heilpraktikerin-edhofer.de Open in urlscan Pro
2a01:488:42:1000:50ed:8508:ffba:9028 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://heilpraktikerin-edhofer.de/wp-includes/pomo/enquiry/acessnet/logon/enquirynetwork.php
Submission: On February 28 via automatic, source phishtank (February 28th 2017, 5:22:00 pm UTC)

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 34 HTTP transactions. The main IP is 2a01:488:42:1000:50ed:8508:ffba:9028, located in Germany and belongs to . The main domain is heilpraktikerin-edhofer.de.

This is the only time heilpraktikerin-edhofer.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online) AOL (Online)

Domain & IP information

	IP Address	AS Autonomous System
26	2a01:488:42:1... 2a01:488:42:1000:50ed:8508:ffba:9028	() ()
1	2a00:1450:400... 2a00:1450:400f:807::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2400:cb00:204... 2400:cb00:2048:1::6819:e1f	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	195.29.89.22 195.29.89.22	5391 (T-HT Croa...) (T-HT Croatian Telecom Inc.)
1	2a00:1288:84:... 2a00:1288:84:800::1002	203219 (YAHOO-AMA ) (YAHOO-AMA )
1	2a00:1450:400... 2a00:1450:400f:808::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:400f:808::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:401... 2a00:1450:401b:801::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
34	8

26 2a01:488:42:1000:50ed:8508:ffba:9028 (Germany)

ASN- ()

heilpraktikerin-edhofer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:807::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6819:e1f (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

codepen.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.29.89.22 (Zagreb, Croatia)

ASN5391 (T-HT Croatian Telecom Inc., HR)
PTR: ssw.orbis.hr

webmail.adria-trade.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:84:800::1002 (United Kingdom)

ASN203219 (YAHOO-AMA , NL)

s1.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:808::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:808::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:801::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	heilpraktikerin-edhofer.de heilpraktikerin-edhofer.de	1 MB
2	codepen.io codepen.io
1	google.co.za www.google.co.za	99 B
1	gstatic.com www.gstatic.com	2 KB
1	google.com www.google.com	12 KB
1	yimg.com s1.yimg.com	3 KB
1	adria-trade.co.jp webmail.adria-trade.co.jp	5 KB
1	googleapis.com ajax.googleapis.com	33 KB
34	8

	Domain	Requested by
26	heilpraktikerin-edhofer.de	heilpraktikerin-edhofer.de ajax.googleapis.com
2	codepen.io	heilpraktikerin-edhofer.de
1	www.google.co.za
1	www.gstatic.com	heilpraktikerin-edhofer.de
1	www.google.com	heilpraktikerin-edhofer.de
1	s1.yimg.com	heilpraktikerin-edhofer.de
1	webmail.adria-trade.co.jp	heilpraktikerin-edhofer.de
1	ajax.googleapis.com	heilpraktikerin-edhofer.de
34	8

This site contains no links.

Subject Issuer	Validity	Valid
*.yimg.com Symantec Class 3 Secure Server CA - G4	`2015-08-28` - `2017-08-27`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://heilpraktikerin-edhofer.de/wp-includes/pomo/enquiry/acessnet/logon/enquirynetwork.php
Frame ID: 2535.1
Requests: 33 HTTP requests in this frame

Frame: http://heilpraktikerin-edhofer.de/wp-includes/pomo/enquiry/acessnet/logon/images/BB6p1NN.jpg
Frame ID: 2535.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

34
Requests

3 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

5
Countries

1245 kB
Transfer

1342 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request enquirynetwork.php Show response
heilpraktikerin-edhofer.de/wp-includes/pomo/enquiry/acessnet/logon/ 22 KB
22 KB 64ms
32ms Document
text/html 2a01:488:42:1000:50ed:8508:ffba:9028

General

heilpraktikerin-edhofer.de Open in urlscan Pro 2a01:488:42:1000:50ed:8508:ffba:9028 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

34 Requests

3 %HTTPS

88 %IPv6

8 Domains

8 Subdomains

8 IPs

5 Countries

1245 kBTransfer

1342 kBSize

0 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

heilpraktikerin-edhofer.de Open in urlscan Pro
2a01:488:42:1000:50ed:8508:ffba:9028 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

3 %
HTTPS

88 %
IPv6

8
Domains

8
Subdomains

8
IPs

5
Countries

1245 kB
Transfer

1342 kB
Size

0
Cookies

34 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!