flirt.nq-online.de
Open in
urlscan Pro
3.121.59.203
Public Scan
Effective URL: https://flirt.nq-online.de/login/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On May 09 via api from IT — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 8th 2024. Valid for: 3 months.
This is the only time flirt.nq-online.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 3.121.59.203 3.121.59.203 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 2a0b:4d07:102::1 2a0b:4d07:102::1 | 44239 (PROINITY ...) (PROINITY PROINITY) | |
11 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-59-203.eu-central-1.compute.amazonaws.com
flirt.nq-online.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
icony-hosting.de
static2.icony-hosting.de — Cisco Umbrella Rank: 870497 |
412 KB |
3 |
nq-online.de
1 redirects
flirt.nq-online.de |
36 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
9 | static2.icony-hosting.de |
flirt.nq-online.de
static2.icony-hosting.de |
3 | flirt.nq-online.de | 1 redirects |
11 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.kontaktboersen.de |
www.icony.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
flirt.nq-online.de R3 |
2024-05-08 - 2024-08-06 |
3 months | crt.sh |
static2.icony-hosting.de R3 |
2024-04-14 - 2024-07-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://flirt.nq-online.de/login/
Frame ID: 42AC059B34AD0F4688A7D23457C59779
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Mit Username und Passwort einloggen um bei NQ-Flirtline wieder dabei seinPage URL History Show full URLs
-
https://flirt.nq-online.de/einstellungen/
HTTP 302
https://flirt.nq-online.de/login/ Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://flirt.nq-online.de/einstellungen/
HTTP 302
https://flirt.nq-online.de/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
flirt.nq-online.de/login/ Redirect Chain
|
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OpenSans.woff2
static2.icony-hosting.de/dyncontent759285aef0330335de28d4eaf40f0689/fonts/opensans/ |
274 KB 275 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontpage-v4.css
static2.icony-hosting.de/dyncontent1714998315/css/r/nqf/ |
255 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
static2.icony-hosting.de/dyncontent33fc4ab577e394f86af6ec7d78ef2dcf/img/nqf/ |
14 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unsupported-browser.js
static2.icony-hosting.de/dyncontent1714998315/js/r/nqf/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frontpage-v4.js
static2.icony-hosting.de/dyncontent1714998315/js/r/nqf/ |
321 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kontaktboersen.jpg
static2.icony-hosting.de/dyncontent1714998315/img/nqf/static/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ccp_ga.js
static2.icony-hosting.de/dyncontent1714998315/js/r/nqf/modules/frontpage-v4/ccp/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ccp_recaptcha.js
static2.icony-hosting.de/dyncontent1714998315/js/r/nqf/modules/frontpage-v4/ccp/ |
512 B 749 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icony-21.woff2
static2.icony-hosting.de/dyncontent9670612cbe312c75fe1c2dd27c0950e1/fonts/icony-21/ |
7 KB 7 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
flirt.nq-online.de/ |
32 KB 32 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
84 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ccpLayer function| checkUnsupportedBrowsers object| langStore object| _Document$prototype object| _DocumentFragment$pro object| _Element$prototype object| templateStore function| isarray object| PATH_REGEXP function| parse function| compile function| encodeURIComponentPretty function| encodeAsterisk function| tokensToFunction function| escapeString function| escapeGroup function| attachKeys function| flags function| regexpToRegexp function| arrayToRegexp function| stringToRegexp function| tokensToRegExp function| pathToRegexp function| replaceChildren object| CCP object| GAC number| UIAnimationDuration_short number| UIAnimationDuration_medium number| UIAnimationDuration_long number| UIAnimationDuration_xl number| UIAnimationDuration_xxl object| UIAnimationDuration number| CCPluginIds_GoogleAnalytics number| CCPluginIds_FacebookPixel number| CCPluginIds_IVW number| CCPluginIds_IVWAT number| CCPluginIds_OEWA number| CCPluginIds_reCaptcha number| CCPluginIds_eTracker number| CCPluginIds_GoogleAds number| CCPluginIds_ABTasty number| CCPluginIds_IntelliAd number| CCPluginIds_MicrosoftAdvertising number| CCPluginIds_Webtrekk number| CCPluginIds_Criteo number| CCPluginIds_Hotjar number| CCPluginIds_Signalize number| CCPluginIds_IVWMeasurementManager number| CCPluginIds_AdRoll number| CCPluginIds_ADCell number| CCPluginIds_UPYIELD number| CCPluginIds_TikTok number| CCPluginIds_Snap number| CCPluginIds_Outbrain number| CCPluginIds_OSM number| CCPluginIds_Youtube number| CCPluginIds_Vimeo number| CCPluginIds_Awin number| CCPluginIds_Pinterest number| CCPluginIds_Taboola number| CCPluginIds_Ausgezeichnet object| CCPluginIds string| JS_API_END_POINT string| REGISTER_MODULE string| SITE_URL string| STATIC_ASSET_PATH string| CUSTOM_ELEMENT_CSS_PATH string| MODULE_JSON_FILE object| appRoutes function| _ function| StringUtils function| ArrayUtils function| IconyModuleLoader function| require function| define function| defined function| loaded function| requireExternal function| isExternalLoaded function| resolveLoadedScripts object| router function| __importTemplate function| IconyDialog object| app2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
flirt.nq-online.de/ | Name: ICONY_RSA_KEY Value: 663c1665-a2a8-409b-a0de-0f890a0103ef |
|
flirt.nq-online.de/ | Name: ICONY_XSESSION Value: 31302e312e332e3233393298a0d458c5681973a8a1fe7b513d58200995a3e600ac198e035bad27f2e1f2c989d6d0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
flirt.nq-online.de
static2.icony-hosting.de
2a0b:4d07:102::1
3.121.59.203
0b82202951e43ed784f9d734d00bd00a3f4e67aaa9f946caa232b6561bd5e3b5
0fa1ecb5c5fbd1701f4209e6af7b035f36faf51501205828c44acac42f662b2e
2d871f2dfe931e7860bbb7e1b6330cc5147a18b51a46e317968ff5097a92669a
95ca121461c68687b1e7bae6e22263a595ab628ea9d086dc44725780ef8f2bae
a06cdf22205cf84554526896e727041d485b0f2eab14bc33c7b572ea761a88d2
ba9b36def140fdab3ddd0defb4a3e474f24ed7afa41baff6b9854f35b3890beb
bc962852d99cabecdb62d2e952bffe6fc6299bb0f08fa9f5750cf1d594b59dde
c198abd38bf1d60c34c505441ab20eae9fcddebd59a1211ccc34290d8eb460d6
c418ce043a9c17cc12fa184d3bccc8cd6bd191317339d4bd6696fdcb108973ca
cb52dd147c9d0b1e5925d1228c9367847d32c96f9610dd22a1c346584542db63
e8e044e1f2159daa2a51264c9873cb357448f685b6e9c9eaddbf1538a7c6dcbb