levieuxsinge.com Open in urlscan Pro
81.88.48.95 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://levieuxsinge.com/ic/
Submission: On December 16 via automatic, source openphish (December 16th 2019, 12:08:39 am UTC)

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 81.88.48.95, located in Italy and belongs to REGISTER-AS, IT. The main domain is levieuxsinge.com.

This is the only time levieuxsinge.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 6	81.88.48.95 81.88.48.95	39729 (REGISTER-AS) (REGISTER-AS)
1	2606:4700:30:... 2606:4700:30::681b:ae6d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
8	3

6 81.88.48.95 (Italy) 1 redirects

ASN39729 (REGISTER-AS, IT)

levieuxsinge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:ae6d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.hostip.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	levieuxsinge.com 1 redirects levieuxsinge.com	196 KB
1	hostip.info api.hostip.info	698 B
0	postimg.org Failed s10.postimg.org Failed
8	3

	Domain	Requested by
6	levieuxsinge.com	1 redirects levieuxsinge.com
1	api.hostip.info	levieuxsinge.com
0	s10.postimg.org Failed	levieuxsinge.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://levieuxsinge.com/ic/
Frame ID: CB49E4819CE2524208D2F8F6C86CAD2F
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://levieuxsinge.com/ic HTTP 301
http://levieuxsinge.com/ic/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

197 kB
Transfer

209 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://levieuxsinge.com/ic HTTP 301
http://levieuxsinge.com/ic/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response levieuxsinge.com/ic/ Redirect Chain http://levieuxsinge.com/ic http://levieuxsinge.com/ic/	196 KB 196 KB	76ms 62ms	Document text/html	81.88.48.95 REGISTER-AS
General Check archive.org Show headers Download Go to Full URL http://levieuxsinge.com/ic/ Protocol HTTP/1.1 Server 81.88.48.95 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS Software Apache / Resource Hash `6ad8c3614cc047eea40f029dd84ee3af85e34d008a7a7adb0316c12f7f4b5b1c` Request headers Host levieuxsinge.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Dec 2019 00:08:23 GMT Server Apache Last-Modified Mon, 26 Jun 2017 16:01:18 GMT Accept-Ranges bytes Content-Length 200250 Connection close Content-Type text/html Content-Language fr Redirect headers Date Mon, 16 Dec 2019 00:08:22 GMT Server Apache Location http://levieuxsinge.com/ic/ Content-Length 235 Connection close Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	jquery-ui.min.css levieuxsinge.com/ic/files/	0 0	80ms 66ms	Stylesheet text/html	81.88.48.95 REGISTER-AS
General Check archive.org Show headers Download Go to Full URL http://levieuxsinge.com/ic/files/jquery-ui.min.css Requested by Host: levieuxsinge.com URL: http://levieuxsinge.com/ic/ Protocol HTTP/1.1 Server 81.88.48.95 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS Software Apache / Resource Hash Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Dec 2019 00:08:23 GMT Server Apache Connection close Content-Length 224 Content-Type text/html; charset=iso-8859-1
GET		icloud.jpg s10.postimg.org/da7uyr315/	0 0

GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e98ed23debd866205637cfeed9894c64017a01b0cb22c88823edbf23e7ba007f` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8b669722e5d80544d013f3d257aa621e917d6a346ca975774840d850534a65b2` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	138 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0ad39661293c7548396071886d984927146bb946de75ab3158a3bb14fdcc92ea` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4130fbed1b246a0f8a74f39fc6ede56041df39175f1614af6f7b97cc8ac3c124` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8b9cd6e6fb84844d6ecd2853f73039a9e6858f1b5240148c2169e4d50dee5d3f` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5acfdf47a205b4c04f3c193938bf31f1c9a22c11066b44adb1ac9f9d28681ef4` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `04fd6204a8d6d27f0138b8ed256fa0f415132c1e2a23e234a6b1ae01a27c47ff` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c737ca0d0eb47956a8852e859ed8d99c007d7b45b14e4e2f936befa690cea300` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9861fb55e402bc307dc85b502ebb45ce9f6e642aa9d043cfa7e163f08a942f55` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	404 Not Found	jquery-ui.min.js levieuxsinge.com/ic/	0 0	64ms 50ms	Script text/html	81.88.48.95 REGISTER-AS
General Check archive.org Show headers Download Go to Full URL http://levieuxsinge.com/ic/jquery-ui.min.js Requested by Host: levieuxsinge.com URL: http://levieuxsinge.com/ic/ Protocol HTTP/1.1 Server 81.88.48.95 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS Software Apache / Resource Hash Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Dec 2019 00:08:23 GMT Server Apache Connection close Content-Length 217 Content-Type text/html; charset=iso-8859-1
GET		icloud.jpg s10.postimg.org/da7uyr315/	0 0

GET H/1.1	404 Not Found	packed-1.png levieuxsinge.com/ic/files/	219 B 219 B	66ms 53ms	Image text/html	81.88.48.95 REGISTER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://levieuxsinge.com/ic/files/packed-1.png Requested by Host: levieuxsinge.com URL: http://levieuxsinge.com/ic/ Protocol HTTP/1.1 Server 81.88.48.95 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS Software Apache / Resource Hash `e1d2b0a0defcca23bc600f6233d87fd3c4ab7af194eecfb265c9404aca3915ee` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Dec 2019 00:08:23 GMT Server Apache Connection close Content-Length 219 Content-Type text/html; charset=iso-8859-1
GET H/1.1	404 Not Found	stylesheet-1.png levieuxsinge.com/ic/files/	223 B 223 B	79ms 66ms	Image text/html	81.88.48.95 REGISTER-AS
General Check archive.org Show headers Download Go to Show image Full URL http://levieuxsinge.com/ic/files/stylesheet-1.png Requested by Host: levieuxsinge.com URL: http://levieuxsinge.com/ic/ Protocol HTTP/1.1 Server 81.88.48.95 , Italy, ASN39729 (REGISTER-AS, IT), Reverse DNS Software Apache / Resource Hash `7814a3899646f9a045c6b7e58e1fca25bd1ac58345737abf577fff97ea28a8a9` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 16 Dec 2019 00:08:23 GMT Server Apache Connection close Content-Length 223 Content-Type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6a14b676bba1c36ce608fde1c9f0f731e5f44830b70bba74f32501b8e4fb0214` Request headers Referer http://levieuxsinge.com/ic/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	get_html.php Show response api.hostip.info/	73 B 698 B	280ms 266ms	XHR text/plain	2606:4700:30::681b:ae6d Cloudflare
General Check archive.org Show headers Download Go to Full URL http://api.hostip.info/get_html.php Requested by Host: levieuxsinge.com URL: http://levieuxsinge.com/ic/ Protocol HTTP/1.1 Server 2606:4700:30::681b:ae6d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/5.4.26 Resource Hash `cf982264724cbfb67c91a1365ad1f237a8efd026e40709a3c72cc00e7d7501b4` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://levieuxsinge.com/ic/ Origin http://levieuxsinge.com Response headers Pragma !invalid Date Mon, 16 Dec 2019 00:08:23 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 01 Jan 1970 00:00:00 GMT Server cloudflare X-Powered-By PHP/5.4.26 Vary Accept-Encoding,User-Agent Content-Type text/plain; charset=iso-8859-1 Access-Control-Allow-Origin * Cache-Control public, max-age=86400 Connection keep-alive CF-RAY 545c6c2a2fa7cba8-VIE Content-Length 76 Expires Tue, 17 Dec 2019 00:08:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s10.postimg.org
URL: http://s10.postimg.org/da7uyr315/icloud.jpg

Domain: s10.postimg.org
URL: http://s10.postimg.org/da7uyr315/icloud.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hostip.info
levieuxsinge.com
s10.postimg.org
s10.postimg.org
2606:4700:30::681b:ae6d
81.88.48.95
04fd6204a8d6d27f0138b8ed256fa0f415132c1e2a23e234a6b1ae01a27c47ff
0ad39661293c7548396071886d984927146bb946de75ab3158a3bb14fdcc92ea
4130fbed1b246a0f8a74f39fc6ede56041df39175f1614af6f7b97cc8ac3c124
5acfdf47a205b4c04f3c193938bf31f1c9a22c11066b44adb1ac9f9d28681ef4
6a14b676bba1c36ce608fde1c9f0f731e5f44830b70bba74f32501b8e4fb0214
6ad8c3614cc047eea40f029dd84ee3af85e34d008a7a7adb0316c12f7f4b5b1c
7814a3899646f9a045c6b7e58e1fca25bd1ac58345737abf577fff97ea28a8a9
8b669722e5d80544d013f3d257aa621e917d6a346ca975774840d850534a65b2
8b9cd6e6fb84844d6ecd2853f73039a9e6858f1b5240148c2169e4d50dee5d3f
9861fb55e402bc307dc85b502ebb45ce9f6e642aa9d043cfa7e163f08a942f55
c737ca0d0eb47956a8852e859ed8d99c007d7b45b14e4e2f936befa690cea300
cf982264724cbfb67c91a1365ad1f237a8efd026e40709a3c72cc00e7d7501b4
e1d2b0a0defcca23bc600f6233d87fd3c4ab7af194eecfb265c9404aca3915ee
e98ed23debd866205637cfeed9894c64017a01b0cb22c88823edbf23e7ba007f

levieuxsinge.com Open in urlscan Pro 81.88.48.95 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

197 kBTransfer

209 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

0 Cookies

Indicators

levieuxsinge.com Open in urlscan Pro
81.88.48.95 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

197 kB
Transfer

209 kB
Size

0
Cookies

8 HTTP transactions
10 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!