
18 4
Domain Requested by
6 img.ui-portal.de js.ui-portal.de
annika.kenshung.com
6 annika.kenshung.com annika.kenshung.com
3 js.ui-portal.de annika.kenshung.com
1 t.uimserv.net annika.kenshung.com
1 wa.ui-portal.de annika.kenshung.com
1 uim.tifbs.net annika.kenshung.com
18 6

This site contains links to these domains. Also see Links.

Domain
www.gmx.net
registrierung.gmx.net
passwort.gmx.net
service.gmx.net
newsroom.gmx.net
agb-server.gmx.net
Subject Issuer Validity Valid
www.annika.kenshung.com
R11
2024-06-15 -
2024-09-13
3 months crt.sh
img.ui-portal.de
GeoTrust RSA CA 2018
2024-04-08 -
2025-04-07
a year crt.sh
*.tifbs.net
GeoTrust TLS RSA CA G1
2023-08-18 -
2024-09-17
a year crt.sh
*.ui-portal.de
GeoTrust TLS RSA CA G1
2024-04-15 -
2025-05-16
a year crt.sh
*.uimserv.net
GeoTrust TLS RSA CA G1
2023-10-10 -
2024-11-09
a year crt.sh

This page contains 1 frames:

Primary Page: https://annika.kenshung.com/
Frame ID: 6540C4B3D66A6E80DC3C3A83DE914D49
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Grußkarten von GMX

Page URL History Show full URLs

  1. http://annika.kenshung.com/ HTTP 307
    https://annika.kenshung.com/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

191 kB
Transfer

548 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://annika.kenshung.com/ HTTP 307
    https://annika.kenshung.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
annika.kenshung.com/
Redirect Chain
  • http://annika.kenshung.com/
  • https://annika.kenshung.com/
9 KB
3 KB
Document
General
Full URL
https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.1.43 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
salmon.exacthosting.com
Software
Apache /
Resource Hash
8f616591597836bda54953558e846033f15579a6b9499e917e20facc7ba29d9a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=600
content-encoding
gzip
content-length
3095
content-type
text/html
date
Mon, 17 Jun 2024 01:07:21 GMT
expires
Mon, 17 Jun 2024 01:17:21 GMT
last-modified
Wed, 05 Feb 2020 13:27:58 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://annika.kenshung.com/
Non-Authoritative-Reason
HttpsUpgrades
base.css
js.ui-portal.de/ci/gmx/global/20180208/
145 KB
22 KB
Stylesheet
General
Full URL
https://js.ui-portal.de/ci/gmx/global/20180208/base.css
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c84d35ec71a99f16ce60bfa2977e5ce025e31143fad8736bca43ceb651cffc5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:21 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2019 13:02:05 GMT
server
Apache
etag
"24431-58c4dc4c84590-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=5324
accept-ranges
bytes
x-robots-tag
noindex
content-length
22591
adaptive.css
js.ui-portal.de/ci/gmx/global/20180208/
45 KB
8 KB
Stylesheet
General
Full URL
https://js.ui-portal.de/ci/gmx/global/20180208/adaptive.css
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
634e8eccad8d3201faf04e702d575aa23057f5f6ce499f25b1dca77f336ae1ef

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:21 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2019 13:25:12 GMT
server
Apache
etag
"b450-58c4e177895a3"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=5218
accept-ranges
bytes
x-robots-tag
noindex
content-length
7865
base-adaptive.js
js.ui-portal.de/ci/gmx/global/20180208/
203 KB
63 KB
Script
General
Full URL
https://js.ui-portal.de/ci/gmx/global/20180208/base-adaptive.js
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
987951c68e0c376b1b3751afb182729c272b2f77b8beb8be436cd0b4d61c82d9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:21 GMT
content-encoding
gzip
last-modified
Fri, 07 Sep 2018 14:12:36 GMT
server
Apache
etag
"32b00-57548997b03f3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=4047
accept-ranges
bytes
x-robots-tag
noindex
content-length
64113
internet_made_in_germany.png
annika.kenshung.com/a/
4 KB
4 KB
Image
General
Full URL
https://annika.kenshung.com/a/internet_made_in_germany.png
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.1.43 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
salmon.exacthosting.com
Software
Apache /
Resource Hash
f47999ceb30f952debf5e9aa5f6a86f881da6cb7c4fafca57fce00d18c1f511d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:21 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 11:57:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3819
expires
Wed, 17 Jul 2024 01:07:21 GMT
EmiG.png
annika.kenshung.com/a/
4 KB
4 KB
Image
General
Full URL
https://annika.kenshung.com/a/EmiG.png
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.1.43 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
salmon.exacthosting.com
Software
Apache /
Resource Hash
c7cf6e45fc63c15df0adc9ac96cd0d503a3ac6d1ce9d89192855e3b623dec2ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:21 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 11:57:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4391
expires
Wed, 17 Jul 2024 01:07:21 GMT
cloud_made_in_germany.png
annika.kenshung.com/a/
3 KB
3 KB
Image
General
Full URL
https://annika.kenshung.com/a/cloud_made_in_germany.png
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.1.43 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
salmon.exacthosting.com
Software
Apache /
Resource Hash
e6782181125e9be5ed53e2d937890999a1d39c50d34127af5bb1b7adf30fa313

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 11:57:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3377
expires
Wed, 17 Jul 2024 01:07:22 GMT
unicef.png
annika.kenshung.com/a/
5 KB
5 KB
Image
General
Full URL
https://annika.kenshung.com/a/unicef.png
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.1.43 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
salmon.exacthosting.com
Software
Apache /
Resource Hash
5db6c1e738317112c38990d5f2586dc1c547bc140798e65b898457bbb6422904

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 11:57:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5081
expires
Wed, 17 Jul 2024 01:07:22 GMT
de-mail.png
annika.kenshung.com/a/
4 KB
4 KB
Image
General
Full URL
https://annika.kenshung.com/a/de-mail.png
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.28.1.43 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
salmon.exacthosting.com
Software
Apache /
Resource Hash
f6d18f1a0126027cf6dbcde0b163fc06d8eeeff86569fb1e08a29037acfb0576

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
content-encoding
gzip
last-modified
Fri, 24 Jan 2020 11:57:42 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3693
expires
Wed, 17 Jul 2024 01:07:22 GMT
1346.js
uim.tifbs.net/js/
33 KB
12 KB
Script
General
Full URL
https://uim.tifbs.net/js/1346.js
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.20.251.111 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
uim-bap.tifbs.net
Software
Apache /
Resource Hash
387332394ccb8af86d37c5473e266715fe08ef8f246d1d06223cf085de5fc9f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 17 Jun 2024 01:07:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jul 2023 09:40:05 GMT
Server
Apache
ETag
"859b-600e7eeda6740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Connection
close
Accept-Ranges
bytes
Content-Length
11878
s
wa.ui-portal.de/gmx/gmx/
43 B
289 B
Image
General
Full URL
https://wa.ui-portal.de/gmx/gmx/s?produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1718586442041&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=https%3A//annika.kenshung.com/&ns_referrer=
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
82.165.229.39 Birlenbach, Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
wa.web.de
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 17 Jun 2024 01:07:22 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
p3p
CP="this is not a p3p policy"
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
43
expires
Wed, 11 Jan 1984 05:00:00 GMT
logoCI2018_de.png
img.ui-portal.de/ci/gmx/global/
3 KB
3 KB
Image
General
Full URL
https://img.ui-portal.de/ci/gmx/global/logoCI2018_de.png
Requested by
Host: js.ui-portal.de
URL: https://js.ui-portal.de/ci/gmx/global/20180208/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0b546c8297848467d2a26d1f48a00fa3691f2b65edebc4e220b312718e07b46f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://js.ui-portal.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
last-modified
Sun, 21 Jan 2018 14:09:40 GMT
server
Apache
etag
"c7d-56349dd51c0bf"
content-type
image/png
cache-control
public, max-age=1204
accept-ranges
bytes
x-robots-tag
noindex
content-length
3197
header_home_icon_24_hellgrau.svg
img.ui-portal.de/ci/gmx/global/nav/
1018 B
766 B
Image
General
Full URL
https://img.ui-portal.de/ci/gmx/global/nav/header_home_icon_24_hellgrau.svg
Requested by
Host: js.ui-portal.de
URL: https://js.ui-portal.de/ci/gmx/global/20180208/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
19ff286b0fc42c787e805701d2a39a3be91361e9b53e804ba458724464d35652

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://js.ui-portal.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
content-encoding
gzip
last-modified
Fri, 26 Jan 2018 13:42:00 GMT
server
Apache
etag
"3fa-563ae0f94d224"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1367
accept-ranges
bytes
x-robots-tag
noindex
content-length
582
breadcrumb.gif
img.ui-portal.de/ci/gmx/global/icon/
49 B
203 B
Image
General
Full URL
https://img.ui-portal.de/ci/gmx/global/icon/breadcrumb.gif
Requested by
Host: js.ui-portal.de
URL: https://js.ui-portal.de/ci/gmx/global/20180208/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e6c3cb193895f5451cecd6c5c5165011a1c9f93ce5760721e9fd5038b8b4b7b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://js.ui-portal.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
last-modified
Fri, 15 Nov 2013 10:25:39 GMT
server
Apache
etag
"31-4eb349ea0aec0"
content-type
image/gif
cache-control
public, max-age=1408
accept-ranges
bytes
x-robots-tag
noindex
content-length
49
l-hero_desktop_1000x496.jpg
img.ui-portal.de/cms/gmx/produkte/grusskarten/
27 KB
28 KB
Image
General
Full URL
https://img.ui-portal.de/cms/gmx/produkte/grusskarten/l-hero_desktop_1000x496.jpg
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bd77bf22bb45184e0bc86eac9100d0e1dbaa8cf7c4e0c4fa94819408249bf80a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
last-modified
Thu, 18 Dec 2014 08:32:04 GMT
server
Apache
etag
"6d58-50a796d434900"
content-type
image/jpeg
cache-control
public, max-age=1790
accept-ranges
bytes
x-robots-tag
noindex
content-length
27992
RobotoCondensed-Regular-webfont.woff
img.ui-portal.de/ci/gmx/global/fonts/roboto/
25 KB
25 KB
Font
General
Full URL
https://img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff
Requested by
Host: js.ui-portal.de
URL: https://js.ui-portal.de/ci/gmx/global/20180208/base.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://js.ui-portal.de/
Origin
https://annika.kenshung.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
content-encoding
gzip
last-modified
Thu, 27 Feb 2014 04:45:48 GMT
server
Apache
etag
"62b4-4f35bfeb9b700-gzip"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=1315454
accept-ranges
bytes
x-robots-tag
noindex
content-length
25219
/
t.uimserv.net/traffic_p/
42 B
612 B
Image
General
Full URL
https://t.uimserv.net/traffic_p/?md=gmx&et=CP&agof=89&sc=produkte/grusskarten/index&brand=gmx&region=de&dclass=desktop&tif=1346&tifts=2023-07-20T09:40:05Z&d=80107&anon=1
Requested by
Host: annika.kenshung.com
URL: https://annika.kenshung.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
195.20.250.183 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
t-bs.uimserv.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 17 Jun 2024 01:07:21 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
TS-UUID
010a2db8-4898-4dc9-9030-a03fd6d578c7
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
42
Expires
Wed, 20 Oct 2010 20:10:20 GMT
favicon.ico
img.ui-portal.de/gmx/
36 KB
6 KB
Other
General
Full URL
https://img.ui-portal.de/gmx/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.100.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-100-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec16b4f46cfa2ee185077885a7af4e144c4442242c30f1e2f0d1234e1b67c4f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://annika.kenshung.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 01:07:22 GMT
content-encoding
gzip
last-modified
Tue, 30 Jan 2018 10:09:40 GMT
server
Apache
etag
"90be-563fb8f8ee100"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=540
accept-ranges
bytes
x-robots-tag
noindex
content-length
5632

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: GMX (Online)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| addOnWidthChangeListener function| pageBegin function| pageEnd function| initButtons function| deleteSavedData function| FormValidation function| hashparam function| $ function| jQuery function| layerApv object| jQuery111209704261064311899 object| bodyElement object| NSfTIF string| szmvars object| iom object| formValidationConfig

2 Cookies

Domain/Path Name / Value
.kenshung.com/ Name: ns_sample
Value: 11
.uimserv.net/ Name: NGUserID
Value: 0a4a320d-183-1718586442-0

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://annika.kenshung.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

annika.kenshung.com
img.ui-portal.de
js.ui-portal.de
t.uimserv.net
uim.tifbs.net
wa.ui-portal.de
195.20.250.183
195.20.251.111
23.32.100.187
50.28.1.43
82.165.229.39
0b546c8297848467d2a26d1f48a00fa3691f2b65edebc4e220b312718e07b46f
19ff286b0fc42c787e805701d2a39a3be91361e9b53e804ba458724464d35652
387332394ccb8af86d37c5473e266715fe08ef8f246d1d06223cf085de5fc9f7
5db6c1e738317112c38990d5f2586dc1c547bc140798e65b898457bbb6422904
634e8eccad8d3201faf04e702d575aa23057f5f6ce499f25b1dca77f336ae1ef
7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6
8f616591597836bda54953558e846033f15579a6b9499e917e20facc7ba29d9a
987951c68e0c376b1b3751afb182729c272b2f77b8beb8be436cd0b4d61c82d9
9c84d35ec71a99f16ce60bfa2977e5ce025e31143fad8736bca43ceb651cffc5
9e6c3cb193895f5451cecd6c5c5165011a1c9f93ce5760721e9fd5038b8b4b7b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bd77bf22bb45184e0bc86eac9100d0e1dbaa8cf7c4e0c4fa94819408249bf80a
c7cf6e45fc63c15df0adc9ac96cd0d503a3ac6d1ce9d89192855e3b623dec2ba
e6782181125e9be5ed53e2d937890999a1d39c50d34127af5bb1b7adf30fa313
ec16b4f46cfa2ee185077885a7af4e144c4442242c30f1e2f0d1234e1b67c4f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47999ceb30f952debf5e9aa5f6a86f881da6cb7c4fafca57fce00d18c1f511d
f6d18f1a0126027cf6dbcde0b163fc06d8eeeff86569fb1e08a29037acfb0576