106.52.247.30 Open in urlscan Pro
106.52.247.30 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://106.52.247.30:6080/
Submission: On June 14 via automatic, source urlhaus (June 14th 2024, 12:29:09 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 17 HTTP transactions. The main IP is 106.52.247.30, located in Guangzhou, China and belongs to TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN. The main domain is 106.52.247.30.

This is the only time 106.52.247.30 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Downloads These files were downloaded by the website

Incomplete help.scr 9 MB

Size: 9 MB (9402368 bytes, 3% done)

Downloaded from: http://106.52.247.30:6080/help.scr

Domain & IP information

	IP Address		AS Autonomous System
17	106.52.247.30 106.52.247.30		45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
17	1

17 106.52.247.30 (Guangzhou, China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

106.52.247.30	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	0

	Domain	Requested by
17	0

This site contains links to these domains. Also see Links.

Domain
www.magicwinmail.com

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://106.52.247.30:6080/
Frame ID: 430B36795ECA059887195548679123F5
Requests: 16 HTTP requests in this frame

Frame: http://106.52.247.30:6080/help.scr
Frame ID: 56231763600CC364FBFC6B02EA771E7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://106.52.247.30:6080/ HTTP 307
https://106.52.247.30:6080/ HTTP 307
http://106.52.247.30:6080/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

172 kB
Transfer

230 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.magicwinmail.com/?so=winmailcust
Title: Powered by Winmail Server

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://106.52.247.30:6080/ HTTP 307
https://106.52.247.30:6080/ HTTP 307
http://106.52.247.30:6080/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 106.52.247.30/ Redirect Chain http://106.52.247.30:6080/ https://106.52.247.30:6080/ http://106.52.247.30:6080/	12 KB 13 KB	334ms 334ms	Document text/html	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `2c1a4b3ccbe66f276fbe7ae87be71aa9c8744d61f42c9c2f32b81e84acff25a0` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Connection Keep-Alive Content-Type text/html; charset=utf-8 Date Fri, 14 Jun 2024 12:28:56 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked Redirect headers Location http://106.52.247.30:6080/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	base64.js Show response 106.52.247.30/js/	4 KB 4 KB	194ms 194ms	Script application/javascript	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL http://106.52.247.30:6080/js/base64.js?v=796025be78a65b3db41868ecd41ec18e Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `226b6144cdb819eac26eadc929c7bd106af75fb21d0c1ac6ca4f6ba50f4c184d` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:57 GMT Last-Modified Fri, 19 Nov 2010 00:37:36 GMT Server Apache ETag "e4a-4955d1ce35400" Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3658 Expires Sun, 14 Jul 2024 12:28:57 GMT
GET H/1.1	200 OK	webmail.css 106.52.247.30/css/default/	2 KB 2 KB	385ms 194ms	Stylesheet text/css	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL http://106.52.247.30:6080/css/default/webmail.css?v=796025be78a65b3db41868ecd41ec18e Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `b18e3a01586028100f94278a882b60404ce1d5fea14b02269130cd5179c4f775` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:57 GMT Last-Modified Tue, 08 Mar 2016 09:25:18 GMT Server Apache ETag "704-52d8628dd1b80" Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1796 Expires Sun, 14 Jul 2024 12:28:57 GMT
GET H/1.1	200 OK	jquery.js Show response 106.52.247.30/js/	95 KB 95 KB	434ms 217ms	Script application/javascript	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL http://106.52.247.30:6080/js/jquery.js?v=796025be78a65b3db41868ecd41ec18e Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:57 GMT Last-Modified Tue, 28 Feb 2017 09:16:24 GMT Server Apache ETag "17b8b-54993a661ca00" Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 97163 Expires Sun, 14 Jul 2024 12:28:57 GMT
GET H/1.1	200 OK	jquery.dialog.css 106.52.247.30/common/dialog/	1 KB 2 KB	1438ms 1246ms	Stylesheet text/css	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL http://106.52.247.30:6080/common/dialog/jquery.dialog.css?v=796025be78a65b3db41868ecd41ec18e Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `b6a026488e20b8cd6419beb893bd29b332ebd025aed4e854277693bb41fcbe81` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:57 GMT Last-Modified Wed, 24 Jun 2015 03:38:00 GMT Server Apache ETag "4c6-5193b3bc3b600" Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1222 Expires Sun, 14 Jul 2024 12:28:57 GMT
GET H/1.1	200 OK	jquery.dialog.js Show response 106.52.247.30/common/dialog/	8 KB 8 KB	587ms 202ms	Script application/javascript	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL http://106.52.247.30:6080/common/dialog/jquery.dialog.js?v=796025be78a65b3db41868ecd41ec18e Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `b4c3823d8ec3b9d662ac5a54fcc6521d6df8da6ae7df7b3735de00aeff922ef9` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:57 GMT Last-Modified Tue, 03 Jun 2014 03:00:12 GMT Server Apache ETag "1fd7-4fae5b5d60700" Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8151 Expires Sun, 14 Jul 2024 12:28:57 GMT
GET H/1.1	200 OK	qrcode.js Show response 106.52.247.30/js/	32 KB 33 KB	1189ms 198ms	Script application/javascript	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL http://106.52.247.30:6080/js/qrcode.js?v=796025be78a65b3db41868ecd41ec18e Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `07976ddf9f1472e5dc3dc18348342242039241311f0adcdacfba1f3a8b067704` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:57 GMT Last-Modified Fri, 22 Jan 2016 01:04:56 GMT Server Apache ETag "8190-529e1ceb67e00" Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 33168 Expires Sun, 14 Jul 2024 12:28:57 GMT
GET H/1.1	200 OK	logo.gif 106.52.247.30/customer/	4 KB 4 KB	1454ms 207ms	Image image/gif	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/customer/logo.gif Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `f1f68f942dc956746a5b898e7498d29e08d06a446adb4ed43cd4f97f0834231a` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:58 GMT Last-Modified Fri, 18 Jun 2010 04:56:00 GMT Server Apache ETag "e97-48946c56fd800" Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3735 Expires Sun, 14 Jul 2024 12:28:58 GMT
GET H/1.1	200 OK	index_winmail_new.gif 106.52.247.30/customer/	4 KB 5 KB	1168ms 201ms	Image image/gif	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/customer/index_winmail_new.gif Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `e88b26d53061fa91ec08e8abb1abaaeb8415c89a7dd97fdcaa89a6d2e891fef2` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:58 GMT Last-Modified Fri, 02 Apr 2010 03:07:56 GMT Server Apache ETag "11e5-48338492dfb00" Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4581 Expires Sun, 14 Jul 2024 12:28:58 GMT
GET H/1.1	200 OK	l.gif 106.52.247.30/images/default/	766 B 1 KB	607ms 195ms	Image image/gif	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/images/default/l.gif Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `ed24821b5dc76dbbbea283173cfe71a8a70767c53965b5a712023d759b3078e1` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:59 GMT Last-Modified Thu, 18 Mar 2010 08:13:58 GMT Server Apache ETag "2fe-4820ed0053d80" Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 766 Expires Sun, 14 Jul 2024 12:28:59 GMT
GET H/1.1	200 OK	b_02.gif 106.52.247.30/images/default/	59 B 397 B	475ms 193ms	Image image/gif	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/images/default/b_02.gif Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `3aff0b9a0774dc199c2371382b6fc126dbb8638c95266e7e24559419b037c327` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:59 GMT Last-Modified Fri, 19 Mar 2010 07:18:34 GMT Server Apache ETag "3b-4822227bc6680" Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 59 Expires Sun, 14 Jul 2024 12:28:59 GMT
GET H/1.1	200 OK	qrcode.gif 106.52.247.30/images/	184 B 523 B	588ms 198ms	Image image/gif	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/images/qrcode.gif Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `905978bb7c2c1d23d5301d7788c24f79f00c350554f198b1b96b0682e345fafe` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:59 GMT Last-Modified Mon, 24 Aug 2015 08:50:32 GMT Server Apache ETag "b8-51e0ab5ca6600" Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 184 Expires Sun, 14 Jul 2024 12:28:59 GMT
GET H/1.1	200 OK	help.scr 106.52.247.30/ Frame 5623	0 0	364ms 193ms	Document application/octet-stream	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Full URL http://106.52.247.30:6080/help.scr Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 9402368 Date Fri, 14 Jun 2024 12:28:57 GMT ETag "8f7800-5dd13e003f697" Keep-Alive timeout=5, max=100 Last-Modified Wed, 20 Apr 2022 10:58:36 GMT Server Apache
GET H/1.1	200 OK	b_02.gif 106.52.247.30/images/default/	59 B 0	1ms 0ms	Image image/gif	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/images/default/b_02.gif Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `3aff0b9a0774dc199c2371382b6fc126dbb8638c95266e7e24559419b037c327` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:28:59 GMT Last-Modified Fri, 19 Mar 2010 07:18:34 GMT Server Apache ETag "3b-4822227bc6680" Content-Type image/gif Cache-Control max-age=2592000 Accept-Ranges bytes Content-Length 59 Expires Sun, 14 Jul 2024 12:28:59 GMT
GET H/1.1	200 OK	index_bg2.jpg 106.52.247.30/customer/	63 KB 0	501ms 500ms	Image image/jpeg	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/customer/index_bg2.jpg Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:29:04 GMT Last-Modified Mon, 12 Feb 2018 07:09:00 GMT Server Apache ETag "1c26e-564fe8d617b00" Content-Type image/jpeg Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 115310 Expires Sun, 14 Jul 2024 12:29:04 GMT
GET H/1.1	200 OK	login_bg.gif 106.52.247.30/images/default/	3 KB 3 KB	199ms 199ms	Image image/gif	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/images/default/login_bg.gif Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/ Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `3e3836e16fd5f7ca5df9ea99dd040f6e4165025428916ba9d426cfc0967ad058` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:29:04 GMT Last-Modified Fri, 02 Apr 2010 02:33:08 GMT Server Apache ETag "b63-48337ccb9a100" Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 2915 Expires Sun, 14 Jul 2024 12:29:04 GMT
GET H/1.1	200 OK	bt_blue.gif 106.52.247.30/images/default/	2 KB 2 KB	1215ms 1215ms	Image image/gif	106.52.247.30 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL http://106.52.247.30:6080/images/default/bt_blue.gif Requested by Host: 106.52.247.30 URL: http://106.52.247.30:6080/css/default/webmail.css?v=796025be78a65b3db41868ecd41ec18e Protocol HTTP/1.1 Server 106.52.247.30 Guangzhou, China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software Apache / Resource Hash `8469ccbe52adc70adb58c089ca488dbaf56f798d73eb0c719638fdd100bb06b3` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer http://106.52.247.30:6080/css/default/webmail.css?v=796025be78a65b3db41868ecd41ec18e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 14 Jun 2024 12:29:04 GMT Last-Modified Mon, 01 Jul 2013 01:48:14 GMT Server Apache ETag "6ad-4e0696bf13380" Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1709 Expires Sun, 14 Jul 2024 12:29:04 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
106.52.247.30/	1970-01-20 22:02:40	Name: magicwinmail_default_theme Value: default
106.52.247.30/	1969-12-31 23:59:59	Name: magicwinmail_agent_type Value: pc
106.52.247.30/	1970-01-20 22:02:40	Name: magicwinmail_default_language Value: ch_gb
106.52.247.30/	1970-01-20 22:02:40	Name: magicwinmail_login_domain Value: gocomeb.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

106.52.247.30
07976ddf9f1472e5dc3dc18348342242039241311f0adcdacfba1f3a8b067704
226b6144cdb819eac26eadc929c7bd106af75fb21d0c1ac6ca4f6ba50f4c184d
2c1a4b3ccbe66f276fbe7ae87be71aa9c8744d61f42c9c2f32b81e84acff25a0
3aff0b9a0774dc199c2371382b6fc126dbb8638c95266e7e24559419b037c327
3e3836e16fd5f7ca5df9ea99dd040f6e4165025428916ba9d426cfc0967ad058
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
8469ccbe52adc70adb58c089ca488dbaf56f798d73eb0c719638fdd100bb06b3
905978bb7c2c1d23d5301d7788c24f79f00c350554f198b1b96b0682e345fafe
b18e3a01586028100f94278a882b60404ce1d5fea14b02269130cd5179c4f775
b4c3823d8ec3b9d662ac5a54fcc6521d6df8da6ae7df7b3735de00aeff922ef9
b6a026488e20b8cd6419beb893bd29b332ebd025aed4e854277693bb41fcbe81
e88b26d53061fa91ec08e8abb1abaaeb8415c89a7dd97fdcaa89a6d2e891fef2
ed24821b5dc76dbbbea283173cfe71a8a70767c53965b5a712023d759b3078e1
f1f68f942dc956746a5b898e7498d29e08d06a446adb4ed43cd4f97f0834231a

106.52.247.30 Open in urlscan Pro 106.52.247.30 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

1 IPs

1 Countries

172 kBTransfer

230 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

4 Cookies

Indicators

106.52.247.30 Open in urlscan Pro
106.52.247.30 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

172 kB
Transfer

230 kB
Size

4
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!