kenapens.com - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 192.99.81.95, located in Canada and belongs to OVH, FR. The main domain is kenapens.com.

This is the only time kenapens.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Maersk (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1	192.99.81.95 192.99.81.95		16276 (OVH) (OVH)
1	2

1 192.99.81.95 (Canada)

ASN16276 (OVH, FR)

kenapens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	kenapens.com kenapens.com	2 MB
1	1

	Domain	Requested by
1	kenapens.com
1	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://kenapens.com/marsk/marksek1/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: 066C6074B29A986C40D670EA773BC0C5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

url /\.aspx?(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

url /\.aspx?(?:$|\?)/i

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1698 kB
Transfer

2963 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login.php Show response kenapens.com/marsk/marksek1/	2 MB 2 MB	412ms 295ms	Document text/html	192.99.81.95 OVH
General Check archive.org Show headers Download Go to Full URL http://kenapens.com/marsk/marksek1/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.99.81.95 , Canada, ASN16276 (OVH, FR), Reverse DNS Software Apache / PHP/5.3.29 Resource Hash `95558d3c36c3bb81a6798467b9904b88accc88329c104c6931d100cad98829c6` Request headers Host kenapens.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 27 May 2021 01:07:22 GMT Server Apache X-Powered-By PHP/5.3.29 Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html
GET DATA	200 OK	truncated /	90 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8fda4e79f6b98ab1890a54902431fb1fbcdaa5599262b17f0a12534f24e4187b` Request headers Referer http://kenapens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	115 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `05112f50ed02422cec8883a32326e8975cea42861c22e5fe2e0fcb0f0211e54f` Request headers Referer http://kenapens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	257 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `31db972937750fdc2de5d288894d50882876c031f05ee5eafb1a41c5775f35a5` Request headers Referer http://kenapens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	72 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c9afca0cd6a234e984e49f7e63871a20de461b9c320f30e140cfbe8c7dea1b7a` Request headers Referer http://kenapens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	139 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `915ee5d5e27e36936d1f761ad6312b6919dd0018a7244f3ac613c5e705f9f0cd` Request headers Referer http://kenapens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	594 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8a46f0f573f565185557acf1eba4702ae240985c66ff1677157b585a294fb4e2` Request headers Referer http://kenapens.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Maersk (Transportation)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kenapens.com
192.99.81.95
05112f50ed02422cec8883a32326e8975cea42861c22e5fe2e0fcb0f0211e54f
31db972937750fdc2de5d288894d50882876c031f05ee5eafb1a41c5775f35a5
8a46f0f573f565185557acf1eba4702ae240985c66ff1677157b585a294fb4e2
8fda4e79f6b98ab1890a54902431fb1fbcdaa5599262b17f0a12534f24e4187b
915ee5d5e27e36936d1f761ad6312b6919dd0018a7244f3ac613c5e705f9f0cd
95558d3c36c3bb81a6798467b9904b88accc88329c104c6931d100cad98829c6
c9afca0cd6a234e984e49f7e63871a20de461b9c320f30e140cfbe8c7dea1b7a

kenapens.com Open in urlscan Pro 192.99.81.95 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

1 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

1698 kBTransfer

2963 kBSize

0 Cookies

0 Outgoing links

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

kenapens.com Open in urlscan Pro
192.99.81.95 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1698 kB
Transfer

2963 kB
Size

0
Cookies

1 HTTP transactions
6 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!