miles-and-more-kartenabrechnug.com Open in urlscan Pro
79.110.49.57 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://miles-and-more-kartenabrechnug.com/
Effective URL:
https://miles-and-more-kartenabrechnug.com/auth/xN9dG1/login.php?id=23544232
Submission: On May 31 via manual (May 31st 2023, 3:27:05 pm UTC) from IT — Scanned from IT

Summary HTTP 24 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 79.110.49.57, located in Reston, United States and belongs to . The main domain is miles-and-more-kartenabrechnug.com.
TLS certificate: Issued by R3 on May 27th 2023. Valid for: 3 months.

This is the only time miles-and-more-kartenabrechnug.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lufthansa (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
3 9	79.110.49.57 79.110.49.57	46308 () ()
6	2a02:cb40:200... 2a02:cb40:200::f0	20546 (SOPRADO-ANY) (SOPRADO-ANY)
8	192.229.233.55 192.229.233.55	15133 (EDGECAST) (EDGECAST)
1	185.54.150.22 185.54.150.22	60164 (WEBTREKK-AS) (WEBTREKK-AS)
1	13.38.148.106 13.38.148.106	16509 (AMAZON-02) (AMAZON-02)
2	15.236.61.3 15.236.61.3	16509 (AMAZON-02) (AMAZON-02)
24	7

9 79.110.49.57 (Reston, United States) 3 redirects

ASN46308 ()

miles-and-more-kartenabrechnug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:cb40:200::f0 (Germany)

ASN20546 (SOPRADO-ANY, DE)

www.miles-and-more.kartenabrechnung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.229.233.55 (Granada Hills, United States)

ASN15133 (EDGECAST, US)

cdn.tagcommander.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.trustcommander.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.54.150.22 (Germany)

ASN60164 (WEBTREKK-AS, DE)

responder.wt-safetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.38.148.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-38-148-106.eu-west-3.compute.amazonaws.com

mmg.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.61.3 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-61-3.eu-west-3.compute.amazonaws.com

privacy.trustcommander.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	trustcommander.net cdn.trustcommander.net — Cisco Umbrella Rank: 30086 privacy.trustcommander.net — Cisco Umbrella Rank: 40601	723 KB
9	miles-and-more-kartenabrechnug.com 3 redirects miles-and-more-kartenabrechnug.com	38 KB
6	kartenabrechnung.de www.miles-and-more.kartenabrechnung.de	100 KB
1	commander1.com mmg.commander1.com	670 B
1	wt-safetag.com responder.wt-safetag.com — Cisco Umbrella Rank: 41675	230 B
1	tagcommander.com cdn.tagcommander.com — Cisco Umbrella Rank: 12068	23 KB
24	6

	Domain	Requested by
9	miles-and-more-kartenabrechnug.com	3 redirects miles-and-more-kartenabrechnug.com
7	cdn.trustcommander.net	cdn.tagcommander.com cdn.trustcommander.net
6	www.miles-and-more.kartenabrechnung.de	miles-and-more-kartenabrechnug.com
2	privacy.trustcommander.net	cdn.trustcommander.net
1	mmg.commander1.com	miles-and-more-kartenabrechnug.com
1	responder.wt-safetag.com	cdn.tagcommander.com
1	cdn.tagcommander.com	miles-and-more-kartenabrechnug.com
24	7

This site contains links to these domains. Also see Links.

Domain
www.miles-and-more.kartenabrechnung.de
www.miles-and-more-kreditkarte.com
www.miles-and-more.com
www.lesershop24.de
sammeln.miles-medien.de

Subject Issuer	Validity	Valid
miles-and-more-kartenabrechnug.com R3	`2023-05-27` - `2023-08-25`	3 months	crt.sh
www.kartenabrechnung.de DKB CA 1O1	`2022-07-11` - `2023-07-11`	a year	crt.sh
cdn.tagcommander.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-23` - `2024-04-22`	a year	crt.sh
*.wt-safetag.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-01` - `2023-08-17`	10 months	crt.sh
*.commander1.com Thawte RSA CA 2018	`2022-08-18` - `2023-09-18`	a year	crt.sh
*.trustcommander.net Thawte RSA CA 2018	`2023-02-09` - `2024-03-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://miles-and-more-kartenabrechnug.com/auth/xN9dG1/login.php?id=23544232
Frame ID: 9BB6E6868D57EF14429822E53698CD78
Requests: 19 HTTP requests in this frame

Frame: https://cdn.trustcommander.net/privacy-center/default/modern/index.html
Frame ID: CA6B593411E3BCBEA8E162471560D7DB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Miles & More Online-Kartenkonto

Page URL History Show full URLs

http://miles-and-more-kartenabrechnug.com/ HTTP 301
https://miles-and-more-kartenabrechnug.com/ HTTP 302
https://miles-and-more-kartenabrechnug.com/auth/?pwd=miles HTTP 302
https://miles-and-more-kartenabrechnug.com/auth/xN9dG1/login.php?id=23544232 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

TagCommander (Tag managers) Expand

Overall confidence: 100%
Detected patterns

\.tagcommander\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

933 kB
Transfer

3109 kB
Size

9
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.miles-and-more.kartenabrechnung.de/mam/Home/login.xhtml?$event=login
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://www.miles-and-more.kartenabrechnung.de/mam/Welcome/content/new-banking-redirect.xhtml?$event=newBanking
Title: Beta-Version neues Online-Kartenkonto

Search URL Search Domain Scan URL

URL: https://www.miles-and-more.kartenabrechnung.de/mam/Welcome/content/LoginDataForgot.xhtml?$event=%24pageflow-start
Title: Sie haben Ihre Zugangsdaten vergessen oder Ihr Zugang ist gesperrt?

Search URL Search Domain Scan URL

URL: https://www.miles-and-more.kartenabrechnung.de/mam/Welcome/content/NoLoginData.xhtml?$event=%24pageflow-start
Title: Sie haben noch keine Zugangsdaten?

Search URL Search Domain Scan URL

URL: https://www.miles-and-more-kreditkarte.com/kartenkonto-anmeldung
Title: So nutzen Sie Ihre Zugangsdaten für die Anmeldung

Search URL Search Domain Scan URL

URL: https://www.miles-and-more.com/de/de/earn/shopping/shopping-platform.html?l=de&cat1=--T117120--Shop--Shopname--loccitane
Title: Miles & More Online Shopping 11-fache Meilen auf Kosmetik aus der Provence

Search URL Search Domain Scan URL

URL: https://www.lesershop24.de/welt-am-sonntag/6-monate-10172517?utm_medium=Koop&utm_source=MM&utm_content=Web&utm_campaign=WAMS+MM+6+Mo+11.5k+Meilen+Mai+23
Title: WELT AM SONNTAG 11.500 Meilen für besten Qualitätsjournalismus

Search URL Search Domain Scan URL

URL: https://sammeln.miles-medien.de/aktion/?trlk24
Title: MEDIA-SHOP powered by CONNECTARE Sammeln Sie bis zu 8.800 Meilen für ein Jahresabo

Search URL Search Domain Scan URL

URL: https://www.miles-and-more-kreditkarte.com/service/online-kartenkonto/
Title: Online-Kartenkonto kurz erklärt

Search URL Search Domain Scan URL

URL: http://www.miles-and-more-kreditkarte.com/
Title: www.miles-and-more-kreditkarte.com

Search URL Search Domain Scan URL

URL: https://www.miles-and-more-kreditkarte.com/service/haeufige-fragen/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.miles-and-more-kreditkarte.com/service/haeufige-fragen/sicherheit/sicherheitsstandards.html
Title: Sicherheit

Search URL Search Domain Scan URL

URL: https://www.miles-and-more-kreditkarte.com/service/downloadcenter/
Title: Preise & Bedingungen

Search URL Search Domain Scan URL

URL: https://www.miles-and-more.kartenabrechnung.de/mam/Welcome/content/ContactForm.xhtml?$event=init
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.miles-and-more-kreditkarte.com/service/kontakt/online-kartenkonto.html
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.miles-and-more.kartenabrechnung.de/mam/cms/6298251/Datenschutz.html
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.miles-and-more.kartenabrechnung.de/mam/cms/6298257/Impressum.html
Title: Impressum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://miles-and-more-kartenabrechnug.com/ HTTP 301
https://miles-and-more-kartenabrechnug.com/ HTTP 302
https://miles-and-more-kartenabrechnug.com/auth/?pwd=miles HTTP 302
https://miles-and-more-kartenabrechnug.com/auth/xN9dG1/login.php?id=23544232 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login.php Show response
miles-and-more-kartenabrechnug.com/auth/xN9dG1/
Redirect Chain

http://miles-and-more-kartenabrechnug.com/
https://miles-and-more-kartenabrechnug.com/
https://miles-and-more-kartenabrechnug.com/auth/?pwd=miles
https://miles-and-more-kartenabrechnug.com/auth/xN9dG1/login.php?id=23544232

15 KB
5 KB

365ms
364ms

Document
text/html

79.110.49.57

General

Domain/Path	Expires	Name / Value
miles-and-more-kartenabrechnug.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4s6nekp283jg51oqlr2i4h0jg7
.miles-and-more-kartenabrechnug.com/	1970-01-20 20:58:02	Name: TCID Value: 12353152709034663358
.miles-and-more-kartenabrechnug.com/	1969-12-31 23:59:59	Name: TCSESSION Value: 123531527010436930941
.miles-and-more-kartenabrechnug.com/	1970-01-20 20:58:02	Name: tc_cj_v2 Value: %5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPROONPRLJOJLZZZ%5D
.miles-and-more-kartenabrechnug.com/	1970-01-20 20:58:02	Name: tc_cj_v2_cmp Value:
.miles-and-more-kartenabrechnug.com/	1970-01-20 20:58:02	Name: tc_cj_v2_med Value:
.miles-and-more-kartenabrechnug.com/	1970-01-20 12:55:38	Name: tCdebugLib Value: 1
.miles-and-more-kartenabrechnug.com/	1970-01-20 21:38:22	Name: TCPID Value: 12353152709865005096
.mmg.commander1.com/	1970-01-20 20:58:02	Name: tc_cj_v2 Value: %5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPROONPRLJJJJZZZ%5D

Source	Level	URL Text
network	error	URL: https://miles-and-more-kartenabrechnug.com/mam/cms/b/6305865/Login_Teaser_1.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://miles-and-more-kartenabrechnug.com/mam/cms/b/6305869/Login_Teaser_2.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://miles-and-more-kartenabrechnug.com/mam/cms/b/6305873/Login_Teaser_3.jpg Message: Failed to load resource: the server responded with a status of 404 ()

miles-and-more-kartenabrechnug.com Open in urlscan Pro 79.110.49.57 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

17 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

933 kBTransfer

3109 kBSize

9 Cookies

17 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

miles-and-more-kartenabrechnug.com Open in urlscan Pro
79.110.49.57 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

933 kB
Transfer

3109 kB
Size

9
Cookies

24 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!