news.gamiast.de - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 116.203.118.191, located in Germany and belongs to HETZNER-AS, DE. The main domain is news.gamiast.de.

This is the only time news.gamiast.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	116.203.118.191 116.203.118.191	24940 (HETZNER-AS) (HETZNER-AS)
5	2600:9000:214... 2600:9000:214f:5600:4:c79c:d1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2

2 116.203.118.191 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb04.brm24.de

news.gamiast.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:214f:5600:4:c79c:d1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pikone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	pikone.de cdn.pikone.de	748 KB
2	gamiast.de news.gamiast.de	7 KB
7	2

	Domain	Requested by
5	cdn.pikone.de	news.gamiast.de
2	news.gamiast.de	news.gamiast.de
7	2

This site contains no links.

Subject Issuer	Validity	Valid
news.gamiast.de Let's Encrypt Authority X3	`2019-12-23` - `2020-03-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712
Frame ID: 70775B1258BAF2811D53E2A3646B78B9
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

14 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

755 kB
Transfer

789 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request vo.php Show response news.gamiast.de/	43 KB 7 KB	1270ms 1253ms	Document text/html	116.203.118.191 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 Protocol HTTP/1.1 Server 116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS lb04.brm24.de Software nginx/1.16.1 / Resource Hash `89d24bde5b0b564ea3cec51f004f3558d5c06c3022954af58cad90ec089cdcb7` Request headers Host news.gamiast.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.16.1 Date Thu, 20 Feb 2020 21:17:28 GMT Content-Type text/html; charset=UTF-8 Content-Length 6506 Connection keep-alive Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	finanzcheck-de-logo.png cdn.pikone.de/2020-02-20/Roiun8s44/	5 KB 6 KB	12ms 6ms	Image image/png	2600:9000:214f:5600:4:c79c:d1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.pikone.de/2020-02-20/Roiun8s44/finanzcheck-de-logo.png Requested by Host: news.gamiast.de URL: http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 Protocol HTTP/1.1 Server 2600:9000:214f:5600:4:c79c:d1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `9f771adb3b4a78c3303025cd5c2a959ab46519214c3b90491f1bfc63b0c9257a` Request headers Referer http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 20 Feb 2020 08:02:46 GMT Via 1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront) Last-Modified Thu, 20 Feb 2020 07:57:48 GMT Server AmazonS3 Age 47683 ETag "d71cfe18dcbd9db7e369422d52114067" X-Cache Hit from cloudfront Content-Type image/png X-Amz-Cf-Pop FRA53-C1 Connection keep-alive Accept-Ranges bytes Content-Length 5519 X-Amz-Cf-Id -wW99AonroAXchg53PKeE0wAU_mJjeRfDhbGgj0hvfMls7W0ec-5OQ==
GET H/1.1	200 OK	header.gif cdn.pikone.de/2020-02-20/Roiun8s44/	681 KB 682 KB	15ms 9ms	Image image/gif	2600:9000:214f:5600:4:c79c:d1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.pikone.de/2020-02-20/Roiun8s44/header.gif Requested by Host: news.gamiast.de URL: http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 Protocol HTTP/1.1 Server 2600:9000:214f:5600:4:c79c:d1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `5355a434f4ef72f4830a57656b3dadebe9749b354e97615c418268cb09900461` Request headers Referer http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 20 Feb 2020 08:02:46 GMT Via 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront) Last-Modified Thu, 20 Feb 2020 07:57:50 GMT Server AmazonS3 Age 47683 ETag "692aa96f30588df70d276e21d9f61c30" X-Cache Hit from cloudfront Content-Type image/gif X-Amz-Cf-Pop FRA53-C1 Connection keep-alive Accept-Ranges bytes Content-Length 697805 X-Amz-Cf-Id DkPP_FU08MhYbF_QnVN5vvnEREPBP62TjaUHVZL3UtlwMvt3esia2Q==
GET H/1.1	200 OK	vorteile-6.png cdn.pikone.de/2020-02-20/Roiun8s44/	29 KB 30 KB	12ms 6ms	Image image/png	2600:9000:214f:5600:4:c79c:d1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.pikone.de/2020-02-20/Roiun8s44/vorteile-6.png Requested by Host: news.gamiast.de URL: http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 Protocol HTTP/1.1 Server 2600:9000:214f:5600:4:c79c:d1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `f3f760fd3de096f1669ab4ad275cfd5b483eeac01527ee1b9a9f960c56badef2` Request headers Referer http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 20 Feb 2020 08:02:46 GMT Via 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront) Last-Modified Thu, 20 Feb 2020 07:57:54 GMT Server AmazonS3 Age 47683 ETag "b03b1a2f8eb8aa82d594f0bb71ee0609" X-Cache Hit from cloudfront Content-Type image/png X-Amz-Cf-Pop FRA53-C1 Connection keep-alive Accept-Ranges bytes Content-Length 29825 X-Amz-Cf-Id 8tamAU2X52k_ttp3kKLICx9QzeWapaK7m-YT7kTMXKf5hbsbq2E_JA==
GET H/1.1	200 OK	siegel-2.png cdn.pikone.de/2020-02-20/Roiun8s44/	29 KB 30 KB	13ms 7ms	Image image/png	2600:9000:214f:5600:4:c79c:d1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.pikone.de/2020-02-20/Roiun8s44/siegel-2.png Requested by Host: news.gamiast.de URL: http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 Protocol HTTP/1.1 Server 2600:9000:214f:5600:4:c79c:d1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `738ebc0e0f7a7f3d5667643067fe28a372c5e95e4b774d74ef3e73e3a2131e2d` Request headers Referer http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 20 Feb 2020 08:02:46 GMT Via 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront) Last-Modified Thu, 20 Feb 2020 07:57:52 GMT Server AmazonS3 Age 47683 ETag "8db30bea69ed2cc22cf47dbfc9d0bdbf" X-Cache Hit from cloudfront Content-Type image/png X-Amz-Cf-Pop FRA53-C1 Connection keep-alive Accept-Ranges bytes Content-Length 30045 X-Amz-Cf-Id HBvnQUfEkb8KhQMWnXaQ7bicbX43cZIazFEXB3khDBniP8Gv0UInEg==
GET H/1.1	200 OK	lock.png cdn.pikone.de/2020-02-20/Roiun8s44/	282 B 744 B	13ms 7ms	Image image/png	2600:9000:214f:5600:4:c79c:d1c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://cdn.pikone.de/2020-02-20/Roiun8s44/lock.png Requested by Host: news.gamiast.de URL: http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 Protocol HTTP/1.1 Server 2600:9000:214f:5600:4:c79c:d1c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `1a7ba8d2eac86376af21cda46d884e7f445db152515cdc5026c0702fbcde4eac` Request headers Referer http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 20 Feb 2020 08:02:46 GMT Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Last-Modified Thu, 20 Feb 2020 07:57:51 GMT Server AmazonS3 Age 47683 ETag "f0b4d1db6b918f35dd8958a79669c202" X-Cache Hit from cloudfront Content-Type image/png X-Amz-Cf-Pop FRA53-C1 Connection keep-alive Accept-Ranges bytes Content-Length 282 X-Amz-Cf-Id 9C7mf7DpDGlT3DsgjanzoDyCJPDhGoaKNZps8S1-5yw1GFVjcIHUOw==
GET H/1.1	200 OK	O news.gamiast.de/	49 B 196 B	98ms 47ms	Image image/gif	116.203.118.191 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.gamiast.de/O?20247-1738712-1651898-1212518580-4-222.gif Requested by Host: news.gamiast.de URL: http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS lb04.brm24.de Software nginx/1.16.1 / Resource Hash `8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5` Request headers Referer http://news.gamiast.de/vo.php?client_id=20247&mid=54ee34a0e03eb5e0a867719920f466b8&message_id=1651898&campagne_id=1738712 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers Date Thu, 20 Feb 2020 21:17:28 GMT Server nginx/1.16.1 Connection keep-alive Content-Length 49 Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pikone.de
news.gamiast.de
116.203.118.191
2600:9000:214f:5600:4:c79c:d1c0:93a1
1a7ba8d2eac86376af21cda46d884e7f445db152515cdc5026c0702fbcde4eac
5355a434f4ef72f4830a57656b3dadebe9749b354e97615c418268cb09900461
738ebc0e0f7a7f3d5667643067fe28a372c5e95e4b774d74ef3e73e3a2131e2d
89d24bde5b0b564ea3cec51f004f3558d5c06c3022954af58cad90ec089cdcb7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9f771adb3b4a78c3303025cd5c2a959ab46519214c3b90491f1bfc63b0c9257a
f3f760fd3de096f1669ab4ad275cfd5b483eeac01527ee1b9a9f960c56badef2

news.gamiast.de Open in urlscan Pro 116.203.118.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

14 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

755 kBTransfer

789 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

news.gamiast.de Open in urlscan Pro
116.203.118.191 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

14 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

755 kB
Transfer

789 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions