leonie.kenshung-ehost-services205-com.kenshung.com Open in urlscan Pro
50.28.1.43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://leonie.kenshung-ehost-services205-com.kenshung.com/
Submission: On June 04 via automatic, source openphish (June 4th 2020, 12:38:52 pm UTC)

Summary HTTP 22 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 50.28.1.43, located in Lansing, United States and belongs to LIQUIDWEB, US. The main domain is leonie.kenshung-ehost-services205-com.kenshung.com.

This is the only time leonie.kenshung-ehost-services205-com.kenshung.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: GMX (Online)

Domain & IP information

	IP Address	AS Autonomous System
6	50.28.1.43 50.28.1.43	32244 (LIQUIDWEB) (LIQUIDWEB)
11	72.247.224.236 72.247.224.236	16625 (AKAMAI-AS) (AKAMAI-AS)
1	195.20.250.111 195.20.250.111	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1 2	82.165.229.54 82.165.229.54	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
2	195.20.250.183 195.20.250.183	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
2 3	91.215.103.65 91.215.103.65	43407 (INFONLINE-AS) (INFONLINE-AS)
22	6

6 50.28.1.43 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: salmon.exacthosting.com

leonie.kenshung-ehost-services205-com.kenshung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 72.247.224.236 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-236.deploy.static.akamaitechnologies.com

js.ui-portal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ui-portal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.20.250.111 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: uim-bs.tifbs.net

uim.tifbs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 82.165.229.54 (Germany) 1 redirects

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: wa.ui-portal.de

wa.ui-portal.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.20.250.183 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: t-bs.uimserv.net

t.uimserv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.215.103.65 (Germany) 2 redirects

ASN43407 (INFONLINE-AS, NL)
PTR: de3.ioam.de

de.ioam.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	ui-portal.de 1 redirects js.ui-portal.de img.ui-portal.de wa.ui-portal.de	210 KB
6	kenshung.com leonie.kenshung-ehost-services205-com.kenshung.com	25 KB
3	ioam.de 2 redirects de.ioam.de	3 KB
2	uimserv.net t.uimserv.net	1 KB
1	tifbs.net uim.tifbs.net	10 KB
22	5

	Domain	Requested by
8	img.ui-portal.de	leonie.kenshung-ehost-services205-com.kenshung.com
6	leonie.kenshung-ehost-services205-com.kenshung.com	leonie.kenshung-ehost-services205-com.kenshung.com
3	de.ioam.de	2 redirects leonie.kenshung-ehost-services205-com.kenshung.com
3	js.ui-portal.de	leonie.kenshung-ehost-services205-com.kenshung.com
2	t.uimserv.net	leonie.kenshung-ehost-services205-com.kenshung.com
2	wa.ui-portal.de	1 redirects leonie.kenshung-ehost-services205-com.kenshung.com
1	uim.tifbs.net	leonie.kenshung-ehost-services205-com.kenshung.com
22	7

This site contains links to these domains. Also see Links.

Domain
www.gmx.net
registrierung.gmx.net
passwort.gmx.net
service.gmx.net
newsroom.gmx.net
agb-server.gmx.net

Subject Issuer	Validity	Valid
img.ui-portal.de GeoTrust RSA CA 2018	`2019-08-06` - `2020-11-04`	a year	crt.sh
*.tifbs.net GeoTrust RSA CA 2018	`2019-11-26` - `2021-11-25`	2 years	crt.sh
*.ioam.de Thawte TLS RSA CA G1	`2019-09-18` - `2021-12-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://leonie.kenshung-ehost-services205-com.kenshung.com/
Frame ID: 993906DABF419704679649EA36CB42C0
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

59 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

246 kB
Transfer

564 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gmx.net/
Title: GMX

Search URL Search Domain Scan URL

URL: https://www.gmx.net/produkte/
Title: Produkte

Search URL Search Domain Scan URL

URL: https://registrierung.gmx.net/#.login.loginbox_1.1.registrierung
Title: Jetzt kostenlos registrieren!

Search URL Search Domain Scan URL

URL: https://passwort.gmx.net/
Title: Passwort vergessen?

Search URL Search Domain Scan URL

URL: https://www.gmx.net/internetmadeingermany/

Search URL Search Domain Scan URL

URL: https://www.gmx.net/e-mail-made-in-germany/

Search URL Search Domain Scan URL

URL: https://www.gmx.net/cloud-made-in-germany/

Search URL Search Domain Scan URL

URL: https://www.gmx.net/themen/unicef/

Search URL Search Domain Scan URL

URL: https://www.gmx.net/produkte/de-mail/

Search URL Search Domain Scan URL

URL: https://service.gmx.net/de/cgi/g.fcgi/support
Title: Service

Search URL Search Domain Scan URL

URL: https://newsroom.gmx.net/page-gmx-vom-e-mail-dienst-zum-cloud-anbieter-2/
Title: Über GMX

Search URL Search Domain Scan URL

URL: https://www.gmx.net/impressum/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://agb-server.gmx.net/gmxagb-de
Title: AGB

Search URL Search Domain Scan URL

URL: https://www.gmx.net/datenschutz/
Title: Datenschutzhinweise

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://wa.ui-portal.de/gmx/gmx/s?produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591274316295&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=http%3A//leonie.kenshung-ehost-services205-com.kenshung.com/&ns_referrer= HTTP 302
http://wa.ui-portal.de/gmx/gmx/s?_wa=9121e5fc9333fade5a6b5c31a88205c0&produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591274316295&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=http%3A//leonie.kenshung-ehost-services205-com.kenshung.com/&ns_referrer=

Request Chain 20

https://de.ioam.de/tx.io?st=gmx&cp=89&sv=ke&sur=yes&sc=no&pt=CP&ps=lin&er=N22&rf=&ur=leonie.kenshung-ehost-services205-com.kenshung.com&xy=1600x1200x24&cb=8004&vr=415&id=b3ypd5&dntt=0&lt=1591274316424&ev=&cs=xgw3lu&mo=0 HTTP 302
https://de.ioam.de/tx.io?st=gmx&cp=89&sv=ke&sur=yes&sc=no&pt=CP&ps=lin&er=N22&rf=&ur=leonie.kenshung-ehost-services205-com.kenshung.com&xy=1600x1200x24&cb=8004&vr=415&id=b3ypd5&dntt=0&lt=1591274316424&ev=&cs=xgw3lu&mo=0&sr=71 HTTP 302
https://de.ioam.de/blank.gif

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response leonie.kenshung-ehost-services205-com.kenshung.com/	9 KB 3 KB	1239ms 284ms	Document text/html	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Full URL http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `8f616591597836bda54953558e846033f15579a6b9499e917e20facc7ba29d9a` Request headers Host leonie.kenshung-ehost-services205-com.kenshung.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 12:38:35 GMT Server Apache Upgrade h2,h2c Connection Upgrade, Keep-Alive Last-Modified Wed, 05 Feb 2020 13:27:58 GMT Accept-Ranges bytes Cache-Control max-age=600 Expires Thu, 04 Jun 2020 12:48:35 GMT Vary Accept-Encoding Content-Encoding gzip Content-Length 3095 Keep-Alive timeout=5, max=500 Content-Type text/html
GET H2	200	base.css js.ui-portal.de/ci/gmx/global/20180208/	145 KB 22 KB	193ms 65ms	Stylesheet text/css	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/base.css Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `9c84d35ec71a99f16ce60bfa2977e5ce025e31143fad8736bca43ceb651cffc5` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 13:02:05 GMT server Apache etag "24431-58c4dc4c84590" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=826 accept-ranges bytes x-robots-tag noindex content-length 22591
GET H2	200	adaptive.css js.ui-portal.de/ci/gmx/global/20180208/	45 KB 8 KB	225ms 97ms	Stylesheet text/css	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/adaptive.css Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `634e8eccad8d3201faf04e702d575aa23057f5f6ce499f25b1dca77f336ae1ef` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT content-encoding gzip last-modified Thu, 27 Jun 2019 13:25:12 GMT server Apache etag "b450-58c4e177895a3" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=1646 accept-ranges bytes x-robots-tag noindex content-length 7865
GET H2	200	base-adaptive.js Show response js.ui-portal.de/ci/gmx/global/20180208/	203 KB 63 KB	230ms 102ms	Script application/javascript	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js.ui-portal.de/ci/gmx/global/20180208/base-adaptive.js Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `987951c68e0c376b1b3751afb182729c272b2f77b8beb8be436cd0b4d61c82d9` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT content-encoding gzip last-modified Fri, 07 Sep 2018 14:12:36 GMT server Apache etag "32b00-57548997b03f3" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=163 accept-ranges bytes x-robots-tag noindex content-length 64113
GET H/1.1	200 OK	internet_made_in_germany.png leonie.kenshung-ehost-services205-com.kenshung.com/a/	4 KB 4 KB	157ms 156ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL http://leonie.kenshung-ehost-services205-com.kenshung.com/a/internet_made_in_germany.png Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `f47999ceb30f952debf5e9aa5f6a86f881da6cb7c4fafca57fce00d18c1f511d` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 12:38:36 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 11:57:42 GMT Server Apache Vary Accept-Encoding Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=499 Content-Length 3819 Expires Sat, 04 Jul 2020 12:38:36 GMT
GET H/1.1	200 OK	EmiG.png leonie.kenshung-ehost-services205-com.kenshung.com/a/	4 KB 5 KB	315ms 286ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL http://leonie.kenshung-ehost-services205-com.kenshung.com/a/EmiG.png Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `c7cf6e45fc63c15df0adc9ac96cd0d503a3ac6d1ce9d89192855e3b623dec2ba` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 12:38:36 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 11:57:42 GMT Server Apache Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=2592000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=500 Content-Length 4391 Expires Sat, 04 Jul 2020 12:38:36 GMT
GET H/1.1	200 OK	cloud_made_in_germany.png leonie.kenshung-ehost-services205-com.kenshung.com/a/	3 KB 4 KB	323ms 294ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL http://leonie.kenshung-ehost-services205-com.kenshung.com/a/cloud_made_in_germany.png Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `e6782181125e9be5ed53e2d937890999a1d39c50d34127af5bb1b7adf30fa313` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 12:38:36 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 11:57:42 GMT Server Apache Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=2592000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=500 Content-Length 3377 Expires Sat, 04 Jul 2020 12:38:36 GMT
GET H/1.1	200 OK	unicef.png leonie.kenshung-ehost-services205-com.kenshung.com/a/	5 KB 5 KB	308ms 279ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL http://leonie.kenshung-ehost-services205-com.kenshung.com/a/unicef.png Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `5db6c1e738317112c38990d5f2586dc1c547bc140798e65b898457bbb6422904` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 12:38:36 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 11:57:42 GMT Server Apache Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=2592000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=500 Content-Length 5081 Expires Sat, 04 Jul 2020 12:38:36 GMT
GET H/1.1	200 OK	de-mail.png leonie.kenshung-ehost-services205-com.kenshung.com/a/	4 KB 4 KB	319ms 291ms	Image image/png	50.28.1.43 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL http://leonie.kenshung-ehost-services205-com.kenshung.com/a/de-mail.png Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 50.28.1.43 Lansing, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS salmon.exacthosting.com Software Apache / Resource Hash `f6d18f1a0126027cf6dbcde0b163fc06d8eeeff86569fb1e08a29037acfb0576` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 12:38:36 GMT Content-Encoding gzip Last-Modified Fri, 24 Jan 2020 11:57:42 GMT Server Apache Vary Accept-Encoding Upgrade h2,h2c Cache-Control max-age=2592000 Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=500 Content-Length 3693 Expires Sat, 04 Jul 2020 12:38:36 GMT
GET H/1.1	200 OK	1346.js Show response uim.tifbs.net/js/	28 KB 10 KB	240ms 52ms	Script application/javascript	195.20.250.111 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Full URL https://uim.tifbs.net/js/1346.js Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 195.20.250.111 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS uim-bs.tifbs.net Software Apache / Resource Hash `b6b36b5f64cb3b72ea1d88e669c071def340bbf4bb2aa060055d10216a632514` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 12:38:36 GMT Content-Encoding gzip Last-Modified Thu, 02 Apr 2020 06:35:14 GMT Server Apache ETag "700e-5a24900d7ac80-gzip" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=86400, public Connection close Accept-Ranges bytes Content-Length 9688
GET H2	200	logoCI2018_de.png img.ui-portal.de/ci/gmx/global/	3 KB 3 KB	64ms 61ms	Image image/png	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/logoCI2018_de.png Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `0b546c8297848467d2a26d1f48a00fa3691f2b65edebc4e220b312718e07b46f` Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT last-modified Sun, 21 Jan 2018 14:09:40 GMT server Apache etag "c7d-56349dd51c0bf" content-type image/png status 200 cache-control public, max-age=1044 accept-ranges bytes x-robots-tag noindex content-length 3197
GET H2	200	header_home_icon_24_hellgrau.svg img.ui-portal.de/ci/gmx/global/nav/	1018 B 774 B	66ms 63ms	Image image/svg+xml	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/nav/header_home_icon_24_hellgrau.svg Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `19ff286b0fc42c787e805701d2a39a3be91361e9b53e804ba458724464d35652` Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT content-encoding gzip last-modified Fri, 26 Jan 2018 13:42:00 GMT server Apache status 200 etag "3fa-563ae0f94d224" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=273 accept-ranges bytes x-robots-tag noindex content-length 582
GET H2	200	breadcrumb.gif img.ui-portal.de/ci/gmx/global/icon/	49 B 375 B	65ms 63ms	Image image/gif	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/icon/breadcrumb.gif Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `1b9fec2191fc270b09bd76974d73e73ed5a2ad12717e0dc9c7099f8089c4c431` Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-im-lunatoken ui-https-166990 last-modified Fri, 15 Nov 2013 10:25:39 GMT server Apache etag "31-4eb349ea0aec0" x-im2g-akamai-auth-data salt=4403660608638223199 parse=1 adapted=1 x-im-original-width 6 status 200 x-im2g-akamai-auth-sign x0iX2gtfiODUtX3sLifeRYo4CxXr1qdUxFIwE+7KlZg= cache-control public, max-age=106 x-im-original-size 49 x-im-encoding-quality 100 content-type image/gif content-length 49 date Thu, 04 Jun 2020 12:38:36 GMT
GET H2	200	l-hero_desktop_1000x496.jpg img.ui-portal.de/cms/gmx/produkte/grusskarten/	27 KB 28 KB	84ms 82ms	Image image/jpeg	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/cms/gmx/produkte/grusskarten/l-hero_desktop_1000x496.jpg Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `bd77bf22bb45184e0bc86eac9100d0e1dbaa8cf7c4e0c4fa94819408249bf80a` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT last-modified Thu, 18 Dec 2014 08:32:04 GMT server Apache etag "6d58-50a796d434900" content-type image/jpeg status 200 cache-control public, max-age=1630 accept-ranges bytes x-robots-tag noindex content-length 27992
GET H2	200	l-hero_tablet_620x376.jpg img.ui-portal.de/cms/gmx/produkte/grusskarten/	44 KB 45 KB	163ms 160ms	Image image/jpeg	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/cms/gmx/produkte/grusskarten/l-hero_tablet_620x376.jpg Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `a0595248b03f65c5ecb5ee9b3f44b1ef394fc5b977cd6ea7151abc1f647d8ae7` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT last-modified Fri, 18 May 2018 08:49:25 GMT server Apache etag "b1f8-56c77076e3dfb" content-type image/jpeg status 200 cache-control public, max-age=1800 accept-ranges bytes x-robots-tag noindex content-length 45560
GET H2	200	l-hero_smartphone_300x318.jpg img.ui-portal.de/cms/gmx/produkte/grusskarten/	12 KB 12 KB	86ms 83ms	Image image/jpeg	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/cms/gmx/produkte/grusskarten/l-hero_smartphone_300x318.jpg Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `7cbaccfa0b46ab191fec047655473d318f49bb17361d28329bcca35c31535d2e` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT last-modified Thu, 18 Dec 2014 08:32:04 GMT server Apache etag "310c-50a796d434900" content-type image/jpeg status 200 cache-control public, max-age=1276 accept-ranges bytes x-robots-tag noindex content-length 12556
GET H2	200	hint_16x16.png img.ui-portal.de/ci/gmx/global/icon/	974 B 1 KB	64ms 63ms	Image image/png	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.ui-portal.de/ci/gmx/global/icon/hint_16x16.png Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `d5eb5d3724dc0762e05678e16c2a1c893e8f1cee6076ca191914573be5ac3695` Request headers Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 04 Jun 2020 12:38:36 GMT last-modified Wed, 25 Sep 2013 14:11:37 GMT server Apache etag "3ce-4e735d4d73840" content-type image/png status 200 cache-control public, max-age=1198 accept-ranges bytes x-robots-tag noindex content-length 974
GET H2	200	RobotoCondensed-Regular-webfont.woff img.ui-portal.de/ci/gmx/global/fonts/roboto/	25 KB 25 KB	201ms 68ms	Font application/font-woff	72.247.224.236 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://img.ui-portal.de/ci/gmx/global/fonts/roboto/RobotoCondensed-Regular-webfont.woff Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 72.247.224.236 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-224-236.deploy.static.akamaitechnologies.com Software Apache / Resource Hash `7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://js.ui-portal.de/ci/gmx/global/20180208/base.css Origin http://leonie.kenshung-ehost-services205-com.kenshung.com Response headers date Thu, 04 Jun 2020 12:38:36 GMT last-modified Thu, 27 Feb 2014 04:45:48 GMT server Apache etag "62b4-4f35bfeb9b700" status 200 content-type application/font-woff access-control-allow-origin * cache-control public, max-age=1402177 accept-ranges bytes x-robots-tag noindex content-length 25268
GET H/1.1	200 OK	s wa.ui-portal.de/gmx/gmx/ Redirect Chain http://wa.ui-portal.de/gmx/gmx/s?produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591274316295&ns_... http://wa.ui-portal.de/gmx/gmx/s?_wa=9121e5fc9333fade5a6b5c31a88205c0&produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&o...	43 B 383 B	47ms 47ms	Image image/gif	82.165.229.54 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Show image Full URL http://wa.ui-portal.de/gmx/gmx/s?_wa=9121e5fc9333fade5a6b5c31a88205c0&produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591274316295&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=http%3A//leonie.kenshung-ehost-services205-com.kenshung.com/&ns_referrer= Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 82.165.229.54 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS wa.ui-portal.de Software Apache / Resource Hash `afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 04 Jun 2020 12:38:36 GMT Server Apache P3P CP="this is not a p3p policy" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Accept-Ranges bytes Content-Type image/gif Keep-Alive timeout=3, max=99 Content-Length 43 Expires Wed, 11 Jan 1984 05:00:00 GMT Redirect headers Pragma no-cache Date Thu, 04 Jun 2020 12:38:36 GMT Server Apache P3P CP="this is not a p3p policy" Location http://wa.ui-portal.de/gmx/gmx/s?_wa=9121e5fc9333fade5a6b5c31a88205c0&produkte.grusskarten.pi.index.index&op_err=none&op_pr=grusskarten&op_pt=gmx&op_ct=landingpage&op_ln=0&op_ul=0&ac=none&mc=none&op_var=default&ns__t=1591274316295&ns_c=UTF-8&ns_ti=Gru%DFkarten%20von%20GMX&ns_jspageurl=http%3A//leonie.kenshung-ehost-services205-com.kenshung.com/&ns_referrer= Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Content-Type text/html; charset=iso-8859-1 Keep-Alive timeout=3, max=100 Content-Length 603 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200	/ t.uimserv.net/traffic_p/	42 B 757 B	117ms 74ms	Image image/gif	195.20.250.183 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Show image Full URL http://t.uimserv.net/traffic_p/?md=gmx&et=CP&agof=89&sc=produkte/grusskarten/index&brand=gmx&region=de&dclass=desktop&tif=1346&d=73723&r= Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 195.20.250.183 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS t-bs.uimserv.net Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 04 Jun 2020 12:38:36 GMT Content-Type image/gif Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers P3P policyref="http://adimg.uimserv.net/UIM/netgravity/p3p/p3p.xml", CP="NON DSP NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP BUS UNI COM NAV INT" Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive TS-UUID 6d9158aa-dbe5-4763-8893-3547d86136e4 Keep-Alive timeout=60 Content-Length 42 Expires Wed, 20 Oct 2010 20:10:20 GMT
GET H/1.1	200	/ t.uimserv.net/drp_p/	42 B 758 B	116ms 74ms	Image image/gif	195.20.250.183 ONEANDONE-AS Brau...
General Check archive.org Show headers Download Go to Show image Full URL http://t.uimserv.net/drp_p/?md=uid&et=AP&site=gmx&region=de&sc=produkte/grusskarten/index&tif=1346&d=92258 Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Server 195.20.250.183 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE), Reverse DNS t-bs.uimserv.net Software / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 04 Jun 2020 12:38:36 GMT Content-Type image/gif Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers P3P policyref="http://adimg.uimserv.net/UIM/netgravity/p3p/p3p.xml", CP="NON DSP NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP BUS UNI COM NAV INT" Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection keep-alive TS-UUID 126cc35b-ba4f-47a5-947d-478779a44a91 Keep-Alive timeout=60 Content-Length 42 Expires Wed, 20 Oct 2010 20:10:20 GMT
GET H/1.1	200 OK	blank.gif de.ioam.de/ Redirect Chain https://de.ioam.de/tx.io?st=gmx&cp=89&sv=ke&sur=yes&sc=no&pt=CP&ps=lin&er=N22&rf=&ur=leonie.kenshung-ehost-services205-com.kenshung.com&xy=1600x1200x24&cb=8004&vr=415&id=b3ypd5&dntt=0&lt=1591274316... https://de.ioam.de/tx.io?st=gmx&cp=89&sv=ke&sur=yes&sc=no&pt=CP&ps=lin&er=N22&rf=&ur=leonie.kenshung-ehost-services205-com.kenshung.com&xy=1600x1200x24&cb=8004&vr=415&id=b3ypd5&dntt=0&lt=1591274316... https://de.ioam.de/blank.gif	43 B 651 B	51ms 50ms	Image image/gif	91.215.103.65 INFONLINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://de.ioam.de/blank.gif Requested by Host: leonie.kenshung-ehost-services205-com.kenshung.com URL: http://leonie.kenshung-ehost-services205-com.kenshung.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 91.215.103.65 , Germany, ASN43407 (INFONLINE-AS, NL), Reverse DNS de3.ioam.de Software nginx / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer http://leonie.kenshung-ehost-services205-com.kenshung.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 04 Jun 2020 12:38:36 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS P3P policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV Access-Control-Allow-Origin * Cache-Control max-age=86400 Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies Content-Length 43 Expires Fri, 05 Jun 2020 12:38:36 GMT Redirect headers Date Thu, 04 Jun 2020 12:38:36 GMT Access-Control-Allow-Origin * X-Powered-By BLACKBIRD-RCV v1.06.2 0026 Transfer-Encoding chunked P3P policyref=https://script.ioam.de/p3p.xml, CP=NOI DSP NID PSAa OUR NOR UNI COM NAV Connection keep-alive Pragma no-cache Last-Modified Thu, 04 Jun 2020 12:38:36 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html Location /blank.gif Cache-Control no-store, no-cache, must-revalidate Access-Control-Allow-Credentials true Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookies Expires Tue, 04 Jun 2019 12:38:36 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: GMX (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

de.ioam.de
img.ui-portal.de
js.ui-portal.de
leonie.kenshung-ehost-services205-com.kenshung.com
t.uimserv.net
uim.tifbs.net
wa.ui-portal.de
195.20.250.111
195.20.250.183
50.28.1.43
72.247.224.236
82.165.229.54
91.215.103.65
0b546c8297848467d2a26d1f48a00fa3691f2b65edebc4e220b312718e07b46f
19ff286b0fc42c787e805701d2a39a3be91361e9b53e804ba458724464d35652
1b9fec2191fc270b09bd76974d73e73ed5a2ad12717e0dc9c7099f8089c4c431
5db6c1e738317112c38990d5f2586dc1c547bc140798e65b898457bbb6422904
634e8eccad8d3201faf04e702d575aa23057f5f6ce499f25b1dca77f336ae1ef
7cbaccfa0b46ab191fec047655473d318f49bb17361d28329bcca35c31535d2e
7ec51beb961db2999fe41a96a3212edc51d9aeeec5c9d374e39c7313d183d8a6
8f616591597836bda54953558e846033f15579a6b9499e917e20facc7ba29d9a
987951c68e0c376b1b3751afb182729c272b2f77b8beb8be436cd0b4d61c82d9
9c84d35ec71a99f16ce60bfa2977e5ce025e31143fad8736bca43ceb651cffc5
a0595248b03f65c5ecb5ee9b3f44b1ef394fc5b977cd6ea7151abc1f647d8ae7
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b6b36b5f64cb3b72ea1d88e669c071def340bbf4bb2aa060055d10216a632514
bd77bf22bb45184e0bc86eac9100d0e1dbaa8cf7c4e0c4fa94819408249bf80a
c7cf6e45fc63c15df0adc9ac96cd0d503a3ac6d1ce9d89192855e3b623dec2ba
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5eb5d3724dc0762e05678e16c2a1c893e8f1cee6076ca191914573be5ac3695
e6782181125e9be5ed53e2d937890999a1d39c50d34127af5bb1b7adf30fa313
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47999ceb30f952debf5e9aa5f6a86f881da6cb7c4fafca57fce00d18c1f511d
f6d18f1a0126027cf6dbcde0b163fc06d8eeeff86569fb1e08a29037acfb0576

leonie.kenshung-ehost-services205-com.kenshung.com Open in urlscan Pro 50.28.1.43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

59 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

246 kBTransfer

564 kBSize

0 Cookies

14 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

0 Cookies

Indicators

leonie.kenshung-ehost-services205-com.kenshung.com Open in urlscan Pro
50.28.1.43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

59 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

246 kB
Transfer

564 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!