home-ionos.logi0023.workers.dev Open in urlscan Pro
2606:4700:3031::6815:4238  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response home-ionos.logi0023.workers.dev/	220 KB 17 KB	958ms 91ms	Document text/html	2606:4700:3031::6815:4238 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4238 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a31b182a6ea96076666a29c91401c602df62307448e360726a912d6d2db2eca Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-ray 806b8d0549012bbe-FRA content-encoding br content-type text/html;charset=UTF-8 date Thu, 14 Sep 2023 20:58:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnXDKQ7yw3cb6ZTeki%2FoBXrBXRohT0kfRkHIIlVqWmcvrF7JCwRxMB7hGEKtzM%2BT63XiGCbZB7ke3ogF1CxKfzrs6laK6SKeOl0p%2BOyGtemtYJ6u6BgtaNEaeezKZ8nrBM7J2pK3TO9JxdJ6oa0WGW%2FKW2EjrmgQlC%2Fa7ByQ"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	ionos.min.css dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/	311 KB 47 KB	865ms 708ms	Stylesheet text/css	2620:100:6020:15::a27d:400f DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:100:6020:15::a27d:400f , United States, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash de1a4dc893507b130b3530a454b87cecbced238ea9bf94650d91d7163770b89c Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Thu, 14 Sep 2023 20:58:56 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 363fd53c0d5b43a6b95cb7a6091cbc72 x-dropbox-response-origin far_remote content-disposition inline; filename="ionos.min.css"; filename*=UTF-8''ionos.min.css pragma public server envoy x-server-response-time 365 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	login.min.css dl.dropboxusercontent.com/s/a4knhzdps2d1h98/	15 KB 7 KB	860ms 704ms	Stylesheet text/css	2620:100:6020:15::a27d:400f DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/a4knhzdps2d1h98/login.min.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:100:6020:15::a27d:400f , United States, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 9d27c279b8aef5083f4720d71b79ba18519d3f924955d7338932a5252555b669 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Thu, 14 Sep 2023 20:58:56 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 3d5ec1410d5a42d8bf7b135f264934e6 x-dropbox-response-origin far_remote content-disposition inline; filename="login.min.css"; filename*=UTF-8''login.min.css pragma public server envoy x-server-response-time 263 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	inpagelayer.css dl.dropboxusercontent.com/s/d65hjtnb4uhm0os/	20 KB 5 KB	559ms 402ms	Stylesheet text/css	2620:100:6020:15::a27d:400f DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/d65hjtnb4uhm0os/inpagelayer.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:100:6020:15::a27d:400f , United States, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 3048d3206edfc502332e4c389889e99ba74d26a3681f341832a5e7ede799688a Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Thu, 14 Sep 2023 20:58:56 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 5680652e55754e0ab813ac8e3054c630 x-dropbox-response-origin far_remote content-disposition inline; filename="inpagelayer.css"; filename*=UTF-8''inpagelayer.css pragma public server envoy x-server-response-time 221 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	navigation.css dl.dropboxusercontent.com/s/jr1ehlcily2eee8/	115 KB 32 KB	793ms 636ms	Stylesheet text/css	2620:100:6020:15::a27d:400f DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/jr1ehlcily2eee8/navigation.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:100:6020:15::a27d:400f , United States, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash bc680069d494352e34d678cc0885843716edb5dcabd181982dbc92899f127b09 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Thu, 14 Sep 2023 20:58:56 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id ca04407482014ddabf31c188096e543a x-dropbox-response-origin far_remote content-disposition inline; filename="navigation.css"; filename*=UTF-8''navigation.css pragma public server envoy x-server-response-time 277 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	statuspage.css dl.dropboxusercontent.com/s/4iosd455jxmepdn/	5 KB 1 KB	863ms 706ms	Stylesheet text/css	2620:100:6020:15::a27d:400f DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/4iosd455jxmepdn/statuspage.css Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:100:6020:15::a27d:400f , United States, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 394cb290159c07321f7cc6dfe7788ea8837c7d41e95bbaff755813b93c91de49 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Thu, 14 Sep 2023 20:58:56 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 13537c4269fb4748b93751e91560350c x-dropbox-response-origin far_remote content-disposition inline; filename="statuspage.css"; filename*=UTF-8''statuspage.css pragma public server envoy x-server-response-time 291 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H/1.1	200 OK	/ Show response api.ipify.org/	27 B 201 B	839ms 195ms	Script application/javascript	173.231.16.77 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=jsonp&callback=getIP Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 173.231.16.77 , United States, ASN18450 (WEBNX, US), Reverse DNS 173-231-16-77.static.webnx.com Software nginx/1.25.1 / Resource Hash 642d4f0a52dffd63f463d62355cc15ae5906585aa3c84dd9bdfd5d0df1b2f94b Request headers Referer https://home-ionos.logi0023.workers.dev/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Thu, 14 Sep 2023 20:58:57 GMT Server nginx/1.25.1 Connection keep-alive Content-Length 27 Vary Origin Content-Type application/javascript
GET H2	200	webmail-login.js Show response dl.dropboxusercontent.com/s/2gwq5pwi51cw68j/	29 KB 9 KB	858ms 702ms	Script application/javascript	2620:100:6020:15::a27d:400f DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/2gwq5pwi51cw68j/webmail-login.js Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:100:6020:15::a27d:400f , United States, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash fe2fe6bdc3efb919398a4f4a40bc24bbdbc38e7f81de2a6cd989d13b0c7132c3 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Thu, 14 Sep 2023 20:58:56 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 6151c638f8944283a78b3c5b7f8668f2 x-dropbox-response-origin far_remote content-disposition inline; filename="webmail-login.js"; filename*=UTF-8''webmail-login.js pragma public server envoy x-server-response-time 280 vary Accept-Encoding content-type application/javascript cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	navigation.js Show response dl.dropboxusercontent.com/s/oj9ah2x8ut82uao/	307 KB 92 KB	376ms 374ms	Script application/javascript	2620:100:6020:15::a27d:400f DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/oj9ah2x8ut82uao/navigation.js Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:100:6020:15::a27d:400f , United States, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 5c2fc2d77a449aeb1a9c8da49904368e3d1b9f822e01721837cca1f04e7606d9 Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Thu, 14 Sep 2023 20:58:56 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 90cfaa68c782429ca363842469c3d84f x-dropbox-response-origin far_remote content-disposition inline; filename="navigation.js"; filename*=UTF-8''navigation.js pragma public server envoy x-server-response-time 216 vary Accept-Encoding content-type application/javascript cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	main.min.js Show response dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/	211 KB 79 KB	641ms 486ms	Script application/javascript	2620:100:6020:15::a27d:400f DROPBOX
General Check archive.org Show headers Download Go to Full URL https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js Requested by Host: home-ionos.logi0023.workers.dev URL: https://home-ionos.logi0023.workers.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:100:6020:15::a27d:400f , United States, ASN19679 (DROPBOX, US), Reverse DNS Software envoy / Resource Hash 01e226190f1f6e0fc60c679590fe3a0f611c07b7ca257e44882ab64571960f4f Security Headers Name Value Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://home-ionos.logi0023.workers.dev/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers content-security-policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none' date Thu, 14 Sep 2023 20:58:56 GMT x-content-type-options nosniff accept-encoding identity,gzip content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload x-dropbox-request-id 6a2f058efa764e998dba7db71877a51b x-dropbox-response-origin far_remote content-disposition inline; filename="main.min.js"; filename*=UTF-8''main.min.js pragma public server envoy x-server-response-time 274 vary Accept-Encoding content-type application/javascript cache-control max-age=60 accept-ranges bytes x-robots-tag noindex, nofollow, noimageindex
GET H2	200	opensans-regular.woff ce1.uicdn.net/exos/fonts/open-sans/	62 KB 63 KB	240ms 77ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 20:58:57 GMT last-modified Tue, 12 Jun 2018 09:26:07 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 63712 expires Thu, 05 Sep 2024 09:00:08 GMT
GET H2	200	exos-icon-font.woff ce1.uicdn.net/exos/icons/	50 KB 50 KB	334ms 172ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=13 Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/jr1ehlcily2eee8/navigation.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 35538b399f40d6db114f64b970fb8a612d88d833906f95f4cb8675c0277ecfb3 Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 20:58:57 GMT last-modified Fri, 05 Aug 2022 04:39:12 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 50688 expires Thu, 05 Sep 2024 09:00:08 GMT
GET H2	200	overpass-regular.woff ce1.uicdn.net/exos/fonts/overpass/	42 KB 42 KB	378ms 216ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5 Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 20:58:57 GMT last-modified Tue, 12 Jun 2018 09:26:06 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 42580 expires Thu, 05 Sep 2024 09:00:08 GMT
GET H2	200	opensans-bold.woff ce1.uicdn.net/exos/fonts/open-sans/	62 KB 62 KB	404ms 243ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/open-sans/opensans-bold.woff Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9 Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 20:58:57 GMT last-modified Tue, 12 Jun 2018 09:26:07 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 63564 expires Thu, 05 Sep 2024 09:00:09 GMT
GET H2	200	overpass-bold.woff ce1.uicdn.net/exos/fonts/overpass/	41 KB 41 KB	454ms 293ms	Font application/font-woff	213.165.66.58 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ce1.uicdn.net/exos/fonts/overpass/overpass-bold.woff Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/tos2ig1ha0fqmv6/ionos.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ce1.uicdn.net Software Apache / Resource Hash 7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc Request headers Referer https://dl.dropboxusercontent.com/ Origin https://home-ionos.logi0023.workers.dev accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 20:58:57 GMT last-modified Tue, 12 Jun 2018 09:26:06 GMT server Apache x-cache-status HIT content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 42092 expires Thu, 05 Sep 2024 09:00:09 GMT
GET H/1.1	200 200	bundle.min.js Show response frontend-services.ionos.com/t/sentry/	65 KB 21 KB	215ms 45ms	Script application/javascript	217.160.86.61 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://frontend-services.ionos.com/t/sentry/bundle.min.js Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/2gwq5pwi51cw68j/webmail-login.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.160.86.61 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS frontend-services.ionos.com Software Apache / Resource Hash 446e661df3f91198c9bf3aa78539687f88da3e4385bd817d4a0436b694c72003 Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Thu, 14 Sep 2023 20:58:57 GMT Content-Encoding gzip Last-Modified Sat, 26 Oct 1985 07:15:00 GMT Server Apache ETag W/"66529-499158900000-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Cache-Control public, max-age=86400, s-maxage=900 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H2	200	false Show response home-ionos.logi0023.workers.dev/	220 KB 17 KB	72ms 69ms	Script text/html	2606:4700:3031::6815:4238 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home-ionos.logi0023.workers.dev/false Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/2gwq5pwi51cw68j/webmail-login.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4238 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a31b182a6ea96076666a29c91401c602df62307448e360726a912d6d2db2eca Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 20:58:57 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGwp6NfbKT2y7eTmSvqhwnRWpZSNLxDBGYIr1mM3D6OltYrrGtnsp%2F9URsQqN9Z61aZBAYUb9qkkKnM1kUmD3%2Bu6SBSzomMuDs%2FTDjxg7gBEqtopHvygQX3GVlnPC8JySOq05aOjJwmkN2WomwExSabdt3TVeoOWjmgMQId%2B"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 cf-ray 806b8d0c7c512bbe-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 200	webmail-login.js Show response frontend-services.ionos.com/t/tag/IONOS/	30 KB 8 KB	180ms 72ms	Script application/javascript	217.160.86.61 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://frontend-services.ionos.com/t/tag/IONOS/webmail-login.js Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.160.86.61 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS frontend-services.ionos.com Software Apache / Resource Hash 4eda3defa807e5326768cba8d072faa49de0b01519c6b8c9b567e50baf4b4560 Request headers accept-language nl-NL,nl;q=0.9 Referer https://home-ionos.logi0023.workers.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Thu, 14 Sep 2023 20:58:57 GMT Content-Encoding gzip Last-Modified Tue, 12 Sep 2023 07:15:18 GMT Server Apache ETag W/"30242-1694502918000-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Cache-Control public, max-age=1800, s-maxage=900 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H2	200	status.json Show response home-ionos.logi0023.workers.dev/maintenance/	220 KB 17 KB	48ms 46ms	XHR text/html	2606:4700:3031::6815:4238 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://home-ionos.logi0023.workers.dev/maintenance/status.json Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:4238 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a31b182a6ea96076666a29c91401c602df62307448e360726a912d6d2db2eca Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://home-ionos.logi0023.workers.dev/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Thu, 14 Sep 2023 20:58:57 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOxYNCQxJxY87xUGZHGYW%2FvNyXSgMGgiY8ONkn54FPrCoY2VbLQv9qoTQHxHKS5WdvI9NSN4ZoEetcrCc08604i%2BZhcKYadoei74OSCz4Yf4BctBggAxsQLr39FswwWUFphoeOo%2BzSKijiPq2%2BedmXBUK5ctgXQ1G550aYRd"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 cf-ray 806b8d0d3d642bbe-FRA alt-svc h3=":443"; ma=86400
POST H/1.1	200 200	getImgURL Show response ahab.ionos.com/1.0/app/	14 B 310 B	215ms 67ms	XHR application/octet-stream	217.160.86.48 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://ahab.ionos.com/1.0/app/getImgURL Requested by Host: dl.dropboxusercontent.com URL: https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 217.160.86.48 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ahab.ionos.com Software Apache / Resource Hash aad42f19d6df86355143db4aaedf13aa9cfa600881ed14a4f8394b95078a0e25 Request headers Accept */* Referer https://home-ionos.logi0023.workers.dev/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Date Thu, 14 Sep 2023 20:58:57 GMT Server Apache Vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers Content-Type application/octet-stream Access-Control-Allow-Origin * Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 14
GET		navigation.css undefined/navi/css/	0 0
GET DATA	200 OK	truncated /	251 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e429904c596758c38b6110935a28e2769b7b5aa73033d8e7c18319cb84c7c461 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Content-Type image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

undefined

URL

https://undefined/navi/css/navigation.css?v=4.16.3

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| getIP object| OAO string| oao_market_tld string| oao_market_language undefined| oao_hostName object| oaoTranslationLib object| translationDictionary object| stay_logged_in object| oao_moc_login object| $buoop function| $buo function| $ function| jQuery function| _ object| op undefined| $bu function| addToHomescreen object| Sentry

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dropboxusercontent.com/	1969-12-31 23:59:59	Name: uc_session Value: V0IIv6vznjgBkrUu7ZKxLIquEmIQd7fwzonVg8CWRYNJPEVglvj5gsRJYtTXK9o0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://api.ipify.org/?format=jsonp&callback=getIP, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dl.dropboxusercontent.com/s/sxcxrpqd90zqzz2/main.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://undefined/navi/css/navigation.css?v=4.16.3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahab.ionos.com
api.ipify.org
ce1.uicdn.net
dl.dropboxusercontent.com
frontend-services.ionos.com
home-ionos.logi0023.workers.dev
undefined
undefined
173.231.16.77
213.165.66.58
217.160.86.48
217.160.86.61
2606:4700:3031::6815:4238
2620:100:6020:15::a27d:400f
01e226190f1f6e0fc60c679590fe3a0f611c07b7ca257e44882ab64571960f4f
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
3048d3206edfc502332e4c389889e99ba74d26a3681f341832a5e7ede799688a
35538b399f40d6db114f64b970fb8a612d88d833906f95f4cb8675c0277ecfb3
394cb290159c07321f7cc6dfe7788ea8837c7d41e95bbaff755813b93c91de49
446e661df3f91198c9bf3aa78539687f88da3e4385bd817d4a0436b694c72003
4a31b182a6ea96076666a29c91401c602df62307448e360726a912d6d2db2eca
4eda3defa807e5326768cba8d072faa49de0b01519c6b8c9b567e50baf4b4560
5c2fc2d77a449aeb1a9c8da49904368e3d1b9f822e01721837cca1f04e7606d9
642d4f0a52dffd63f463d62355cc15ae5906585aa3c84dd9bdfd5d0df1b2f94b
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9
9d27c279b8aef5083f4720d71b79ba18519d3f924955d7338932a5252555b669
aad42f19d6df86355143db4aaedf13aa9cfa600881ed14a4f8394b95078a0e25
bc680069d494352e34d678cc0885843716edb5dcabd181982dbc92899f127b09
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5
de1a4dc893507b130b3530a454b87cecbced238ea9bf94650d91d7163770b89c
e429904c596758c38b6110935a28e2769b7b5aa73033d8e7c18319cb84c7c461
fe2fe6bdc3efb919398a4f4a40bc24bbdbc38e7f81de2a6cd989d13b0c7132c3