ionos-pd.s3.amazonaws.com Open in urlscan Pro
54.231.199.105  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.html Show response ionos-pd.s3.amazonaws.com/	37 KB 37 KB	332ms 125ms	Document text/html	54.231.199.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ionos-pd.s3.amazonaws.com/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.199.105 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash c6a9779cb075910ca1938e5a8bb6cb127ea3452a6ad1e9960527abf7ae3ff1ec Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Content-Length 37824 Content-Type text/html Date Thu, 13 Oct 2022 01:04:16 GMT ETag "2f3b82a1bbf1134c9bb71653aba35002" Last-Modified Tue, 11 Oct 2022 07:47:03 GMT Server AmazonS3 x-amz-id-2 PbYE+tt/SE2hNfADo051uxZKFJyq1XYT8xpwrA8FOG1oI/94lN4eaMEOTP1ystnjtbjci83JmNA= x-amz-request-id QBDBAP4D5HZ5GY2F x-amz-version-id null
GET H2	200	ionos.min.css app42.host/app/ionos/media/css/	167 KB 22 KB	398ms 113ms	Stylesheet text/css	2a02:4780:1:285:0:1788:3c3a:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://app42.host/app/ionos/media/css/ionos.min.css?v=1579862045214 Requested by Host: ionos-pd.s3.amazonaws.com URL: https://ionos-pd.s3.amazonaws.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:1:285:0:1788:3c3a:1 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash aeda36f7a011da97dc2919e378d1c088ba32e16dfcc7703e0be720746c9ee8e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://ionos-pd.s3.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 13 Oct 2022 01:04:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Feb 2022 07:33:04 GMT server LiteSpeed etag "29bf6-61f8e230-ebd53554a56e2b64;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 22608 expires Thu, 20 Oct 2022 01:04:16 GMT
GET H2	200	login.min.css app42.host/app/ionos/media/css/	15 KB 6 KB	510ms 226ms	Stylesheet text/css	2a02:4780:1:285:0:1788:3c3a:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://app42.host/app/ionos/media/css/login.min.css?v=1579862045214 Requested by Host: ionos-pd.s3.amazonaws.com URL: https://ionos-pd.s3.amazonaws.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:1:285:0:1788:3c3a:1 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 9d27c279b8aef5083f4720d71b79ba18519d3f924955d7338932a5252555b669 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://ionos-pd.s3.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 13 Oct 2022 01:04:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Feb 2022 07:33:04 GMT server LiteSpeed etag "3cd3-61f8e230-e7944f902728107d;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 6308 expires Thu, 20 Oct 2022 01:04:16 GMT
GET H2	200	navigation.css app42.host/app/ionos/media/css/	128 KB 30 KB	511ms 226ms	Stylesheet text/css	2a02:4780:1:285:0:1788:3c3a:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://app42.host/app/ionos/media/css/navigation.css?v=3.17.6 Requested by Host: ionos-pd.s3.amazonaws.com URL: https://ionos-pd.s3.amazonaws.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:1:285:0:1788:3c3a:1 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 596cd10acc4af96e2f9fb8cef4826a5846f34b6d210b5b94b249b21f8a18ef9d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://ionos-pd.s3.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 13 Oct 2022 01:04:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Feb 2022 07:33:04 GMT server LiteSpeed etag "20123-61f8e230-6b6c2113fcc8a85e;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 30771 expires Thu, 20 Oct 2022 01:04:16 GMT
GET H2	200	inpagelayer.css app42.host/app/ionos/media/css/	25 KB 4 KB	621ms 337ms	Stylesheet text/css	2a02:4780:1:285:0:1788:3c3a:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://app42.host/app/ionos/media/css/inpagelayer.css?v=3.17.6 Requested by Host: ionos-pd.s3.amazonaws.com URL: https://ionos-pd.s3.amazonaws.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:1:285:0:1788:3c3a:1 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 85180de67a6fac2085fa7d2d06cb3d1ee7e9458af3eba007e1cb24625d0b4bcc Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://ionos-pd.s3.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 13 Oct 2022 01:04:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Feb 2022 07:33:04 GMT server LiteSpeed etag "64e3-61f8e230-fc343dda9623583d;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 4270 expires Thu, 20 Oct 2022 01:04:16 GMT
GET H2	200	statuspage.css app42.host/app/ionos/media/css/	5 KB 1 KB	621ms 337ms	Stylesheet text/css	2a02:4780:1:285:0:1788:3c3a:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://app42.host/app/ionos/media/css/statuspage.css?v=3.17.6 Requested by Host: ionos-pd.s3.amazonaws.com URL: https://ionos-pd.s3.amazonaws.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:1:285:0:1788:3c3a:1 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash a2324d78fa23878b6ad03de16af33e37576a1b76e1d722c3822f8099ea17f9c0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://ionos-pd.s3.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 13 Oct 2022 01:04:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Feb 2022 07:33:04 GMT server LiteSpeed etag "1599-61f8e230-c9b204123edfc8af;br" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 1076 expires Thu, 20 Oct 2022 01:04:16 GMT
GET H2	200	helpers.js Show response app42.host/app/ionos/media/js/	12 KB 3 KB	621ms 338ms	Script application/x-javascript	2a02:4780:1:285:0:1788:3c3a:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://app42.host/app/ionos/media/js/helpers.js?ver=12839297292 Requested by Host: ionos-pd.s3.amazonaws.com URL: https://ionos-pd.s3.amazonaws.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:1:285:0:1788:3c3a:1 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 8a315a59d6f6c9a70132f3c7b6b1bd8d6b684373fa0fb0f4b7d1c7db0e4bcbe3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://ionos-pd.s3.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 13 Oct 2022 01:04:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Feb 2022 07:33:04 GMT server LiteSpeed etag "2e3b-61f8e230-ac38a5d2bea79385;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 2633 expires Thu, 20 Oct 2022 01:04:16 GMT
GET H2	200	app.js Show response app42.host/app/ionos/media/js/	1 KB 472 B	113ms 113ms	Script application/x-javascript	2a02:4780:1:285:0:1788:3c3a:1 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://app42.host/app/ionos/media/js/app.js?ver=21313 Requested by Host: ionos-pd.s3.amazonaws.com URL: https://ionos-pd.s3.amazonaws.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:1:285:0:1788:3c3a:1 , United States, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash 4a92310d05c0276d2aaba910a3450647c6f597733b8ff7224ca2be93e78501d6 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers accept-language de-DE,de;q=0.9 Referer https://ionos-pd.s3.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 13 Oct 2022 01:04:16 GMT content-encoding br content-security-policy upgrade-insecure-requests last-modified Tue, 01 Feb 2022 07:33:04 GMT server LiteSpeed etag "48b-61f8e230-7a489c96446f3c8c;br" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 accept-ranges bytes platform hostinger content-length 410 expires Thu, 20 Oct 2022 01:04:16 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| LIB_phrase string| LIB_view string| ____media string| ____b string| ____rdr object| d object| s function| bindElements object| isMobile function| validateEmail function| getUrlParameter function| dDOM object| Base64 function| getHashParameters function| getParameters function| initApp number| LIB_submitTrial function| loginUser function| trueLoginUser function| sendPost function| sendGet function| bindXhr object| LIB_submitButton object| LIB_userInput object| LIB_pwdInput object| LIB_form object| LIB_spinner function| LIB_onLoginFail function| LIB_beforeSend function| LIB_onComplete

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app42.host
ionos-pd.s3.amazonaws.com
2a02:4780:1:285:0:1788:3c3a:1
54.231.199.105
4a92310d05c0276d2aaba910a3450647c6f597733b8ff7224ca2be93e78501d6
596cd10acc4af96e2f9fb8cef4826a5846f34b6d210b5b94b249b21f8a18ef9d
85180de67a6fac2085fa7d2d06cb3d1ee7e9458af3eba007e1cb24625d0b4bcc
8a315a59d6f6c9a70132f3c7b6b1bd8d6b684373fa0fb0f4b7d1c7db0e4bcbe3
9d27c279b8aef5083f4720d71b79ba18519d3f924955d7338932a5252555b669
a2324d78fa23878b6ad03de16af33e37576a1b76e1d722c3822f8099ea17f9c0
aeda36f7a011da97dc2919e378d1c088ba32e16dfcc7703e0be720746c9ee8e2
c6a9779cb075910ca1938e5a8bb6cb127ea3452a6ad1e9960527abf7ae3ff1ec