urlscan.io logo urlscan.io
SecurityTrails logo

slot-888.com Open in urlscan Pro
94.74.108.136  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://slot-888.com/GAtt/App/app/
Submission Tags: 7328042
Submission: On October 23 via api from NL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 94.74.108.136, located in Odesa, Ukraine and belongs to HWCLOUDS-AS-AP HUAWEI CLOUDS, HK. The main domain is slot-888.com.
TLS certificate: Issued by R3 on August 10th 2021. Valid for: 3 months.
This is the only time slot-888.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 94.74.108.136 136907 (HWCLOUDS-...)
5 213.165.66.58 8560 (IONOS-AS ...)
1 2001:8d8:5ff:... 8560 (IONOS-AS ...)
2 104.75.88.194 16625 (AKAMAI-AS)
1 3.124.201.165 16509 (AMAZON-02)
1 35.156.65.226 16509 (AMAZON-02)
1 35.156.212.124 16509 (AMAZON-02)
13 7
2    94.74.108.136 (Odesa, Ukraine)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-94-74-108-136.compute.hwclouds-dns.com
slot-888.com
5    213.165.66.58 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ce1.uicdn.net
ce1.uicdn.net
1    2001:8d8:5ff:7::1:3 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
www.1und1.de
2    104.75.88.194 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    3.124.201.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-201-165.eu-central-1.compute.amazonaws.com
collect.tealiumiq.com
1    35.156.65.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-65-226.eu-central-1.compute.amazonaws.com
collect-eu-central-1.tealiumiq.com
1    35.156.212.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-212-124.eu-central-1.compute.amazonaws.com
visitor-service-eu-central-1.tealiumiq.com
Domain Requested by
5 ce1.uicdn.net slot-888.com
ce1.uicdn.net
2 tags.tiqcdn.com www.1und1.de
tags.tiqcdn.com
2 slot-888.com slot-888.com
1 visitor-service-eu-central-1.tealiumiq.com tags.tiqcdn.com
1 collect-eu-central-1.tealiumiq.com tags.tiqcdn.com
1 collect.tealiumiq.com slot-888.com
1 www.1und1.de slot-888.com
13 7

This site contains links to these domains. Also see Links.

Domain
www.ionos.de
login.ionos.de
www.1und1.de
Subject Issuer Validity Valid
slot-888.com
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
ce1.uicdn.net
GeoTrust RSA CA 2018		 2020-03-03 -
2022-03-08		 2 years crt.sh
1und1.de
GeoTrust EV RSA CA 2018		 2021-08-04 -
2022-08-04		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2021-04-19 -
2022-04-27		 a year crt.sh
*.tealiumiq.com
Amazon		 2021-09-24 -
2022-10-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://slot-888.com/GAtt/App/app/
Frame ID: 9F654A3350604C524F837E22DBC890DB
Requests: 7 HTTP requests in this frame

Frame: https://www.1und1.de/cookiecheck
Frame ID: BF4AB10DA190D4B31009EA79881CBF5F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hostpoint - Control Panel

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^(?:https?:)?//tags\.tiqcdn\.com/

Page Statistics

13
Requests

100 %
HTTPS

14 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

346 kB
Transfer

1135 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
slot-888.com/GAtt/App/app/ 		49 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://slot-888.com/GAtt/App/app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.74.108.136 Odesa, Ukraine, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-94-74-108-136.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
4c6f30f2c1d847050e3e033e042793d446d6558bed0686ff38e5939e09565ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
slot-888.com
:scheme
https
:path
/GAtt/App/app/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 23 Oct 2021 09:57:25 GMT
content-type
text/html
last-modified
Thu, 21 Oct 2021 19:24:01 GMT
vary
Accept-Encoding
etag
W/"6171be51-c476"
strict-transport-security
max-age=31536000
content-encoding
gzip
ionos.min.css
ce1.uicdn.net/exos/framework/1.1/ 		227 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Requested by
Host: slot-888.com
URL: https://slot-888.com/GAtt/App/app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
fc19ec4d2e4c71e98b7f41584b7b452ff1de941b5d5c27384a8008db3649c218

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://slot-888.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
content-encoding
br
last-modified
Wed, 08 Sep 2021 07:11:38 GMT
server
Apache
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=43200, public
accept-ranges
bytes
content-length
32870
expires
Sun, 23 Oct 2022 08:47:00 GMT
cp2x.png
slot-888.com/GAtt/App/app/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://slot-888.com/GAtt/App/app/cp2x.png
Requested by
Host: slot-888.com
URL: https://slot-888.com/GAtt/App/app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.74.108.136 Odesa, Ukraine, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-94-74-108-136.compute.hwclouds-dns.com
Software
nginx /
Resource Hash
3d422148ad463af2e6195b9b970dbed4496d15f580f776f1e7373e818c62e6e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:path
/GAtt/App/app/cp2x.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
slot-888.com
referer
https://slot-888.com/GAtt/App/app/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://slot-888.com/GAtt/App/app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
last-modified
Thu, 21 Oct 2021 19:24:01 GMT
server
nginx
etag
"6171be51-890"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2192
expires
Mon, 22 Nov 2021 09:57:25 GMT
cookiecheck
www.1und1.de/ Frame BF4A 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.1und1.de/cookiecheck
Requested by
Host: slot-888.com
URL: https://slot-888.com/GAtt/App/app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:8d8:5ff:7::1:3 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
nginx /
Resource Hash
4417524f4acea7e19d74048db5edd9c57a7fc6133ed3f495dcd52c73cf67ccc7
Security Headers
Name Value
Strict-Transport-Security max-age=3600; includeSubDomains

Request headers

:method
GET
:authority
www.1und1.de
:scheme
https
:path
/cookiecheck
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://slot-888.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://slot-888.com/

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
content-type
text/html
set-cookie
DPX=v1:iY5vEoF4X3:mxE4EF4A:6173ea9a:gb; Path=/; Expires=Sat, 23-Oct-21 10:57:25 GMT; HttpOnly; Secure
server
nginx
etag
W/"615af1e0-3f58"
strict-transport-security
max-age=3600; includeSubDomains
content-encoding
gzip
overpass-regular.woff
ce1.uicdn.net/exos/fonts/overpass/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff
Requested by
Host: ce1.uicdn.net
URL: https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5

Request headers

Referer
https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Origin
https://slot-888.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:06 GMT
server
Apache
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
42580
expires
Wed, 21 Sep 2022 08:36:42 GMT
opensans-regular.woff
ce1.uicdn.net/exos/fonts/open-sans/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff
Requested by
Host: ce1.uicdn.net
URL: https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Request headers

Referer
https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Origin
https://slot-888.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:07 GMT
server
Apache
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63712
expires
Wed, 21 Sep 2022 08:36:42 GMT
exos-icon-font.woff
ce1.uicdn.net/exos/icons/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=6
Requested by
Host: ce1.uicdn.net
URL: https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
89c964e03155b72a17f17d877ce96b4644b6cfd4715bb0cf5032fc195aec0c0d

Request headers

Referer
https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Origin
https://slot-888.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
last-modified
Fri, 31 Jul 2020 13:43:35 GMT
server
Apache
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48780
expires
Wed, 21 Sep 2022 08:36:42 GMT
opensans-bold.woff
ce1.uicdn.net/exos/fonts/open-sans/ 		62 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff
Requested by
Host: ce1.uicdn.net
URL: https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
ce1.uicdn.net
Software
Apache /
Resource Hash
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9

Request headers

Referer
https://ce1.uicdn.net/exos/framework/1.1/ionos.min.css
Origin
https://slot-888.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
last-modified
Tue, 12 Jun 2018 09:26:07 GMT
server
Apache
x-cache-status
HIT
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63564
expires
Wed, 21 Sep 2022 08:36:42 GMT
utag.js
tags.tiqcdn.com/utag/1und1/onlineshop/prod/ Frame BF4A 		627 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/1und1/onlineshop/prod/utag.js
Requested by
Host: www.1und1.de
URL: https://www.1und1.de/cookiecheck
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
541a0247ee4871224b70dc91d39a7c5a64616f50db8ff022e3f0d77b3781310e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1und1.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
content-encoding
gzip
last-modified
Wed, 20 Oct 2021 13:14:14 GMT
server
AkamaiNetStorage
etag
"4d51c87b4711e7e436fbfedadf54c3c4:1634735654.761609"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Sat, 23 Oct 2021 10:02:25 GMT
event
collect.tealiumiq.com/ Frame BF4A 		0
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/event
Requested by
Host: slot-888.com
URL: https://slot-888.com/GAtt/App/app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.201.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-201-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.1und1.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
x-serverid
uconnect_i-03609a346a137bb61
x-tid
017cac956ab40001333aae5f2a4503072002006a00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
1und1:main:2:event
x-region
eu-central-1
pragma
no-cache
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.1und1.de
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
fd47089a9547eacecb8b505f43888a929f94f388-SNAPSHOT
x-uuid
21434b8b-4c73-4af5-9488-9299ed6a94e0
expires
Sat, 23 Oct 2021 09:57:25 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ Frame BF4A 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=1und1/onlineshop/202110181028&cb=1634983045858
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/1und1/onlineshop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1und1.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Sat, 23 Oct 2021 10:07:25 GMT
i.gif
collect-eu-central-1.tealiumiq.com/1und1/main/2/ Frame BF4A 		43 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-eu-central-1.tealiumiq.com/1und1/main/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/1und1/onlineshop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.65.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-65-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.1und1.de/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryHDQyLhMDsyotW5pY

Response headers

date
Sat, 23 Oct 2021 09:57:25 GMT
vary
Origin
x-serverid
uconnect_i-0d17e285433324eda
x-tid
017cac956ab40001333aae5f2a4503072002006a00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
1und1:main:2:datacloud
x-region
eu-central-1
content-length
43
pragma
no-cache
x-did
017cac956ab40001333aae5f2a4503072002006a00b08
content-type
image/gif
access-control-allow-origin
https://www.1und1.de
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-ulver
fd47089a9547eacecb8b505f43888a929f94f388-SNAPSHOT
x-uuid
b85e9b29-71af-4a23-9d0a-263a613ff915
expires
Sat, 23 Oct 2021 09:57:25 GMT
017cac956ab40001333aae5f2a4503072002006a00b08
visitor-service-eu-central-1.tealiumiq.com/1und1/main/ Frame BF4A 		425 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-eu-central-1.tealiumiq.com/1und1/main/017cac956ab40001333aae5f2a4503072002006a00b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1634983045920
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/1und1/onlineshop/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.212.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-212-124.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
52676278cfe6926adafcf57f86b1613ff067e825f626231e839facf3747fe083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.1und1.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-version
fd47089a9547eacecb8b505f43888a929f94f388-SNAPSHOT
date
Sat, 23 Oct 2021 09:57:25 GMT
x-region
eu-central-1
content-length
425
strict-transport-security
max-age=31536000; includeSubdomains
x-nodeid
i-03afe2aa5f86a06c9
content-type
application/javascript; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster

2 Cookies

Domain/Path Name / Value
.tealiumiq.com/ Name: TAPID
Value: 1und1/main>017cac956ab40001333aae5f2a4503072002006a00b08|
.1und1.de/ Name: utag_main
Value: v_id:017cac956ab40001333aae5f2a4503072002006a00b08$_sn:1$_se:1$_ss:1$_st:1634984848859$ses_id:1634983045813%3Bexp-session$_pn:1%3Bexp-session$consentsplit:consent-layer-wall$optimizely:false%3Bexp-session$fbem:8cf4fd4b4609a495dfda325772043ad816b0b5e82b00a1af6b47cf376f233854%3Bexp-session$qualifiedvisit:false%3Bexp-session$prevpage:%7Cundefined%7Cundefined%7C%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session

1 Console Messages

Source Level URL
Text
network error URL: https://www.1und1.de/cookiecheck
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000