www.hannah.kenshung-ehost-services205-com.kenshung.com Open in urlscan Pro
50.28.1.43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hannah.kenshung-ehost-services205-com.kenshung.com/
Submission: On June 04 via automatic, source certstream-suspicious (June 4th 2020, 11:16:26 am UTC)

Summary HTTP 22 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 50.28.1.43, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is www.hannah.kenshung-ehost-services205-com.kenshung.com.
TLS certificate: Issued by hannah.kenshung-ehost-services205-com... on June 4th 2020. Valid for: a year.

This is the only time www.hannah.kenshung-ehost-services205-com.kenshung.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: GMX (Online)

Domain & IP information

	IP Address	AS Autonomous System
6	50.28.1.43 50.28.1.43	32244 (LIQUIDWEB) (LIQUIDWEB)
11	72.247.224.236 72.247.224.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	195.20.250.111 195.20.250.111	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1 2	82.165.229.54 82.165.229.54	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
2	195.20.250.183 195.20.250.183	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
2 3	91.215.100.40 91.215.100.40	43407 (INFONLINE-AS) (INFONLINE-AS)
22	6

6 50.28.1.43 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: salmon.exacthosting.com

www.hannah.kenshung-ehost-services205-com.kenshung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 72.247.224.236 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-236.deploy.static.akamaitechnologies.com

js.ui-portal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ui-portal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.20.250.111 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: uim-bs.tifbs.net

uim.tifbs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.165.229.54 (Germany) 1 redirects

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: wa.ui-portal.de

wa.ui-portal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.20.250.183 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: t-bs.uimserv.net

t.uimserv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.215.100.40 (Germany) 2 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de4.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ui-portal.de 1 redirects js.ui-portal.de img.ui-portal.de wa.ui-portal.de	210 KB
6	kenshung.com www.hannah.kenshung-ehost-services205-com.kenshung.com	23 KB
3	ioam.de 2 redirects de.ioam.de	3 KB
2	uimserv.net t.uimserv.net	1 KB
1	tifbs.net uim.tifbs.net	10 KB
22	5

	Domain	Requested by
8	img.ui-portal.de	www.hannah.kenshung-ehost-services205-com.kenshung.com
6	www.hannah.kenshung-ehost-services205-com.kenshung.com	www.hannah.kenshung-ehost-services205-com.kenshung.com
3	de.ioam.de	2 redirects www.hannah.kenshung-ehost-services205-com.kenshung.com
3	js.ui-portal.de	www.hannah.kenshung-ehost-services205-com.kenshung.com
2	t.uimserv.net	www.hannah.kenshung-ehost-services205-com.kenshung.com
2	wa.ui-portal.de	1 redirects www.hannah.kenshung-ehost-services205-com.kenshung.com
1	uim.tifbs.net	www.hannah.kenshung-ehost-services205-com.kenshung.com
22	7

This site contains links to these domains. Also see Links.

Domain
www.gmx.net
registrierung.gmx.net
passwort.gmx.net
service.gmx.net
newsroom.gmx.net
agb-server.gmx.net

Subject Issuer	Validity	Valid
hannah.kenshung-ehost-services205-com.kenshung.com hannah.kenshung-ehost-services205-com.kenshung.com	`2020-06-04` - `2021-06-04`	a year	crt.sh
img.ui-portal.de GeoTrust RSA CA 2018	`2019-08-06` - `2020-11-04`	a year	crt.sh
*.tifbs.net GeoTrust RSA CA 2018	`2019-11-26` - `2021-11-25`	2 years	crt.sh
*.ui-portal.de GeoTrust RSA CA 2018	`2018-07-06` - `2020-07-05`	2 years	crt.sh
*.uimserv.net GeoTrust RSA CA 2018	`2018-02-19` - `2021-02-18`	3 years	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/
Frame ID: 79355E9EC78A1CFA3FDE80DE6622F848
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

73 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

244 kB
Transfer

564 kB
Size

1
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gmx.net/
Title: GMX

Search URL Search Domain Scan URL

URL: https://www.gmx.net/produkte/
Title: Produkte

Search URL Search Domain Scan URL

URL: https://registrierung.gmx.net/#.login.loginbox_1.1.registrierung
Title: Jetzt kostenlos registrieren!

Search URL Search Domain Scan URL

URL: https://passwort.gmx.net/
Title: Passwort vergessen?

Search URL Search Domain Scan URL

URL: https://www.gmx.net/internetmadeingermany/

Search URL Search Domain Scan URL

URL: https://www.gmx.net/e-mail-made-in-germany/

Search URL Search Domain Scan URL

URL: https://www.gmx.net/cloud-made-in-germany/

Search URL Search Domain Scan URL

URL: https://www.gmx.net/themen/unicef/

Search URL Search Domain Scan URL

URL: https://www.gmx.net/produkte/de-mail/

Search URL Search Domain Scan URL

URL: https://service.gmx.net/de/cgi/g.fcgi/support
Title: Service

Search URL Search Domain Scan URL

URL: https://newsroom.gmx.net/page-gmx-vom-e-mail-dienst-zum-cloud-anbieter-2/
Title: Über GMX

Search URL Search Domain Scan URL

URL: https://www.gmx.net/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://agb-server.gmx.net/gmxagb-de
Title: AGB

Search URL Search Domain Scan URL

URL: https://www.gmx.net/datenschutz/
Title: Datenschutzhinweise

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://wa.ui-portal.de/gmx/gmx/s?produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591269370775&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=https%3A//www.hannah.kenshung-ehost-services205-com.kenshung.com/&ns_referrer= HTTP 302
https://wa.ui-portal.de/gmx/gmx/s?_wa=03ad2b198b93febeeb65153f3232c183&produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591269370775&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=https%3A//www.hannah.kenshung-ehost-services205-com.kenshung.com/&ns_referrer=

Request Chain 20

https://de.ioam.de/tx.io?st=gmx&cp=89&sv=ke&sur=yes&sc=no&pt=CP&ps=lin&er=N22&rf=&ur=www.hannah.kenshung-ehost-services205-com.kenshung.com&xy=1600x1200x24&cb=8004&vr=415&id=b3ypd5&dntt=0&lt=1591269370789&ev=&cs=y9ezzz&mo=0 HTTP 302
https://de.ioam.de/tx.io?st=gmx&cp=89&sv=ke&sur=yes&sc=no&pt=CP&ps=lin&er=N22&rf=&ur=www.hannah.kenshung-ehost-services205-com.kenshung.com&xy=1600x1200x24&cb=8004&vr=415&id=b3ypd5&dntt=0&lt=1591269370789&ev=&cs=y9ezzz&mo=0&sr=71 HTTP 302
https://de.ioam.de/blank.gif

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.hannah.kenshung-ehost-services205-com.kenshung.com/	9 KB 3 KB	1281ms 135ms	Document text/html	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `8f616591597836bda54953558e846033f15579a6b9499e917e20facc7ba29d9a` Request headers :method GET :authority www.hannah.kenshung-ehost-services205-com.kenshung.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 04 Jun 2020 11:16:10 GMT server Apache last-modified Wed, 05 Feb 2020 13:27:58 GMT accept-ranges bytes cache-control max-age=600 expires Thu, 04 Jun 2020 11:26:10 GMT vary Accept-Encoding content-encoding gzip content-length 3095 content-type text/html
GET H2	200	base.css js.ui-portal.de/ci/gmx/global/20180208/	145 KB 22 KB	120ms 40ms	Stylesheet text/css	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/base.css Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `9c84d35ec71a99f16ce60bfa2977e5ce025e31143fad8736bca43ceb651cffc5` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 13:02:05 GMT server Apache etag "24431-58c4dc4c84590" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=936 accept-ranges bytes x-robots-tag noindex content-length 22591
GET H2	200	adaptive.css js.ui-portal.de/ci/gmx/global/20180208/	45 KB 8 KB	143ms 64ms	Stylesheet text/css	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/adaptive.css Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `634e8eccad8d3201faf04e702d575aa23057f5f6ce499f25b1dca77f336ae1ef` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 13:25:12 GMT server Apache etag "b450-58c4e177895a3" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=1232 accept-ranges bytes x-robots-tag noindex content-length 7865
GET H2	200	base-adaptive.js Show response js.ui-portal.de/ci/gmx/global/20180208/	203 KB 63 KB	145ms 66ms	Script application/javascript	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/base-adaptive.js Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `987951c68e0c376b1b3751afb182729c272b2f77b8beb8be436cd0b4d61c82d9` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Fri, 07 Sep 2018 14:12:36 GMT server Apache etag "32b00-57548997b03f3" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=144 accept-ranges bytes x-robots-tag noindex content-length 64113
GET H2	200	internet_made_in_germany.png www.hannah.kenshung-ehost-services205-com.kenshung.com/a/	4 KB 4 KB	134ms 134ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.hannah.kenshung-ehost-services205-com.kenshung.com/a/internet_made_in_germany.png Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `f47999ceb30f952debf5e9aa5f6a86f881da6cb7c4fafca57fce00d18c1f511d` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Fri, 24 Jan 2020 11:57:42 GMT server Apache vary Accept-Encoding content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 3819 expires Sat, 04 Jul 2020 11:16:10 GMT
GET H2	200	EmiG.png www.hannah.kenshung-ehost-services205-com.kenshung.com/a/	4 KB 4 KB	135ms 134ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.hannah.kenshung-ehost-services205-com.kenshung.com/a/EmiG.png Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `c7cf6e45fc63c15df0adc9ac96cd0d503a3ac6d1ce9d89192855e3b623dec2ba` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Fri, 24 Jan 2020 11:57:42 GMT server Apache vary Accept-Encoding content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 4391 expires Sat, 04 Jul 2020 11:16:10 GMT
GET H2	200	cloud_made_in_germany.png www.hannah.kenshung-ehost-services205-com.kenshung.com/a/	3 KB 3 KB	241ms 240ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.hannah.kenshung-ehost-services205-com.kenshung.com/a/cloud_made_in_germany.png Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `e6782181125e9be5ed53e2d937890999a1d39c50d34127af5bb1b7adf30fa313` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Fri, 24 Jan 2020 11:57:42 GMT server Apache vary Accept-Encoding content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 3377 expires Sat, 04 Jul 2020 11:16:10 GMT
GET H2	200	unicef.png www.hannah.kenshung-ehost-services205-com.kenshung.com/a/	5 KB 5 KB	135ms 135ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.hannah.kenshung-ehost-services205-com.kenshung.com/a/unicef.png Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `5db6c1e738317112c38990d5f2586dc1c547bc140798e65b898457bbb6422904` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Fri, 24 Jan 2020 11:57:42 GMT server Apache vary Accept-Encoding content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 5081 expires Sat, 04 Jul 2020 11:16:10 GMT
GET H2	200	de-mail.png www.hannah.kenshung-ehost-services205-com.kenshung.com/a/	4 KB 4 KB	241ms 241ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://www.hannah.kenshung-ehost-services205-com.kenshung.com/a/de-mail.png Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `f6d18f1a0126027cf6dbcde0b163fc06d8eeeff86569fb1e08a29037acfb0576` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Fri, 24 Jan 2020 11:57:42 GMT server Apache vary Accept-Encoding content-type image/png status 200 cache-control max-age=2592000 accept-ranges bytes content-length 3693 expires Sat, 04 Jul 2020 11:16:10 GMT
GET H/1.1	200 OK	1346.js Show response uim.tifbs.net/js/	28 KB 10 KB	90ms 23ms	Script application/javascript	195.20.250.111 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Full URL https://uim.tifbs.net/js/1346.js Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 195.20.250.111 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS uim-bs.tifbs.net Software Apache / Resource Hash `b6b36b5f64cb3b72ea1d88e669c071def340bbf4bb2aa060055d10216a632514` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 11:16:10 GMT Content-Encoding gzip Last-Modified Thu, 02 Apr 2020 06:35:14 GMT Server Apache ETag "700e-5a24900d7ac80-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, public Connection close Accept-Ranges bytes Content-Length 9688
GET H2	200	logoCI2018_de.png img.ui-portal.de/ci/gmx/global/	3 KB 3 KB	38ms 36ms	Image image/png	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/logoCI2018_de.png Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `0b546c8297848467d2a26d1f48a00fa3691f2b65edebc4e220b312718e07b46f` Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT last-modified Sun, 21 Jan 2018 14:09:40 GMT server Apache etag "c7d-56349dd51c0bf" content-type image/png status 200 cache-control public, max-age=1138 accept-ranges bytes x-robots-tag noindex content-length 3197
GET H2	200	header_home_icon_24_hellgrau.svg img.ui-portal.de/ci/gmx/global/nav/	1018 B 775 B	41ms 40ms	Image image/svg+xml	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/nav/header_home_icon_24_hellgrau.svg Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `19ff286b0fc42c787e805701d2a39a3be91361e9b53e804ba458724464d35652` Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT content-encoding gzip last-modified Fri, 26 Jan 2018 13:42:00 GMT server Apache status 200 etag "3fa-563ae0f94d224" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=1490 accept-ranges bytes x-robots-tag noindex content-length 582
GET H2	200	breadcrumb.gif img.ui-portal.de/ci/gmx/global/icon/	49 B 376 B	38ms 36ms	Image image/gif	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/icon/breadcrumb.gif Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `1b9fec2191fc270b09bd76974d73e73ed5a2ad12717e0dc9c7099f8089c4c431` Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-im-lunatoken ui-https-166990 last-modified Fri, 15 Nov 2013 10:25:39 GMT server Apache etag "31-4eb349ea0aec0" x-im2g-akamai-auth-data salt=4403660608638223199 parse=1 adapted=1 x-im-original-width 6 status 200 x-im2g-akamai-auth-sign x0iX2gtfiODUtX3sLifeRYo4CxXr1qdUxFIwE+7KlZg= cache-control public, max-age=1629 x-im-original-size 49 x-im-encoding-quality 100 content-type image/gif content-length 49 date Thu, 04 Jun 2020 11:16:10 GMT
GET H2	200	l-hero_desktop_1000x496.jpg img.ui-portal.de/cms/gmx/produkte/grusskarten/	27 KB 28 KB	50ms 49ms	Image image/jpeg	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/cms/gmx/produkte/grusskarten/l-hero_desktop_1000x496.jpg Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `bd77bf22bb45184e0bc86eac9100d0e1dbaa8cf7c4e0c4fa94819408249bf80a` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT last-modified Thu, 18 Dec 2014 08:32:04 GMT server Apache etag "6d58-50a796d434900" content-type image/jpeg status 200 cache-control public, max-age=1590 accept-ranges bytes x-robots-tag noindex content-length 27992
GET H2	200	l-hero_tablet_620x376.jpg img.ui-portal.de/cms/gmx/produkte/grusskarten/	44 KB 45 KB	93ms 92ms	Image image/jpeg	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/cms/gmx/produkte/grusskarten/l-hero_tablet_620x376.jpg Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `a0595248b03f65c5ecb5ee9b3f44b1ef394fc5b977cd6ea7151abc1f647d8ae7` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT last-modified Fri, 18 May 2018 08:49:25 GMT server Apache etag "b1f8-56c77076e3dfb" content-type image/jpeg status 200 cache-control public, max-age=1800 accept-ranges bytes x-robots-tag noindex content-length 45560
GET H2	200	l-hero_smartphone_300x318.jpg img.ui-portal.de/cms/gmx/produkte/grusskarten/	12 KB 12 KB	74ms 73ms	Image image/jpeg	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/cms/gmx/produkte/grusskarten/l-hero_smartphone_300x318.jpg Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `7cbaccfa0b46ab191fec047655473d318f49bb17361d28329bcca35c31535d2e` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT last-modified Thu, 18 Dec 2014 08:32:04 GMT server Apache etag "310c-50a796d434900" content-type image/jpeg status 200 cache-control public, max-age=936 accept-ranges bytes x-robots-tag noindex content-length 12556
GET H2	200	hint_16x16.png img.ui-portal.de/ci/gmx/global/icon/	974 B 1 KB	39ms 39ms	Image image/png	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/icon/hint_16x16.png Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `d5eb5d3724dc0762e05678e16c2a1c893e8f1cee6076ca191914573be5ac3695` Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 11:16:10 GMT last-modified Wed, 25 Sep 2013 14:11:37 GMT server Apache etag "3ce-4e735d4d73840" content-type image/png status 200 cache-control public, max-age=779 accept-ranges bytes x-robots-tag noindex content-length 974
GET H2	200	RobotoCondensed-Regular-webfont.woff img.ui-portal.de/ci/gmx/global/fonts/roboto/	25 KB 25 KB	114ms 40ms	Font application/font-woff	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css Origin https://www.hannah.kenshung-ehost-services205-com.kenshung.com Response headers date Thu, 04 Jun 2020 11:16:10 GMT last-modified Thu, 27 Feb 2014 04:45:48 GMT server Apache etag "62b4-4f35bfeb9b700" status 200 content-type application/font-woff access-control-allow-origin * cache-control public, max-age=2335623 accept-ranges bytes x-robots-tag noindex content-length 25268
GET H/1.1	200 OK	s wa.ui-portal.de/gmx/gmx/ Redirect Chain https://wa.ui-portal.de/gmx/gmx/s?produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591269370775&ns... https://wa.ui-portal.de/gmx/gmx/s?_wa=03ad2b198b93febeeb65153f3232c183&produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&...	43 B 383 B	20ms 19ms	Image image/gif	82.165.229.54 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Show image Full URL https://wa.ui-portal.de/gmx/gmx/s?_wa=03ad2b198b93febeeb65153f3232c183&produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591269370775&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=https%3A//www.hannah.kenshung-ehost-services205-com.kenshung.com/&ns_referrer= Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 82.165.229.54 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS wa.ui-portal.de Software Apache / Resource Hash `afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 04 Jun 2020 11:16:10 GMT Server Apache P3P CP="this is not a p3p policy" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Content-Type image/gif Keep-Alive timeout=3, max=99 Content-Length 43 Expires Wed, 11 Jan 1984 05:00:00 GMT Redirect headers Pragma no-cache Date Thu, 04 Jun 2020 11:16:10 GMT Server Apache P3P CP="this is not a p3p policy" Location https://wa.ui-portal.de/gmx/gmx/s?_wa=03ad2b198b93febeeb65153f3232c183&produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591269370775&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=https%3A//www.hannah.kenshung-ehost-services205-com.kenshung.com/&ns_referrer= Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Content-Type text/html; charset=iso-8859-1 Keep-Alive timeout=3, max=100 Content-Length 609 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200	/ t.uimserv.net/traffic_p/	42 B 756 B	79ms 19ms	Image image/gif	195.20.250.183 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Show image Full URL https://t.uimserv.net/traffic_p/?md=gmx&et=CP&agof=89&sc=produkte/grusskarten/index&brand=gmx&region=de&dclass=desktop&tif=1346&d=82710&r= Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 195.20.250.183 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS t-bs.uimserv.net Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 04 Jun 2020 11:16:10 GMT Content-Type image/gif Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers P3P policyref="http://adimg.uimserv.net/UIM/netgravity/p3p/p3p.xml", CP="NON DSP NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP BUS UNI COM NAV INT" Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive TS-UUID 19cad941-ce66-4e74-bf8f-69b0de73f66f Keep-Alive timeout=60 Content-Length 42 Expires Wed, 20 Oct 2010 20:10:20 GMT
GET H/1.1	200	/ t.uimserv.net/drp_p/	42 B 757 B	88ms 22ms	Image image/gif	195.20.250.183 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Show image Full URL https://t.uimserv.net/drp_p/?md=uid&et=AP&site=gmx&region=de&sc=produkte/grusskarten/index&tif=1346&d=51825 Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 195.20.250.183 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS t-bs.uimserv.net Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 04 Jun 2020 11:16:10 GMT Content-Type image/gif Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers P3P policyref="http://adimg.uimserv.net/UIM/netgravity/p3p/p3p.xml", CP="NON DSP NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP BUS UNI COM NAV INT" Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive TS-UUID f019a61d-422f-4f15-9bbd-93ddb718cf3d Keep-Alive timeout=60 Content-Length 42 Expires Wed, 20 Oct 2010 20:10:20 GMT
GET H/1.1	200 OK	blank.gif de.ioam.de/ Redirect Chain https://de.ioam.de/tx.io?st=gmx&cp=89&sv=ke&sur=yes&sc=no&pt=CP&ps=lin&er=N22&rf=&ur=www.hannah.kenshung-ehost-services205-com.kenshung.com&xy=1600x1200x24&cb=8004&vr=415&id=b3ypd5&dntt=0&lt=159126... https://de.ioam.de/tx.io?st=gmx&cp=89&sv=ke&sur=yes&sc=no&pt=CP&ps=lin&er=N22&rf=&ur=www.hannah.kenshung-ehost-services205-com.kenshung.com&xy=1600x1200x24&cb=8004&vr=415&id=b3ypd5&dntt=0&lt=159126... https://de.ioam.de/blank.gif	43 B 651 B	22ms 22ms	Image image/gif	91.215.100.40 INFONLINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://de.ioam.de/blank.gif Requested by Host: www.hannah.kenshung-ehost-services205-com.kenshung.com URL: https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.215.100.40 , Germany, ASN43407 (INFONLINE-AS, NL), Reverse DNS de4.ioam.de Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer https://www.hannah.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 11:16:10 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS P3P policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV Access-Control-Allow-Origin * Cache-Control max-age=86400 Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies Content-Length 43 Expires Fri, 05 Jun 2020 11:16:10 GMT Redirect headers Date Thu, 04 Jun 2020 11:16:10 GMT Access-Control-Allow-Origin * X-Powered-By BLACKBIRD-RCV v1.06.2 0036 Transfer-Encoding chunked P3P policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV Connection keep-alive Pragma no-cache Last-Modified Thu, 04 Jun 2020 11:16:10 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Location /blank.gif Cache-Control no-store, no-cache, must-revalidate Access-Control-Allow-Credentials true Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies Expires Tue, 04 Jun 2019 11:16:10 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: GMX (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kenshung.com/	1970-01-20 03:32:21	Name: ns_sample Value: 45

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

de.ioam.de
img.ui-portal.de
js.ui-portal.de
t.uimserv.net
uim.tifbs.net
wa.ui-portal.de
www.hannah.kenshung-ehost-services205-com.kenshung.com
195.20.250.111
195.20.250.183
50.28.1.43
72.247.224.236
82.165.229.54
91.215.100.40
0b546c8297848467d2a26d1f48a00fa3691f2b65edebc4e220b312718e07b46f
19ff286b0fc42c787e805701d2a39a3be91361e9b53e804ba458724464d35652
1b9fec2191fc270b09bd76974d73e73ed5a2ad12717e0dc9c7099f8089c4c431
5db6c1e738317112c38990d5f2586dc1c547bc140798e65b898457bbb6422904
634e8eccad8d3201faf04e702d575aa23057f5f6ce499f25b1dca77f336ae1ef
7cbaccfa0b46ab191fec047655473d318f49bb17361d28329bcca35c31535d2e
7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6
8f616591597836bda54953558e846033f15579a6b9499e917e20facc7ba29d9a
987951c68e0c376b1b3751afb182729c272b2f77b8beb8be436cd0b4d61c82d9
9c84d35ec71a99f16ce60bfa2977e5ce025e31143fad8736bca43ceb651cffc5
a0595248b03f65c5ecb5ee9b3f44b1ef394fc5b977cd6ea7151abc1f647d8ae7
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b6b36b5f64cb3b72ea1d88e669c071def340bbf4bb2aa060055d10216a632514
bd77bf22bb45184e0bc86eac9100d0e1dbaa8cf7c4e0c4fa94819408249bf80a
c7cf6e45fc63c15df0adc9ac96cd0d503a3ac6d1ce9d89192855e3b623dec2ba
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5eb5d3724dc0762e05678e16c2a1c893e8f1cee6076ca191914573be5ac3695
e6782181125e9be5ed53e2d937890999a1d39c50d34127af5bb1b7adf30fa313
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47999ceb30f952debf5e9aa5f6a86f881da6cb7c4fafca57fce00d18c1f511d
f6d18f1a0126027cf6dbcde0b163fc06d8eeeff86569fb1e08a29037acfb0576

www.hannah.kenshung-ehost-services205-com.kenshung.com Open in urlscan Pro 50.28.1.43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

73 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

244 kBTransfer

564 kBSize

1 Cookies

14 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

1 Cookies

Indicators

www.hannah.kenshung-ehost-services205-com.kenshung.com Open in urlscan Pro
50.28.1.43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

73 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

244 kB
Transfer

564 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!