jessie-keane.co.uk
Open in
urlscan Pro
185.119.174.144
Malicious Activity!
Public Scan
Effective URL: https://jessie-keane.co.uk/nuer/rpl/T-online/Telekom.htm
Submission: On March 08 via manual from DE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 14th 2019. Valid for: 3 months.
This is the only time jessie-keane.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Telekom (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 45.252.248.10 45.252.248.10 | 63760 (AZDIGI-AS...) (AZDIGI-AS-VN AZDIGI Corporation) | |
6 | 185.119.174.144 185.119.174.144 | 198047 (UKWEB-EQX) (UKWEB-EQX) | |
17 | 3 |
ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN)
PTR: h6.azdigi.com
congtymoitruong.com |
ASN198047 (UKWEB-EQX, GB)
PTR: pavilionweb2.servers.prgn.misp.co.uk
jessie-keane.co.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
jessie-keane.co.uk
jessie-keane.co.uk www.jessie-keane.co.uk Failed |
76 KB |
1 |
congtymoitruong.com
congtymoitruong.com |
304 B |
17 | 2 |
Domain | Requested by | |
---|---|---|
6 | jessie-keane.co.uk |
jessie-keane.co.uk
|
1 | congtymoitruong.com | |
0 | www.jessie-keane.co.uk Failed |
jessie-keane.co.uk
|
17 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
meinkonto.telekom-dienste.de |
www.telekom.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
congtymoitruong.com Let's Encrypt Authority X3 |
2019-02-13 - 2019-05-14 |
3 months | crt.sh |
jessie-keane.co.uk Let's Encrypt Authority X3 |
2019-01-14 - 2019-04-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://jessie-keane.co.uk/nuer/rpl/T-online/Telekom.htm
Frame ID: 9423B11A162FE5CDD663E5B0D6C362AD
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://congtymoitruong.com/redirect/indes.php Page URL
- https://jessie-keane.co.uk/nuer/rpl/T-online/Telekom.htm Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
LiteSpeed (Web Servers) Expand
Detected patterns
- headers server /^LiteSpeed$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Passwort vergessen?
Search URL Search Domain Scan URL
Title: Jetzt registrieren
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://congtymoitruong.com/redirect/indes.php Page URL
- https://jessie-keane.co.uk/nuer/rpl/T-online/Telekom.htm Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-bold.woff HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-bold.woff
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-thin.woff HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-thin.woff
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-regular.woff HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-regular.woff
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-outline.woff HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-outline.woff
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-ui.woff HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-ui.woff
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-regular.ttf HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-regular.ttf
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-thin.ttf HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-thin.ttf
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-ui.ttf HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-ui.ttf
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-outline.ttf HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-outline.ttf
- https://jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-bold.ttf HTTP 301
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-bold.ttf
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
indes.php
congtymoitruong.com/redirect/ |
148 B 304 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Telekom.htm
jessie-keane.co.uk/nuer/rpl/T-online/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components.css
jessie-keane.co.uk/nuer/rpl/T-online/Telekom_files/ |
85 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
jessie-keane.co.uk/nuer/rpl/T-online/Telekom_files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.js
jessie-keane.co.uk/nuer/rpl/T-online/Telekom_files/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components.js
jessie-keane.co.uk/nuer/rpl/T-online/Telekom_files/ |
66 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
jessie-keane.co.uk/nuer/rpl/T-online/Telekom_files/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telegroteskscreen-bold.woff
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telegroteskscreen-thin.woff
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telegroteskscreen-regular.woff
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telekomicon-outline.woff
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telekomicon-ui.woff
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telegroteskscreen-regular.ttf
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telegroteskscreen-thin.ttf
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telekomicon-ui.ttf
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telekomicon-outline.ttf
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
telegroteskscreen-bold.ttf
www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-bold.woff
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-thin.woff
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-regular.woff
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-outline.woff
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-ui.woff
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-regular.ttf
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-thin.ttf
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-ui.ttf
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telekomicon-outline.ttf
- Domain
- www.jessie-keane.co.uk
- URL
- https://www.jessie-keane.co.uk/nuer/rpl/T-online/fonts/telegroteskscreen-bold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Telekom (Telecommunication)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| Login boolean| loginTrial boolean| accountLocked boolean| accountLockedPermanent number| accountLockExpiration object| jQuery1113027620640704853170 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
congtymoitruong.com
jessie-keane.co.uk
www.jessie-keane.co.uk
www.jessie-keane.co.uk
185.119.174.144
45.252.248.10
061f6fa8ded6d3126aa2081287f78b9b5479b1b7800a80d1ea72df40ae8a3b3f
398d81bd14d983142b711f0873e4253a7c2c41581f006c529fd9807e184dff37
46ee4054fcdde4283dcd560f28747c1963834e3dbf21905f7bc35f2e84e19e28
97555f1f592b992db8dffc2d0463bce993528d1c0b4fb2ede8b05ce9592abe46
cf6723c12d98257b3d79f051b51726813b998dee662eec193ed8de0d3f9097d1
e5a1bef74748388cadf99777549feff118627b888816a6f57fc0fb36e3cad57f
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8