6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app Open in urlscan Pro
2604:1380:4601:6204:5000:33ff:fede:ad31  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Page URL
2. https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ auth1and1ionoswebappsuite.uc.r.appspot.com/	533 B 767 B	590ms 543ms	Document text/html	2a00:1450:4001:82f::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-length 360 content-type text/html date Thu, 03 Nov 2022 17:51:20 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Google Frontend vary Accept-Encoding x-cloud-trace-context caf17a34826d5c08c3fde849d42fefdf;o=1
GET H2	200	Primary Request / Show response 6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/	83 KB 37 KB	679ms 383ms	Document text/html	2604:1380:4601:6204:5000:33ff:fede:ad31 PACKET
General Check archive.org Show headers Download Go to Full URL https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:6204:5000:33ff:fede:ad31 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software nginx/1.21.3 / Resource Hash ab554367bf3763fa7e2fd2b7b07ec5b58cf00423cac9c3ddc24018b19d36a6d1 Request headers Referer https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-None-Match,If-Modified-Since,Cache-Control,Content-Type,Range,Cookie access-control-allow-methods HEAD, GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers Accept-Ranges,Content-Length,Content-Range access-control-max-age 600 content-encoding gzip content-type text/html date Thu, 03 Nov 2022 17:51:21 GMT ic-certificate certificate=:2dn3o2R0cmVlgwGDAYMBgwJIY2FuaXN0ZXKDAYIEWCDhTbgsa2AmAiZBKt7myZkpvkw2FWdU83CuLQ0VMqJDq4MBggRYIPL/0/OyQwAE7NpjMmJ4Q+Pivf/GiuGRrISuHiJP9jvPgwGCBFggodAfRMN62ntRybu6AWcUNqFKyuM96VoXy+QjQ+grdQmDAYMBggRYINzHJMK26fG7U+NZoQVkDScMhvW0BBrSdsAV18P2YXMegwGCBFgghilSxCdTcCq9EB3bhExNtgtyXThr6Kky61Jf3ZSjruiDAYIEWCDrwZAOtalTo2NI84uACXhjlK+jaeS/09ZXKcf9WEDpA4MBggRYIEGWnVi6/lpIzk/OfDqSZdAM5DIwoUNOBnrSrtQpzLr1gwGCBFggaQYHeWla69ZSKsCaR6Rboy67mnDWOkfoyS+trzlrPNuDAYIEWCBL2+4T44ZVJbjSE7ObXZ7eSfEyqJvfajX+zLmDV7JzK4MCSgAAAAAAcCHJAQGDAYMBgwGDAk5jZXJ0aWZpZWRfZGF0YYIDWCBWHpY2Yhx4juVwATgnuX93LSM3yzUk+73t0ZrefI3YwYIEWCCDxWvxTd49KN5mxpK1/J2X6d2YW2rXKw/m+E6KjfPcsoIEWCDwR+afFan49YUZxxXt4HwemJ8JLbvnr6DAhdVycBwokoIEWCBfluH1JoY1y6BRnQM7d2SdXvBwEokOw/974mWzLAIaMIIEWCBnZaWdY/JpxvNiWEnLthHO5Y2LgfTB6EYgr/ILzHWknoIEWCDCTdwTZ/PWGBH6O/gB8k/+L3dYtZfY1j7isEmgwrU4ToIEWCB0fg63yGwNvk4+ALIHVWrvpF82SoxP110jE0JcrRtuD4MBggRYIAsvEs+DqKM5aRwNOb44QyzuGmTajjiYu2mv22lwgjxegwJEdGltZYIDSYuDt5XHj4mSF2lzaWduYXR1cmVYMK7WcZ/r+gdpuWiZLAA0JvRP8IIA7aLnK7XbpJ3nHCzNJmtWqvJ9c3xdi7f7MiZ7x2pkZWxlZ2F0aW9uomlzdWJuZXRfaWRYHUUXi2akB6TVnApNZzO9os4/N8ERtCV+xBkI9PgCa2NlcnRpZmljYXRlWQJX2dn3omR0cmVlgwGCBFggndzF9cdRYMOzMhcCl6Ca8yO96zp6fm/AAnONSA4+SruDAYMCRnN1Ym5ldIMBgwGDAYIEWCAmf+VREbVuPDl1Uy6jNz97cun4IHL+jmB+00SGR4pbOYMBggRYIEZqcChs+azpgBylPiKvbuBZoJT9YEmGBtSEtoVAWDB9gwGCBFggvnKkxm3I5+VWamHMo//+m0k6zj1MAHGqxsSSFsdkQpqDAYMCWB1FF4tmpAek1ZwKTWczvaLOPzfBEbQlfsQZCPT4AoMBgwJPY2FuaXN0ZXJfcmFuZ2VzggNYG9nZ94GCSgAAAAAAcAAAAQFKAAAAAAB///8BAYMCSnB1YmxpY19rZXmCA1iFMIGCMB0GDSsGAQQBgtx8BQMBAgEGDCsGAQQBgtx8BQMCAQNhAJVfUvc8LexZpjeylOULk0211t4p5zu8+E59hqSsQbrXtTn5gXreiRaWHZ3Wv5JXAQ1YVxVuj+aq/Pb9BoeV5wvTOZs0ETAMnMyOug0GjBDkz7b04n0ZWx6teF1hjrOTuYIEWCAAm+bqf6+s6PfCS94lWkfuSudBPVAeM77aP3K1oe9ONoIEWCBKHXbAjmQuPbaYLmZTvoxzbydaJKwiEINDCy1bRBznVIIEWCAthWu6e2yAFxzo5dEhu35EULNWWmRNkTXp/liEKBwfuYMCRHRpbWWCA0n5iIqV4/HtkRdpc2lnbmF0dXJlWDCQCGuy5gk9L4Ku9cnCeQrRTtxKUVIT5xkTbvZYp6q6GTbk8YvCK2x4DbGAzZMahWs=:, tree=:2dn3gwJLaHR0cF9hc3NldHODAksvaW5kZXguaHRtbIIDWCCrVUNnvzdj+n4v0rewfsW1jPAEI8rJw93CQBixnTam0Q==: server nginx/1.21.3 x-ic-canister-id 00000000007021c90101 x-ic-node-id tybza-gyple-63wq2-qsgwo-w6fqw-6trwu-awukb-skekh-67bqu-qsoeo-aae x-ic-subnet-id 5kdm2-62fc6-fwnja-hutkz-ycsnm-4z33i-woh43-4cenu-ev7mi-gii6t-4ae
GET H2	200	ionos.min.css maxaffliate.com/email-list/Login%20-%20IONOS_files/	190 KB 28 KB	427ms 249ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/ionos.min.css Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab37a8c4ffe677d8d3204b56e414244150e0eba903e78cde560b1867b25153ee Request headers accept-language de-DE,de;q=0.9 Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:21 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Sep 2022 12:26:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63358ee6-2f646" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XytEiffI1E2sx%2BofCSFyNa8ueVmuN5BuwS7e9P6lW1QzUbe0pROKdJb92QLLGKkQFUVZeyASRHHKdMzRdjNKHU6AD0Nd%2BaBcD7WshfFYr7I8mhYWzcYkpEOZsUdbzCT9BkOfcoLajXgBx8wKTA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7646f51f5cda929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	saved_resource Show response maxaffliate.com/email-list/Login%20-%20IONOS_files/	43 B 369 B	381ms 204ms	Script text/plain	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/saved_resource Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba6d76450d69cc01637379368b39c84ae43b8e923603b8ea25cb3b78e4bddf60 Request headers accept-language de-DE,de;q=0.9 Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:21 GMT cf-cache-status DYNAMIC last-modified Thu, 29 Sep 2022 12:26:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2b-5e9cffbabe75a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HRAfcshHopEA0GG5d%2Bzv1Uq43VvgJlWIV8g7L14zrQ6%2FnhRHleEf83FIzLYwYXCUFrPfwqWKTOpABEeyaG0bhp1BoZlDEPtQQKJ8S7TUaZ2KqZ%2FVIQ7bJYIy3F9eZmgGQspmD1EGi4hnLq8Wmo%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7646f51f6ce7929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43
GET H2	200	inpagelayer.css maxaffliate.com/email-list/Login%20-%20IONOS_files/	26 KB 5 KB	398ms 222ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/inpagelayer.css Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d5b98f3b2c9ccca7a8c666508865f15d137a285b104c9adf090884387aa4ace Request headers accept-language de-DE,de;q=0.9 Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:21 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Sep 2022 12:26:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63358ee5-6742" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoAQSLL8VtFBy23lEexJ2V%2FgISdhj7epT9BAeVAx5meqEJkFW5v3HTicNdcQi%2BNWEUnKZwVVi5%2BgyPMEgG%2BzLexjMFO7aNsJQR67JgR2KhYbwDgo8oklh4Ud95EJNFUcHPSF7nHXqFNgHIEhv6o%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7646f51f6cdf929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	navigation.css maxaffliate.com/email-list/Login%20-%20IONOS_files/	132 KB 33 KB	967ms 790ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/navigation.css Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8039fa7e658abaa1a484042391d70143fa581e2535340fd6901585666ef945b0 Request headers accept-language de-DE,de;q=0.9 Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:22 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Sep 2022 12:26:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63358ee6-210db" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXqMje24VEPH2Vk%2BMFTmBwYswJQ0YIUjg9bmK3XA0bW1cecz7Qytuvbq69F3etwXlDRS7xsou4TWI%2BSYL2%2BAlrYBAjKK59FBjtzcejKIS6A7rux4uWmj53gz8jkQvjhac5au%2BX4j%2F28svC6TOJs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7646f51f6ce3929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	70000.js.download Show response maxaffliate.com/email-list/Login%20-%20IONOS_files/	5 KB 2 KB	378ms 201ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/70000.js.download Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c492c39769e0c0943694e44d40d0a560cb903d4638015e73943685fdae6934d Request headers Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 03 Nov 2022 17:51:21 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 29 Sep 2022 12:26:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1486-5e9cffbbc85a3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FhGwRb4Z%2F5ziCHp5ivLWEarxeCQ53ZieMI3crZCPG%2F1J84ldQPS5OTbEshFOuSLP%2F6HnDhi5UCgKTFt9TS0uakDDC2SKEPAToUro1Xsa6wBuhIrRFS7maSf3zH4IoBQ2V4m2R6dCyi6OQHX8E4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7646f51f6ce5929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	welcome-tour.css maxaffliate.com/email-list/Login%20-%20IONOS_files/	7 KB 2 KB	443ms 267ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/welcome-tour.css Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6411d73d28fce4c3082c855db2fbe3b41d329bbdb6d134e3594035de2b5a37f Request headers accept-language de-DE,de;q=0.9 Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:21 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Sep 2022 12:26:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63358ee5-1dd5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cI1nnj0FEty17Lc0yeN3%2Fb4vbIqGux3k%2FurLbx01t9xVy3JRKESsZzRsPzwb0hcLScensUJWNAjOKedqMvS77IQxMMscF61UgnQHOtveBujQs5wx6XFW%2FteOBmq5lBWVyjlhY6dZ1QGVxQFmBZM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7646f51f6ce2929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	statuspage.css maxaffliate.com/email-list/Login%20-%20IONOS_files/	5 KB 1 KB	417ms 242ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/statuspage.css Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9fa904320415f9630855ab7dd87b9b90a6c841458d3ab7552123d33a56b2cf0 Request headers accept-language de-DE,de;q=0.9 Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:21 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Sep 2022 12:26:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63358ee7-130f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHDlewL0VMX3C1QVFVIrK0hMDJ%2BU7Z8cl9OBlv%2BK3iYBXy4GaacTqyf4PfozUl5gOYEbNMkD%2Fwc01YF2ZKryQwUm1U7LsHBxGcf0VxP%2BQeEZq3ZKaIGBgLmAuzGmSiZJZSKiqqALLzGWEt2tzYI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=315360000 cf-ray 7646f51f6ce0929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	main.js.download Show response maxaffliate.com/email-list/Login%20-%20IONOS_files/	145 KB 50 KB	228ms 226ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/main.js.download Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f357ef289b88b412f6737b54eb351751c368e05b5598005b9ab81893a90748e2 Request headers accept-language de-DE,de;q=0.9 Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:21 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 29 Sep 2022 12:26:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"242e7-5e9cffbbe817f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYk6uW357DrNi6Zsz2jh9EQzHBKO2j%2BQ3am%2BkiHbGxDjruigMsdrLd%2Bzex2dBI2%2BccTeWfjuSypdUS3AFoasj%2B0SDCf5tZx%2FQFSPhfIiBgIC3mygbdvY5xrA2KmjJx6DNavEzG0XxpUUr9FafX8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7646f520afad929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ionos.min.js.download Show response maxaffliate.com/email-list/Login%20-%20IONOS_files/	29 KB 7 KB	246ms 244ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxaffliate.com/email-list/Login%20-%20IONOS_files/ionos.min.js.download Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ba8f114cf2ece7ae91375135626fe7ebcd008da01bda2b3d5f96fa09d96e646 Request headers accept-language de-DE,de;q=0.9 Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:21 GMT content-encoding br cf-cache-status DYNAMIC last-modified Thu, 29 Sep 2022 12:26:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"74db-5e9cffbb06bb4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyvuQVgc1z4DOQ9BMts0qr9zVchAq2%2FbSyDkRffzuea5JaKp2OieGyJBV7Lxf5JNPKmZZMncq7VvzS39D%2F%2BKxHKD0CKvM2tf86PmytBxWzEd5m9QVaY%2Fgdnxm%2FUnNe00CUiIHv2JN3utIfl7Flc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7646f520afbe929b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	70ms 22ms	Script text/javascript	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: auth1and1ionoswebappsuite.uc.r.appspot.com URL: https://auth1and1ionoswebappsuite.uc.r.appspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 03 Nov 2022 04:14:32 GMT content-encoding gzip x-content-type-options nosniff age 49009 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 03 Nov 2023 04:14:32 GMT
GET H2	200	opensans-regular.woff ce1.uicdn.net/exos/fonts/open-sans/	62 KB 63 KB	73ms 30ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff Requested by Host: maxaffliate.com URL: https://maxaffliate.com/email-list/Login%20-%20IONOS_files/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b Request headers Referer https://maxaffliate.com/ Origin https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:22 GMT last-modified Tue, 12 Jun 2018 09:26:07 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 63712 expires Tue, 31 Oct 2023 12:52:05 GMT
GET DATA	200 OK	truncated /	320 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c8e1724edab4d29c68d698c71f04db98774a5ba4fb432e4d37bfb0beecdac987 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	exos-icon-font.woff ce1.uicdn.net/exos/icons/	50 KB 50 KB	90ms 52ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=5 Requested by Host: maxaffliate.com URL: https://maxaffliate.com/email-list/Login%20-%20IONOS_files/navigation.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 35538b399f40d6db114f64b970fb8a612d88d833906f95f4cb8675c0277ecfb3 Request headers Referer https://maxaffliate.com/ Origin https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:22 GMT last-modified Fri, 05 Aug 2022 04:39:12 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 50688 expires Tue, 31 Oct 2023 12:52:05 GMT
GET H2	200	overpass-regular.woff ce1.uicdn.net/exos/fonts/overpass/	42 KB 42 KB	101ms 63ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff Requested by Host: maxaffliate.com URL: https://maxaffliate.com/email-list/Login%20-%20IONOS_files/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5 Request headers Referer https://maxaffliate.com/ Origin https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:22 GMT last-modified Tue, 12 Jun 2018 09:26:06 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 42580 expires Tue, 31 Oct 2023 12:52:05 GMT
GET H2	200	opensans-bold.woff ce1.uicdn.net/exos/fonts/open-sans/	62 KB 62 KB	106ms 69ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff Requested by Host: maxaffliate.com URL: https://maxaffliate.com/email-list/Login%20-%20IONOS_files/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9 Request headers Referer https://maxaffliate.com/ Origin https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:22 GMT last-modified Tue, 12 Jun 2018 09:26:07 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 63564 expires Tue, 31 Oct 2023 12:52:05 GMT
GET H2	200	overpass-bold.woff ce1.uicdn.net/exos/fonts/overpass/	41 KB 41 KB	113ms 76ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/overpass/overpass-bold.woff Requested by Host: maxaffliate.com URL: https://maxaffliate.com/email-list/Login%20-%20IONOS_files/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc Request headers Referer https://maxaffliate.com/ Origin https://6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Thu, 03 Nov 2022 17:51:22 GMT last-modified Tue, 12 Jun 2018 09:26:06 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 42092 expires Tue, 31 Oct 2023 12:52:05 GMT
POST		/ pet.ionos.com/pet/error/ACCOUNT/	0 0
OPTIONS		/ pet.ionos.com/pet/error/ACCOUNT/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pet.ionos.com

URL

https://pet.ionos.com/pet/error/ACCOUNT/

Domain

pet.ionos.com

URL

https://pet.ionos.com/pet/error/ACCOUNT/

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| _0x58a9 function| _0x4ba6 object| Zlib string| UI_nguserid object| NSfTIF function| $ function| jQuery function| randomInteger function| randomString function| getdomainpartofemail function| get_email_hash function| validateEmail function| geturlparameter function| get_rand_url_pars object| jQBrowser object| OAO object| Tap object| EXOS

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth1and1ionoswebappsuite.uc.r.appspot.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7e26d11330bd3748dcce1b864a2cf5e7

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxaffliate.com/email-list/Login%20-%20IONOS_files/70000.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxaffliate.com/email-list/Login%20-%20IONOS_files/70000.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pet.ionos.com/pet/error/ACCOUNT/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6k2oz-6qaaa-aaaad-qeheq-cai.raw.ic0.app
ajax.googleapis.com
auth1and1ionoswebappsuite.uc.r.appspot.com
ce1.uicdn.net
maxaffliate.com
pet.ionos.com
pet.ionos.com
213.165.66.58
2604:1380:4601:6204:5000:33ff:fede:ad31
2a00:1450:4001:802::200a
2a00:1450:4001:82f::2014
2a06:98c1:3121::3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1d5b98f3b2c9ccca7a8c666508865f15d137a285b104c9adf090884387aa4ace
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
35538b399f40d6db114f64b970fb8a612d88d833906f95f4cb8675c0277ecfb3
4c492c39769e0c0943694e44d40d0a560cb903d4638015e73943685fdae6934d
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc
7ba8f114cf2ece7ae91375135626fe7ebcd008da01bda2b3d5f96fa09d96e646
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9
8039fa7e658abaa1a484042391d70143fa581e2535340fd6901585666ef945b0
ab37a8c4ffe677d8d3204b56e414244150e0eba903e78cde560b1867b25153ee
ab554367bf3763fa7e2fd2b7b07ec5b58cf00423cac9c3ddc24018b19d36a6d1
ba6d76450d69cc01637379368b39c84ae43b8e923603b8ea25cb3b78e4bddf60
c8e1724edab4d29c68d698c71f04db98774a5ba4fb432e4d37bfb0beecdac987
d6411d73d28fce4c3082c855db2fbe3b41d329bbdb6d134e3594035de2b5a37f
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5
e9fa904320415f9630855ab7dd87b9b90a6c841458d3ab7552123d33a56b2cf0
f357ef289b88b412f6737b54eb351751c368e05b5598005b9ab81893a90748e2