www.kungpowdojo.com Open in urlscan Pro
192.185.15.158 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kungpowdojo.com/wetransfer/wetransfer/
Effective URL:
http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.12528...
Submission: On May 23 via api (May 23rd 2019, 7:03:32 am UTC) from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 192.185.15.158, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is www.kungpowdojo.com.

This is the only time www.kungpowdojo.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WeTransfer (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 15	192.185.15.158 192.185.15.158	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
2	13.35.253.113 13.35.253.113	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
16	2

15 192.185.15.158 (Houston, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 192-185-15-158.unifiedlayer.com

www.kungpowdojo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.113 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-113.fra6.r.cloudfront.net

cdn.wetransfer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	kungpowdojo.com 1 redirects www.kungpowdojo.com	399 KB
2	wetransfer.net cdn.wetransfer.net	2 KB
16	2

	Domain	Requested by
15	www.kungpowdojo.com	1 redirects www.kungpowdojo.com
2	cdn.wetransfer.net	www.kungpowdojo.com
16	2

This site contains no links.

Subject Issuer	Validity	Valid
wetransfer.net Amazon	`2018-08-28` - `2019-09-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: E02B222129D960BDD089906A2E034288
Requests: 14 HTTP requests in this frame

Frame: http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/saved_resource.html
Frame ID: E114061F86FF8CEB265A536A77DB902A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.kungpowdojo.com/wetransfer/wetransfer/ HTTP 302
http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.17... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

400 kB
Transfer

1113 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kungpowdojo.com/wetransfer/wetransfer/ HTTP 302
http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request xkoqt6d4v7kvdh8hiuvg5pjj.php Show response www.kungpowdojo.com/wetransfer/wetransfer/ Redirect Chain http://www.kungpowdojo.com/wetransfer/wetransfer/ http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&...	23 KB 8 KB	341ms 341ms	Document text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash `dee0c7d3cc917a5ae0bb5d3d4bff9086abad3fee8c051fe8f0a576078d9d3ab9` Request headers Host www.kungpowdojo.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Cookie PHPSESSID=5ec1659kfjoiov6rfnuut66475 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server nginx/1.14.1 Date Thu, 23 May 2019 07:03:15 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip Redirect headers Server nginx/1.14.1 Date Thu, 23 May 2019 07:03:14 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Set-Cookie PHPSESSID=5ec1659kfjoiov6rfnuut66475; path=/ Location xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1
GET H/1.1	200 OK	application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/	404 KB 64 KB	136ms 135ms	Stylesheet text/css	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash `c6a3ddb7226fa95ffe88edd21177658455501b6207991fda73ac178e7af80b92` Request headers Referer http://www.kungpowdojo.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 23 May 2019 07:03:15 GMT Content-Encoding gzip Last-Modified Sun, 11 Mar 2018 19:48:00 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	200 OK	plus-balls-3195e20157ba4a31c6e4b216faa1694248bb159a5dd0dbee848d369c5d0be152.png www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/	46 KB 46 KB	423ms 160ms	Image image/png	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/plus-balls-3195e20157ba4a31c6e4b216faa1694248bb159a5dd0dbee848d369c5d0be152.png Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash `3195e20157ba4a31c6e4b216faa1694248bb159a5dd0dbee848d369c5d0be152` Request headers Referer http://www.kungpowdojo.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 23 May 2019 07:03:16 GMT Last-Modified Mon, 05 Mar 2018 23:18:12 GMT Server nginx/1.14.1 Connection keep-alive Accept-Ranges bytes Content-Length 47362 Content-Type image/png
GET H/1.1	200 OK	saved_resource.html Show response www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/ Frame E114	27 KB 8 KB	378ms 137ms	Document text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/saved_resource.html Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash `25f4714f5f967a7e5c039b704b879d8a6d58359f0509e22b0e69dee76db1810d` Request headers Host www.kungpowdojo.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://www.kungpowdojo.com/ Accept-Encoding gzip, deflate Cookie PHPSESSID=5ec1659kfjoiov6rfnuut66475 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/ Response headers Server nginx/1.14.1 Date Thu, 23 May 2019 07:03:16 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Last-Modified Sun, 11 Mar 2018 04:24:16 GMT Content-Encoding gzip
GET H/1.1	404 Not Found	margo.jpg www.kungpowdojo.com/wetransfer/wetransfer/	12 KB 12 KB	379ms 138ms	Image text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL http://www.kungpowdojo.com/wetransfer/wetransfer/margo.jpg Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash `bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482` Request headers Referer http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 06:10:49 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/	404 KB 64 KB	143ms 142ms	Font text/css	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash `c6a3ddb7226fa95ffe88edd21177658455501b6207991fda73ac178e7af80b92` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Origin http://www.kungpowdojo.com Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Sun, 11 Mar 2018 19:48:00 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/css
GET H/1.1	404 Not Found	FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff www.kungpowdojo.com/assets/faktpro/	0 0	151ms 151ms	Font text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/assets/faktpro/FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Origin http://www.kungpowdojo.com Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 06:10:49 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	FreightSans-Pro-Medium-b238d791af67274dc5ab77119ae5df014e05523afe3ce1e7074dc22241668bd4.woff www.kungpowdojo.com/assets/freightsans/	0 0	138ms 137ms	Font text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/assets/freightsans/FreightSans-Pro-Medium-b238d791af67274dc5ab77119ae5df014e05523afe3ce1e7074dc22241668bd4.woff Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Origin http://www.kungpowdojo.com Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 06:10:49 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H2	200	valid-icon-16ba576d360c860ca353274417839b9bea72e99d0ce233f3a04a2a5769ac9bbf.svg cdn.wetransfer.net/assets/	215 B 555 B	61ms 7ms	Image image/svg+xml	13.35.253.113 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.wetransfer.net/assets/valid-icon-16ba576d360c860ca353274417839b9bea72e99d0ce233f3a04a2a5769ac9bbf.svg Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-113.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `16ba576d360c860ca353274417839b9bea72e99d0ce233f3a04a2a5769ac9bbf` Request headers Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 23 May 2019 07:01:52 GMT via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Thu, 07 Jun 2018 13:31:47 GMT server AmazonS3 age 85 etag "eb62f5b3af32775b062f3b34a89751fe" x-cache Hit from cloudfront content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 215 x-amz-cf-id WPXQXqiZvto4E1S11QnMGwKW1t-rNClOwRCY-7TaYCqtwPGCzotttw==
GET H2	200	globe-38209c8fb7d72a610b8354aebf269c82a0bcb7a03eeee94a4f64193e671db2b1.svg cdn.wetransfer.net/assets/	841 B 1 KB	62ms 8ms	Image image/svg+xml	13.35.253.113 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.wetransfer.net/assets/globe-38209c8fb7d72a610b8354aebf269c82a0bcb7a03eeee94a4f64193e671db2b1.svg Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.253.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-35-253-113.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `38209c8fb7d72a610b8354aebf269c82a0bcb7a03eeee94a4f64193e671db2b1` Request headers Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 23 May 2019 07:01:52 GMT via 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront) last-modified Mon, 05 Nov 2018 14:13:10 GMT server AmazonS3 age 85 etag "e8ffef2e96af9a1e327b5cfc3d3e1c6d" x-cache Hit from cloudfront content-type image/svg+xml status 200 cache-control public, max-age=31536000 accept-ranges bytes content-length 841 x-amz-cf-id OcehEVDjNpd-QT5YTHwzPnzvajtwJYTAaBOha6J0NB7IMCBiiTHOKQ==
GET H/1.1	404 Not Found	FreightSans-Pro-Semibold-3b1bcbffc5c91bbbdb3be9fc5d559acebc9c76ecf2c9f62837f0c46ccabbdcb1.woff www.kungpowdojo.com/assets/freightsans/	0 0	267ms 134ms	Font text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/assets/freightsans/FreightSans-Pro-Semibold-3b1bcbffc5c91bbbdb3be9fc5d559acebc9c76ecf2c9f62837f0c46ccabbdcb1.woff Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Origin http://www.kungpowdojo.com Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 06:10:49 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	200 OK	klaukre5gl_1680x1050.jpg www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/ Frame E114	196 KB 196 KB	185ms 134ms	Image image/jpeg	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Show image Full URL http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/klaukre5gl_1680x1050.jpg Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/saved_resource.html Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash `8f73e6fc608415822ffdb1f5b1b16d20746a8eba41cb52c2bcbe531c3b5900d5` Request headers Referer http://www.kungpowdojo.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 23 May 2019 07:03:16 GMT Last-Modified Sun, 11 Mar 2018 04:24:16 GMT Server nginx/1.14.1 Connection keep-alive Accept-Ranges bytes Content-Length 200723 Content-Type image/jpeg
GET H/1.1	404 Not Found	FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff www.kungpowdojo.com/assets/faktpro/	0 0	136ms 136ms	Font text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/assets/faktpro/FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Origin http://www.kungpowdojo.com Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 06:10:49 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	f www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/	0 0	138ms 137ms	Font text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/f Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Origin http://www.kungpowdojo.com Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 06:10:49 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff www.kungpowdojo.com/assets/faktpro/	0 0	137ms 136ms	Font text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/assets/faktpro/FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Origin http://www.kungpowdojo.com Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 06:10:49 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html
GET H/1.1	404 Not Found	FaktGrkWeb-Medium-8eb863415ca103c7f90b369e54e6be4786c90c30a06ce32f3dca803206bf74dd.woff www.kungpowdojo.com/assets/faktpro/	0 0	149ms 148ms	Font text/html	192.185.15.158 Unified Layer
General Check archive.org Show headers Download Go to Full URL http://www.kungpowdojo.com/assets/faktpro/FaktGrkWeb-Medium-8eb863415ca103c7f90b369e54e6be4786c90c30a06ce32f3dca803206bf74dd.woff Requested by Host: www.kungpowdojo.com URL: http://www.kungpowdojo.com/wetransfer/wetransfer/xkoqt6d4v7kvdh8hiuvg5pjj.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&loginpage=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Protocol HTTP/1.1 Server 192.185.15.158 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US), Reverse DNS 192-185-15-158.unifiedlayer.com Software nginx/1.14.1 / Resource Hash Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://www.kungpowdojo.com/wetransfer/wetransfer/WeTransfer_files/application-0fdbe3134c6b8157397b96c2bb5ceb86ae1a0c6bfa5078d27d67348f1343a69f.css Origin http://www.kungpowdojo.com Response headers Date Thu, 23 May 2019 07:03:16 GMT Content-Encoding gzip Last-Modified Tue, 23 Apr 2019 06:10:49 GMT Server nginx/1.14.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WeTransfer (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.kungpowdojo.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5ec1659kfjoiov6rfnuut66475

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.wetransfer.net
www.kungpowdojo.com
13.35.253.113
192.185.15.158
16ba576d360c860ca353274417839b9bea72e99d0ce233f3a04a2a5769ac9bbf
25f4714f5f967a7e5c039b704b879d8a6d58359f0509e22b0e69dee76db1810d
3195e20157ba4a31c6e4b216faa1694248bb159a5dd0dbee848d369c5d0be152
38209c8fb7d72a610b8354aebf269c82a0bcb7a03eeee94a4f64193e671db2b1
8f73e6fc608415822ffdb1f5b1b16d20746a8eba41cb52c2bcbe531c3b5900d5
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
c6a3ddb7226fa95ffe88edd21177658455501b6207991fda73ac178e7af80b92
dee0c7d3cc917a5ae0bb5d3d4bff9086abad3fee8c051fe8f0a576078d9d3ab9

www.kungpowdojo.com Open in urlscan Pro 192.185.15.158 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

13 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

400 kBTransfer

1113 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

Indicators

www.kungpowdojo.com Open in urlscan Pro
192.185.15.158 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

400 kB
Transfer

1113 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!