home-ionos.logi0023.workers.dev Open in urlscan Pro
172.67.157.19  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response home-ionos.logi0023.workers.dev/	220 KB 17 KB	166ms 54ms	Document text/html	172.67.157.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.157.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a31b182a6ea96076666a29c91401c602df62307448e360726a912d6d2db2eca Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language pt-PT,pt;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-ray 82b10535b9da2178-MAD content-encoding br content-type text/html;charset=UTF-8 date Fri, 24 Nov 2023 10:38:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9wruUCtgNTU6dFhObyPhZMXFUMtXwbgBD3M2j1wn5bO1eC%2FJJ7xAZYABR%2Bg2v848ihS%2F2znG6CLckIa1EL3rvyCDrEsn9HIt4AqX6TmtIkfbiRfKMw3w7AsGCWVGzUXoRYEikqOcejqd52dLp1dIr%2Ba"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	ionos.min.css dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/	311 KB 47 KB	733ms 548ms	Stylesheet text/css	162.125.66.15 DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.125.66.15 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash de1a4dc893507b130b3530a454b87cecbced238ea9bf94650d91d7163770b89c Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Fri, 24 Nov 2023 10:38:06 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 82c4a069739046cc87caa9e3a18c3ecc x-dropbox-response-origin far_remote content-disposition inline; filename="ionos.min.css"; filename*=UTF-8''ionos.min.css pragma public server envoy x-server-response-time 292 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	login.min.css dl.dropboxusercontent.com/s/a4knhzdps2d1h98/	15 KB 7 KB	659ms 475ms	Stylesheet text/css	162.125.66.15 DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/a4knhzdps2d1h98/login.min.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.125.66.15 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 9d27c279b8aef5083f4720d71b79ba18519d3f924955d7338932a5252555b669 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Fri, 24 Nov 2023 10:38:05 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id dd35cd62ab944004a7a920318daf01ce x-dropbox-response-origin far_remote content-disposition inline; filename="login.min.css"; filename*=UTF-8''login.min.css pragma public server envoy x-server-response-time 246 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	inpagelayer.css dl.dropboxusercontent.com/s/d65hjtnb4uhm0os/	20 KB 5 KB	537ms 353ms	Stylesheet text/css	162.125.66.15 DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/d65hjtnb4uhm0os/inpagelayer.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.125.66.15 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 3048d3206edfc502332e4c389889e99ba74d26a3681f341832a5e7ede799688a Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Fri, 24 Nov 2023 10:38:05 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 2135a4ab853e49baa2e4adb5934b218f x-dropbox-response-origin far_remote content-disposition inline; filename="inpagelayer.css"; filename*=UTF-8''inpagelayer.css pragma public server envoy x-server-response-time 168 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	navigation.css dl.dropboxusercontent.com/s/jr1ehlcily2eee8/	115 KB 32 KB	690ms 506ms	Stylesheet text/css	162.125.66.15 DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/jr1ehlcily2eee8/navigation.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.125.66.15 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash bc680069d494352e34d678cc0885843716edb5dcabd181982dbc92899f127b09 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Fri, 24 Nov 2023 10:38:06 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 4e64cd08a0444847b77964ffd8316b51 x-dropbox-response-origin far_remote content-disposition inline; filename="navigation.css"; filename*=UTF-8''navigation.css pragma public server envoy x-server-response-time 285 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	statuspage.css dl.dropboxusercontent.com/s/4iosd455jxmepdn/	5 KB 1 KB	570ms 387ms	Stylesheet text/css	162.125.66.15 DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/4iosd455jxmepdn/statuspage.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.125.66.15 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 394cb290159c07321f7cc6dfe7788ea8837c7d41e95bbaff755813b93c91de49 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Fri, 24 Nov 2023 10:38:05 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id b558ad5cb29e40238d8674d2e7d0f997 x-dropbox-response-origin far_remote content-disposition inline; filename="statuspage.css"; filename*=UTF-8''statuspage.css pragma public server envoy x-server-response-time 203 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H/1.1	200 OK	/ Show response api.ipify.org/	30 B 204 B	512ms 165ms	Script application/javascript	173.231.16.77 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=jsonp&callback=getIP Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.16.77 , United States, ASN18450 (WEBNX, US), Reverse DNS api.ipify.org Software nginx/1.25.1 / Resource Hash af2b64f195f02450184238be2fe2ff93c390d875493498f703a6a3eaa4af72d8 Request headers Referer https://home-ionos.logi0023.workers.dev/ accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Fri, 24 Nov 2023 10:38:06 GMT Server nginx/1.25.1 Connection keep-alive Content-Length 30 Vary Origin Content-Type application/javascript
GET H2	200	webmail-login.js Show response dl.dropboxusercontent.com/s/2gwq5pwi51cw68j/	29 KB 9 KB	567ms 384ms	Script application/javascript	162.125.66.15 DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/2gwq5pwi51cw68j/webmail-login.js Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.125.66.15 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash fe2fe6bdc3efb919398a4f4a40bc24bbdbc38e7f81de2a6cd989d13b0c7132c3 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Fri, 24 Nov 2023 10:38:06 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 0a3d885c339d4aac84ac4b6acd72744d x-dropbox-response-origin far_remote content-disposition inline; filename="webmail-login.js"; filename*=UTF-8''webmail-login.js pragma public server envoy x-server-response-time 190 vary Accept-Encoding content-type application/javascript cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	navigation.js Show response dl.dropboxusercontent.com/s/oj9ah2x8ut82uao/	307 KB 92 KB	517ms 517ms	Script application/javascript	162.125.66.15 DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/oj9ah2x8ut82uao/navigation.js Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.125.66.15 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 5c2fc2d77a449aeb1a9c8da49904368e3d1b9f822e01721837cca1f04e7606d9 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Fri, 24 Nov 2023 10:38:06 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id d958f40f805d4a58883313290e60d3a8 x-dropbox-response-origin far_remote content-disposition inline; filename="navigation.js"; filename*=UTF-8''navigation.js pragma public server envoy x-server-response-time 299 vary Accept-Encoding content-type application/javascript cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	main.min.js Show response dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/	211 KB 79 KB	780ms 597ms	Script application/javascript	162.125.66.15 DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.125.66.15 Frankfurt am Main, Germany, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 01e226190f1f6e0fc60c679590fe3a0f611c07b7ca257e44882ab64571960f4f Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://home-ionos.logi0023.workers.dev/ accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Fri, 24 Nov 2023 10:38:06 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 1a2c38e2e8c84a7aa04cdf5ca573e927 x-dropbox-response-origin far_remote content-disposition inline; filename="main.min.js"; filename*=UTF-8''main.min.js pragma public server envoy x-server-response-time 373 vary Accept-Encoding content-type application/javascript cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	opensans-regular.woff ce1.uicdn.net/exos/fonts/open-sans/	62 KB 63 KB	277ms 179ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 10:38:06 GMT last-modified Tue, 12 Jun 2018 09:26:07 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 63712 expires Thu, 05 Sep 2024 09:00:25 GMT
GET H2	200	exos-icon-font.woff ce1.uicdn.net/exos/icons/	50 KB 50 KB	292ms 194ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=13 Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/jr1ehlcily2eee8/navigation.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 35538b399f40d6db114f64b970fb8a612d88d833906f95f4cb8675c0277ecfb3 Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 10:38:06 GMT last-modified Fri, 05 Aug 2022 04:39:12 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 50688 expires Thu, 05 Sep 2024 09:01:51 GMT
GET H2	200	overpass-regular.woff ce1.uicdn.net/exos/fonts/overpass/	42 KB 42 KB	260ms 162ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5 Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 10:38:06 GMT last-modified Tue, 12 Jun 2018 09:26:06 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 42580 expires Thu, 05 Sep 2024 09:00:26 GMT
GET H2	200	opensans-bold.woff ce1.uicdn.net/exos/fonts/open-sans/	62 KB 62 KB	222ms 125ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9 Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 10:38:06 GMT last-modified Tue, 12 Jun 2018 09:26:07 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 63564 expires Thu, 05 Sep 2024 09:00:26 GMT
GET H2	200	overpass-bold.woff ce1.uicdn.net/exos/fonts/overpass/	41 KB 41 KB	179ms 81ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/overpass/overpass-bold.woff Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 10:38:06 GMT last-modified Tue, 12 Jun 2018 09:26:06 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 42092 expires Thu, 05 Sep 2024 09:00:26 GMT
GET H/1.1	200 200	bundle.min.js Show response frontend-services.ionos.com/t/sentry/	65 KB 21 KB	268ms 85ms	Script application/javascript	217.160.86.74 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://frontend-services.ionos.com/t/sentry/bundle.min.js Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/2gwq5pwi51cw68j/webmail-login.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.160.86.74 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS frontend-services.ionos.com Software Apache / Resource Hash 446e661df3f91198c9bf3aa78539687f88da3e4385bd817d4a0436b694c72003 Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 24 Nov 2023 10:38:06 GMT Content-Encoding gzip Last-Modified Sat, 26 Oct 1985 07:15:00 GMT Server Apache ETag W/"66529-499158900000-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Cache-Control public, max-age=86400, s-maxage=900 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H2	200	false Show response home-ionos.logi0023.workers.dev/	220 KB 17 KB	55ms 54ms	Script text/html	172.67.157.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home-ionos.logi0023.workers.dev/false Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/2gwq5pwi51cw68j/webmail-login.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.157.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a31b182a6ea96076666a29c91401c602df62307448e360726a912d6d2db2eca Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 10:38:06 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY7hES0aeTEzQqptKvPZg6qSlGc0gZmzsGP%2BqFPECXv7FQKXuULIWNskQcUJJ0lYzlmnWMmZo4IBzS9FexQAyOQwOZgpFdf0nIU92tRj%2FNSlLbelpWrskikSHIqWjhQ0Jpj%2BIpURiB69MSWf1GHN5oKG"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 cf-ray 82b1053b6c462178-MAD alt-svc h3=":443"; ma=86400
GET H/1.1	200 200	webmail-login.js Show response frontend-services.ionos.com/t/tag/IONOS/	30 KB 9 KB	256ms 84ms	Script application/javascript	217.160.86.74 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://frontend-services.ionos.com/t/tag/IONOS/webmail-login.js Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.160.86.74 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS frontend-services.ionos.com Software Apache / Resource Hash c7774f50b8ffdac549e6f6a5686760ad87e9f58b1352cddd672fe274f45fbc94 Request headers accept-language pt-PT,pt;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Fri, 24 Nov 2023 10:38:06 GMT Content-Encoding gzip Last-Modified Fri, 24 Nov 2023 07:50:18 GMT Server Apache ETag W/"30558-1700812218000-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Cache-Control public, max-age=1800, s-maxage=900 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H2	200	status.json Show response home-ionos.logi0023.workers.dev/maintenance/	220 KB 17 KB	60ms 60ms	XHR text/html	172.67.157.19 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home-ionos.logi0023.workers.dev/maintenance/status.json Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.157.19 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a31b182a6ea96076666a29c91401c602df62307448e360726a912d6d2db2eca Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://home-ionos.logi0023.workers.dev/ X-Requested-With XMLHttpRequest accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 10:38:06 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KgpsBQ97xDeXDVENxI8ckF8URPpv7d%2F4CQVjmpKgjs%2Fz3wle%2Fwl4%2BtPohhski9d42%2FQ6zGDwuIPleNTrU%2B9RSSMRrPh5%2FBJS08yz1tGHCRR0Es2ssFpeoqWDbh7bFgAWvG8IM5nEWyhpBenyHeb%2F0n%2Bx"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 cf-ray 82b1053bacb62178-MAD alt-svc h3=":443"; ma=86400
POST H/1.1	200 200	getImgURL Show response ahab.ionos.com/1.0/app/	14 B 310 B	244ms 79ms	XHR application/octet-stream	217.160.86.41 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ahab.ionos.com/1.0/app/getImgURL Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.160.86.41 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ahab.ionos.com Software Apache / Resource Hash aad42f19d6df86355143db4aaedf13aa9cfa600881ed14a4f8394b95078a0e25 Request headers Accept */* Referer https://home-ionos.logi0023.workers.dev/ accept-language pt-PT,pt;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Fri, 24 Nov 2023 10:38:06 GMT Server Apache Vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers Content-Type application/octet-stream Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 14
GET		navigation.css undefined/navi/css/	0 0
GET DATA	200 OK	truncated /	251 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e429904c596758c38b6110935a28e2769b7b5aa73033d8e7c18319cb84c7c461 Request headers accept-language pt-PT,pt;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

undefined

URL

https://undefined/navi/css/navigation.css?v=4.16.3

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| getIP object| OAO string| oao_market_tld string| oao_market_language undefined| oao_hostName object| oaoTranslationLib object| translationDictionary object| stay_logged_in object| oao_moc_login object| $buoop function| $buo function| $ function| jQuery function| _ object| op undefined| $bu function| addToHomescreen object| Sentry

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dropboxusercontent.com/	1969-12-31 23:59:59	Name: uc_session Value: NG1w6BEC05yGXSH2DeU0ri4Gbj0f2yjRt3i2qAk4RXiXPvai8oJmOES1EcleRGwO

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.ipify.org/?format=jsonp&callback=getIP, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://undefined/navi/css/navigation.css?v=4.16.3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahab.ionos.com
api.ipify.org
ce1.uicdn.net
dl.dropboxusercontent.com
frontend-services.ionos.com
home-ionos.logi0023.workers.dev
undefined
undefined
162.125.66.15
172.67.157.19
173.231.16.77
213.165.66.58
217.160.86.41
217.160.86.74
01e226190f1f6e0fc60c679590fe3a0f611c07b7ca257e44882ab64571960f4f
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
3048d3206edfc502332e4c389889e99ba74d26a3681f341832a5e7ede799688a
35538b399f40d6db114f64b970fb8a612d88d833906f95f4cb8675c0277ecfb3
394cb290159c07321f7cc6dfe7788ea8837c7d41e95bbaff755813b93c91de49
446e661df3f91198c9bf3aa78539687f88da3e4385bd817d4a0436b694c72003
4a31b182a6ea96076666a29c91401c602df62307448e360726a912d6d2db2eca
5c2fc2d77a449aeb1a9c8da49904368e3d1b9f822e01721837cca1f04e7606d9
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9
9d27c279b8aef5083f4720d71b79ba18519d3f924955d7338932a5252555b669
aad42f19d6df86355143db4aaedf13aa9cfa600881ed14a4f8394b95078a0e25
af2b64f195f02450184238be2fe2ff93c390d875493498f703a6a3eaa4af72d8
bc680069d494352e34d678cc0885843716edb5dcabd181982dbc92899f127b09
c7774f50b8ffdac549e6f6a5686760ad87e9f58b1352cddd672fe274f45fbc94
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5
de1a4dc893507b130b3530a454b87cecbced238ea9bf94650d91d7163770b89c
e429904c596758c38b6110935a28e2769b7b5aa73033d8e7c18319cb84c7c461
fe2fe6bdc3efb919398a4f4a40bc24bbdbc38e7f81de2a6cd989d13b0c7132c3