pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
Effective URL:
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
Submission: On August 29 via api (August 29th 2024, 11:48:23 pm UTC) from US — Scanned from US

Summary HTTP 19 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev.
TLS certificate: Issued by E6 on August 1st 2024. Valid for: 3 months.

This is the only time pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication) Generic Cloudflare (Online) Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:4780:b:1... 2a02:4780:b:1306:0:a13:ad6c:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
5	213.165.66.58 213.165.66.58	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	104.26.13.205 104.26.13.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.35.33.215 195.35.33.215	47583 (AS-HOSTINGER) (AS-HOSTINGER)
19	6

6 2606:4700::6812:323 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:4780:b:1306:0:a13:ad6c:2 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

wafsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.165.66.58 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ce1.uicdn.net

ce1.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.35.33.215 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

wafsd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	wafsd.com wafsd.com	79 KB
6	r2.dev 1 redirects pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev	129 KB
5	uicdn.net ce1.uicdn.net — Cisco Umbrella Rank: 319611	259 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2512	155 B
19	4

	Domain	Requested by
8	wafsd.com	pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
6	pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev	1 redirects pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
5	ce1.uicdn.net	wafsd.com
1	api.ipify.org	pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
19	4

This site contains links to these domains. Also see Links.

Domain
id.ionos.co.uk
www.ionos.co.uk
www.ionos-status.co.uk

Subject Issuer	Validity	Valid
*.r2.dev E6	`2024-08-01` - `2024-10-30`	3 months	crt.sh
wafsd.com R10	`2024-08-15` - `2024-11-13`	3 months	crt.sh
ce1.uicdn.net GeoTrust RSA CA 2018	`2024-03-20` - `2025-03-09`	a year	crt.sh
ipify.org WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
Frame ID: 51995A6D2B027A0F1D06C26807EC0B9E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Login

Page URL History Show full URLs

http://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html HTTP 307
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html Page URL
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/phish-bypass?atok=slH36_8ETirP7y7_tDgAC6wBddkKrHKZ0sufTWZyOyQ-172497... HTTP 301
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html Page URL

Page Statistics

19
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

3
Countries

466 kB
Transfer

1180 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://id.ionos.co.uk/
Title: Webmail Login

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/security-c85228/browser-security-c85266
Title: Learn more

Search URL Search Domain Scan URL

URL: https://id.ionos.co.uk/identifier

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2327
Title: Forgot Your Password?

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=5430
Title: private browsing mode

Search URL Search Domain Scan URL

URL: https://www.ionos-status.co.uk/?utm_medium=footer&utm_content=none&utm_source=LOGIN_ID&utm_campaign=password&utm_term=no_search
Title: All Systems Operational

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/about
Title: IONOS Cloud Ltd.

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/terms-gtc/terms-privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/terms-gtc
Title: T&Cs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html HTTP 307
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html Page URL
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/phish-bypass?atok=slH36_8ETirP7y7_tDgAC6wBddkKrHKZ0sufTWZyOyQ-1724975294-0.0.1.1-%2Findex.html HTTP 301
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html HTTP 307
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

index.html Show response
pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
Redirect Chain

http://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

4 KB
5 KB

254ms
38ms

Document
text/html

2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac61c8760154cb029c403203152c03ac7911ac68a6a3ee9b35b14474e1089af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

CF-RAY: 8bb06e445c7db3c2-MIA
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 29 Aug 2024 23:48:14 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK cf.errors.css
pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/styles/ 23 KB
5 KB 33ms
33ms Stylesheet
text/css 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/styles/cf.errors.css

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 29 Aug 2024 23:48:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Aug 2024 19:10:22 GMT
Server: cloudflare
ETag: W/"66ce249e-5df3"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=7200, public
Connection: keep-alive
CF-RAY: 8bb06e44accbb3c2-MIA
Expires: Fri, 30 Aug 2024 01:48:14 GMT

GET
H/1.1 200
OK icon-exclamation.png
pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/images/ 452 B
889 B 34ms
34ms Image
image/png 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/styles/cf.errors.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 29 Aug 2024 23:48:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Aug 2024 19:10:22 GMT
Server: cloudflare
ETag: "66ce249e-1c4"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=7200, public
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8bb06e44ed0fb3c2-MIA
Content-Length: 452
Expires: Fri, 30 Aug 2024 01:48:14 GMT

GET
H/1.1 404
Not Found favicon.ico
pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/ 27 KB
27 KB 503ms
503ms Other
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 29 Aug 2024 23:48:14 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 8bb06e453d57b3c2-MIA
Content-Length: 27150
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1

200
OK

Primary Request index.html Show response
pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
Redirect Chain

https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/cdn-cgi/phish-bypass?atok=slH36_8ETirP7y7_tDgAC6wBddkKrHKZ0sufTWZyOyQ-1724975294-0.0.1.1-%2Findex.html
https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

91 KB
91 KB

204ms
203ms

Document
text/html

2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f318b9a69569ed8a1afb27b5fa6134046d9f8f81bafc79977ba0a017bf266e7d

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
CF-RAY: 8bb06e5b6eedb3c2-MIA
Connection: keep-alive
Content-Length: 93003
Content-Type: text/html
Date: Thu, 29 Aug 2024 23:48:17 GMT
ETag: "30016b518369e7c0b6cb63edbd8bbd42"
Last-Modified: Mon, 26 Aug 2024 08:40:56 GMT
Server: cloudflare
Vary: Accept-Encoding

Redirect headers

CF-RAY: 8bb06e5b2ea8b3c2-MIA
Cache-Control: private, no-cache
Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Thu, 29 Aug 2024 23:48:17 GMT
Location: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
Server: cloudflare
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

GET
H2 200 ionos.min.css
wafsd.com/new/ionos/media/ 625 KB
50 KB 413ms
169ms Stylesheet
text/css 2a02:4780:b:1306:0:a13:ad6c:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://wafsd.com/new/ionos/media/ionos.min.css

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1306:0:a13:ad6c:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

f32a6d307a2f1c07ebd223f76c552da130258b8db5c931300dfd0ace317f3fb7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 03 Jul 2024 08:49:30 GMT
server: LiteSpeed
panel: hpanel
etag: "9c41e-6685109a-895b5eef15a2d3db;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 50843
expires: Thu, 05 Sep 2024 23:48:18 GMT

GET
H2 200 main.min.css
wafsd.com/new/ionos/media/ 1 B
61 B 350ms
106ms Stylesheet
text/css 2a02:4780:b:1306:0:a13:ad6c:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://wafsd.com/new/ionos/media/main.min.css

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1306:0:a13:ad6c:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:18 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 03 Jul 2024 08:49:31 GMT
server: LiteSpeed
panel: hpanel
etag: "1-6685109b-86660ad2467b975f;;;"
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1
expires: Thu, 05 Sep 2024 23:48:18 GMT

GET
H2 200 inpagelayer.css
wafsd.com/new/ionos/media/ 19 KB
4 KB 350ms
107ms Stylesheet
text/css 2a02:4780:b:1306:0:a13:ad6c:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://wafsd.com/new/ionos/media/inpagelayer.css

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1306:0:a13:ad6c:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

156fff51eef108bb0a947c468c7650d265b3a12e248795296c3d37f6bb68c3b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 03 Jul 2024 08:49:30 GMT
server: LiteSpeed
panel: hpanel
etag: "4cc2-6685109a-ad35c9baa527cf2d;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3625
expires: Thu, 05 Sep 2024 23:48:18 GMT

GET
H2 200 navigation.css
wafsd.com/new/ionos/media/ 116 KB
21 KB 351ms
107ms Stylesheet
text/css 2a02:4780:b:1306:0:a13:ad6c:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://wafsd.com/new/ionos/media/navigation.css

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1306:0:a13:ad6c:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

bdd725358e25ed9845671d819c8092bed4861617ef7f23a493a43a895f7c56dc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 03 Jul 2024 08:49:31 GMT
server: LiteSpeed
panel: hpanel
etag: "1cf95-6685109b-3e48239a3a72a8f5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 21619
expires: Thu, 05 Sep 2024 23:48:18 GMT

GET
H2 200 statuspage.css
wafsd.com/new/ionos/media/ 5 KB
1015 B 330ms
87ms Stylesheet
text/css 2a02:4780:b:1306:0:a13:ad6c:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://wafsd.com/new/ionos/media/statuspage.css

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1306:0:a13:ad6c:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

121cc83113b8e6f35952fbe95290cff681bc509d0ee9b5c8d110737095a9132f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 03 Jul 2024 08:49:32 GMT
server: LiteSpeed
panel: hpanel
etag: "1257-6685109c-9e95ad4bd0596c52;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 926
expires: Thu, 05 Sep 2024 23:48:18 GMT

GET
H2 200 starter-main.min.css
wafsd.com/new/ionos/media/ 2 KB
966 B 329ms
86ms Stylesheet
text/css 2a02:4780:b:1306:0:a13:ad6c:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://wafsd.com/new/ionos/media/starter-main.min.css

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1306:0:a13:ad6c:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

254d8714e7cb6ef7c54facbb03e38abb92149a6049c33fa3dbdc2dda2811050f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 03 Jul 2024 08:49:31 GMT
server: LiteSpeed
panel: hpanel
etag: "80d-6685109b-b3e7d4ca3866f174;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 578
expires: Thu, 05 Sep 2024 23:48:18 GMT

GET
H2 200 password.svg
wafsd.com/new/ionos/media/ 3 KB
1 KB 178ms
177ms Image
image/svg+xml 2a02:4780:b:1306:0:a13:ad6c:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wafsd.com/new/ionos/media/password.svg

Requested by

Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1306:0:a13:ad6c:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5377c59be86ec8cf1be5182f36a62cfffa1a44f0dd1d55972bdc91a884cdc0f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 03 Jul 2024 08:49:31 GMT
server: LiteSpeed
panel: hpanel
etag: "dd5-6685109b-6b49381d4dc6a18c;br"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1170
expires: Thu, 05 Sep 2024 23:48:18 GMT

GET
H2 200 opensans-regular.woff
ce1.uicdn.net/exos/fonts/open-sans/ 62 KB
63 KB 637ms
290ms Font
application/font-woff 213.165.66.58
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ce1.uicdn.net/exos/fonts/open-sans/opensans-regular.woff
Requested by: Host: wafsd.com
URL: https://wafsd.com/new/ionos/media/ionos.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: ce1.uicdn.net
Software: Apache /
Resource Hash: 2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b

Request headers

Referer: https://wafsd.com/
Origin: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:19 GMT
last-modified: Tue, 12 Jun 2018 09:26:07 GMT
server: Apache
x-cache-status: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 63712
expires: Fri, 15 Aug 2025 11:46:09 GMT

GET
H2 200 / Show response
api.ipify.org/ 22 B
155 B 181ms
96ms Fetch
application/json 104.26.13.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f3f3b376e1b2f21d04e79bacb8bfc970a17d787b9e5b05d5cc5f285a4e79f3

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: *
cf-ray: 8bb06e60e8702886-MIA
content-length: 22

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e429904c596758c38b6110935a28e2769b7b5aa73033d8e7c18319cb84c7c461

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 exos-icon-font.woff
ce1.uicdn.net/exos/icons/ 42 KB
43 KB 841ms
533ms Font
application/font-woff 213.165.66.58
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=15
Requested by: Host: wafsd.com
URL: https://wafsd.com/new/ionos/media/ionos.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: ce1.uicdn.net
Software: Apache /
Resource Hash: 73f8cb41ea4fb41e7dd6a99f2f84a564dce83010f7bbff2f3eb0884092cc91c5

Request headers

Referer: https://wafsd.com/
Origin: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:19 GMT
last-modified: Tue, 13 Aug 2024 10:59:35 GMT
server: Apache
x-cache-status: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43452
expires: Fri, 15 Aug 2025 11:46:17 GMT

GET
H2 200 overpass-regular.woff
ce1.uicdn.net/exos/fonts/overpass/ 42 KB
42 KB 925ms
617ms Font
application/font-woff 213.165.66.58
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ce1.uicdn.net/exos/fonts/overpass/overpass-regular.woff
Requested by: Host: wafsd.com
URL: https://wafsd.com/new/ionos/media/ionos.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: ce1.uicdn.net
Software: Apache /
Resource Hash: d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5

Request headers

Referer: https://wafsd.com/
Origin: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:19 GMT
last-modified: Tue, 12 Jun 2018 09:26:06 GMT
server: Apache
x-cache-status: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 42580
expires: Fri, 15 Aug 2025 11:46:07 GMT

GET
H2 200 opensans-semibold.woff
ce1.uicdn.net/exos/fonts/open-sans/ 68 KB
69 KB 984ms
677ms Font
application/font-woff 213.165.66.58
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ce1.uicdn.net/exos/fonts/open-sans/opensans-semibold.woff
Requested by: Host: wafsd.com
URL: https://wafsd.com/new/ionos/media/ionos.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: ce1.uicdn.net
Software: Apache /
Resource Hash: b0390aa3e137e3e49d7d6ed5d86c208fec1dd45ff8a56836c3f86c2e32cd2d7a

Request headers

Referer: https://wafsd.com/
Origin: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:19 GMT
last-modified: Tue, 12 Jun 2018 09:26:11 GMT
server: Apache
x-cache-status: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 69888
expires: Fri, 15 Aug 2025 11:46:09 GMT

GET
H2 200 exos-icon-font.woff
ce1.uicdn.net/exos/icons/ 42 KB
43 KB 159ms
158ms Font
application/font-woff 213.165.66.58
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://ce1.uicdn.net/exos/icons/exos-icon-font.woff?v=16
Requested by: Host: wafsd.com
URL: https://wafsd.com/new/ionos/media/ionos.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.165.66.58 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: ce1.uicdn.net
Software: Apache /
Resource Hash: 73f8cb41ea4fb41e7dd6a99f2f84a564dce83010f7bbff2f3eb0884092cc91c5

Request headers

Referer: https://wafsd.com/
Origin: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:19 GMT
last-modified: Tue, 13 Aug 2024 10:59:35 GMT
server: Apache
x-cache-status: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43452
expires: Fri, 15 Aug 2025 11:46:09 GMT

GET
H3 200 favicon.ico
wafsd.com/new/ionos/media/ 7 KB
1 KB 86ms
86ms Other
image/x-icon 195.35.33.215
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://wafsd.com/new/ionos/media/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

195.35.33.215 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

192483228ae6cdab87abbbde507440bffbdc1d90e7fd565f915c19b820cff3b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 23:48:19 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Wed, 03 Jul 2024 08:49:29 GMT
server: LiteSpeed
panel: hpanel
etag: "1cee-66851099-129b82cd6b2b1284;br"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1151
expires: Thu, 05 Sep 2024 23:48:19 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication) Generic Cloudflare (Online) Generic Email (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/	1970-01-20 23:11:01	Name: __cf_mw_byp Value: slH36_8ETirP7y7_tDgAC6wBddkKrHKZ0sufTWZyOyQ-1724975294-0.0.1.1-/index.html

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
ce1.uicdn.net
pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev
wafsd.com
104.26.13.205
195.35.33.215
213.165.66.58
2606:4700::6812:323
2a02:4780:b:1306:0:a13:ad6c:2
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
121cc83113b8e6f35952fbe95290cff681bc509d0ee9b5c8d110737095a9132f
156fff51eef108bb0a947c468c7650d265b3a12e248795296c3d37f6bb68c3b7
192483228ae6cdab87abbbde507440bffbdc1d90e7fd565f915c19b820cff3b0
254d8714e7cb6ef7c54facbb03e38abb92149a6049c33fa3dbdc2dda2811050f
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
30f3f3b376e1b2f21d04e79bacb8bfc970a17d787b9e5b05d5cc5f285a4e79f3
3ac61c8760154cb029c403203152c03ac7911ac68a6a3ee9b35b14474e1089af
5377c59be86ec8cf1be5182f36a62cfffa1a44f0dd1d55972bdc91a884cdc0f7
73f8cb41ea4fb41e7dd6a99f2f84a564dce83010f7bbff2f3eb0884092cc91c5
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9eb52ee46c7ab5ea4ca0982415da99fded1b7d7354f75e50847bdae6cb44eb66
b0390aa3e137e3e49d7d6ed5d86c208fec1dd45ff8a56836c3f86c2e32cd2d7a
bdd725358e25ed9845671d819c8092bed4861617ef7f23a493a43a895f7c56dc
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5
e429904c596758c38b6110935a28e2769b7b5aa73033d8e7c18319cb84c7c461
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f318b9a69569ed8a1afb27b5fa6134046d9f8f81bafc79977ba0a017bf266e7d
f32a6d307a2f1c07ebd223f76c552da130258b8db5c931300dfd0ace317f3fb7

pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev Open in urlscan Pro 2606:4700::6812:323 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

100 %HTTPS

40 %IPv6

4 Domains

4 Subdomains

6 IPs

3 Countries

466 kBTransfer

1180 kBSize

1 Cookies

9 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

pub-ce590c8008dd46aa848d10123b5c43ea.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

3
Countries

466 kB
Transfer

1180 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!