email.atachment.click Open in urlscan Pro
172.67.199.8  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://paks2-5240001392.loadars.click/1503257302?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Page URL
2. https://email.atachment.click/synchronization.aspx?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Page URL
3. https://email.atachment.click/synchronization.aspx?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	1503257302 Show response paks2-5240001392.loadars.click/	491 B 867 B	900ms 385ms	Document text/html	104.21.66.251 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paks2-5240001392.loadars.click/1503257302?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.66.251 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0f454b0ee4742d86cc6497e1dab1394e426da30aa3bf36654b0a88437896556 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 82916a0eeb369a1e-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 20 Nov 2023 14:34:32 GMT dn-request-id 65b906a3a0c99edad1bf0f388718caba dynamic-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BS7FnXPzgXrkTP2OMUNo9%2FH%2Fqp7ME6NW0Nj%2FaFTLVS%2FnyHXAs7tq5uTLmRjHFJf2zkNb98KTBXvMPl1OFwCnjpFrvHC7OEL0X3YuVC1zD%2BUZpEY5mz8VqMMq0IAwD2hp5iXo%2BG4fyQ1N85GSxUfQpz4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Accept-Encoding
GET H2	200	synchronization.aspx email.atachment.click/	162 KB 27 KB	1738ms 1137ms	Document text/html	172.67.199.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email.atachment.click/synchronization.aspx?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.199.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options DENY Request headers Referer https://paks2-5240001392.loadars.click/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 82916a1548995c68-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 20 Nov 2023 14:34:34 GMT dn-request-id 892ffec12ad0832f645eb7fdc3e22fd3 dynamic-cache-status BYPASS expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0mDnut6c63X%2BZvdpMjA3JLtNQY%2FhJ3P7UEYlmv1qaPEZS2mreqEN6NCiRebHMz2NXxSMMq12ExoSv9IkZ25%2BA2FF32eyoi7M4JlzRHUeJ%2BHxNUxxaarIIYtlMJywOuf%2B8%2FVzCwqSgs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Accept-Encoding x-frame-options DENY
GET DATA	200 OK	truncated /	14 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	Primary Request synchronization.aspx Show response email.atachment.click/	77 KB 58 KB	2116ms 2115ms	Document text/html	172.67.199.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email.atachment.click/synchronization.aspx?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.199.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3243ada7809fed4d9fb84237724555ceabe025d8dfdb4de5163f8a9b0d2b0de Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Frame-Options DENY Request headers Content-Type application/x-www-form-urlencoded Origin https://email.atachment.click Referer https://email.atachment.click/synchronization.aspx?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 82916a1ebb255c68-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 20 Nov 2023 14:34:36 GMT dn-request-id 83a3ea095ea353a3aa694d7a3dcbaa8c expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGHQ%2FkOfbkx7j1SU0WOd92c82XwYNSWdhAI6fdB0UQY5ptaL%2FNGkE8zqcgnrTvnXdz5FQaebhIDynEpQTUmalpzC7xe%2BxzHhYzgzHu89hhWXCW4%2BptH0vaOOgREHE240G4BVie5DsMs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Accept-Encoding x-frame-options DENY
GET H2	200	element.js Show response translate.google.com/translate_a/	89 KB 31 KB	513ms 28ms	Script text/javascript	142.250.186.142
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=de Requested by Host: paks2-5240001392.loadars.click URL: https://paks2-5240001392.loadars.click/1503257302?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.142 -, , ASN (), Reverse DNS Software ESF / Resource Hash c76a05eba14a139b39e959c569a5ec26f22943fcd10aa032270802a8f62d1afd Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://email.atachment.click/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 20 Nov 2023 14:34:37 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	30 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 07daee9f4c9f6b505c15a126761523b1fdf527717862683ba754de23914bab5b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type text/css
GET H2	200	W@BM3IL email.atachment.click/	0 339 B	196ms 195ms	Image text/html	172.67.199.8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email.atachment.click/W@BM3IL Requested by Host: email.atachment.click URL: https://email.atachment.click/synchronization.aspx?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.199.8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://email.atachment.click/synchronization.aspx?ofmlfkwowg5310031311=Lj0mXVQ6JiUgPCYlSzxTKE46JzQg&umid=E608A5DF-0A4E-C706-BE42-81CE02EEFCAB&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-b42766912999aa2c642884ec4658d216fdf061d8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 20 Nov 2023 14:34:37 GMT strict-transport-security max-age=63072000; includeSubDomains; preload dn-request-id ca0ddefcb62beb48ed5829c44bc7ab45 cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 pragma no-cache server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZ4V9ddy7fZO19WX3bFCJTZgNk73JOnF%2BAHB07VN7iifzemt%2BTDsspVh%2F%2BoC0KnD9r6F6%2F69ml8pql2iPITAIE1PTLGu%2FpU%2Bzk2IRPVk5CwRS969FP9D9ZgHA7rYFDixmoi87ZVsxiI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate dynamic-cache-status MISS cf-ray 82916a2d7a545c68-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET DATA	200 OK	truncated /	16 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f17280fd5697c24158054b557317f1ae7817f0cf10d5437f137cac293bcb269 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/jpeg
GET		m=el_main_css www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/	0 0
GET		m=el_main translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Izq_2y7NnYE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqXAPo-Ghe7vFDdcn-zkT7pxBSv0w/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.gstatic.com

URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=CAM/d=0/rs=AN8SPfqeKn8wA30q4viup18yaci8udUjKQ/m=el_main_css

Domain

translate.googleapis.com

URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.Izq_2y7NnYE.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqXAPo-Ghe7vFDdcn-zkT7pxBSv0w/m=el_main

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _EA function| _qh function| _fh function| _qM function| _tr function| _jM function| _bW function| _nk function| _yx function| _Gd function| _hK function| _sc function| _NI function| _H0 function| _uE function| _cu function| _w1 function| _ZI function| _ng function| _kQ function| _RX function| _KH function| _ef function| _qp function| _nJ function| _iD function| _FC function| _yA function| _Ro function| _EX function| _Uo function| _bw function| _JY function| _Dv function| _yv function| _HA function| _Ti function| _j9 function| _NJ function| _Mo function| _nN function| _Lh function| _AG function| _a2 function| _k1 function| _dS function| _XE function| _ut function| _gU function| _qO function| _fu function| _MW function| _ok function| _iM function| _gx function| _hW function| _Xs function| _qJ function| _pm function| _Ru function| _jH function| _mJ function| _ao function| _LD function| _BF function| _FN function| _XS function| _Uh function| _WJ function| _V0 function| _Cd function| _iO function| _IN function| _qN function| _ue function| _R4 number| q number| c number| u number| k number| f number| j number| s number| bJzX function| de

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			email.atachment.click/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4acc34eaa3a7b7b46517c0280ccffc98
			email.atachment.click/	1970-01-20 16:21:34	Name: googtrans Value: %2Fauto%2Fde
			.email.atachment.click/	1970-01-20 16:21:34	Name: googtrans Value: %2Fauto%2Fde

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.atachment.click
paks2-5240001392.loadars.click
translate.google.com
translate.googleapis.com
www.gstatic.com
translate.googleapis.com
www.gstatic.com
104.21.66.251
142.250.186.142
172.67.199.8
07daee9f4c9f6b505c15a126761523b1fdf527717862683ba754de23914bab5b
3f17280fd5697c24158054b557317f1ae7817f0cf10d5437f137cac293bcb269
c76a05eba14a139b39e959c569a5ec26f22943fcd10aa032270802a8f62d1afd
d0f454b0ee4742d86cc6497e1dab1394e426da30aa3bf36654b0a88437896556
d3243ada7809fed4d9fb84237724555ceabe025d8dfdb4de5163f8a9b0d2b0de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855