email.atachment.click Open in urlscan Pro
2606:4700:3033::6815:2a16  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://paks2-3860290007.loadars.click/5181934543?wzsemlotbb6605245003=NDwmJU46ViROPkctTzsnMSA8JiVLPFMoTjonNCA=&umid=E6008FA0-0A4E-C706-9673-18B2C04E166E&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-76629b9df5e1d93be2073b3d7646d453d5f81446 Page URL
2. https://email.atachment.click/synchronization.aspx?wzsemlotbb6605245003=NDwmJU46ViROPkctTzsnMSA8JiVLPFMoTjonNCA=&umid=E6008FA0-0A4E-C706-9673-18B2C04E166E&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-76629b9df5e1d93be2073b3d7646d453d5f81446 Page URL
3. https://email.atachment.click/synchronization.aspx?wzsemlotbb6605245003=NDwmJU46ViROPkctTzsnMSA8JiVLPFMoTjonNCA=&umid=E6008FA0-0A4E-C706-9673-18B2C04E166E&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-76629b9df5e1d93be2073b3d7646d453d5f81446 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	5181934543 paks2-3860290007.loadars.click/	511 B 820 B	182ms 88ms	Document text/html	2606:4700:3036::6815:42fb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://paks2-3860290007.loadars.click/5181934543?wzsemlotbb6605245003=NDwmJU46ViROPkctTzsnMSA8JiVLPFMoTjonNCA=&umid=E6008FA0-0A4E-C706-9673-18B2C04E166E&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-76629b9df5e1d93be2073b3d7646d453d5f81446 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:42fb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 827681d1ac095b2c-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 17 Nov 2023 08:12:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referer report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oU7GjdOGmoo%2BEms8iVpm30MqO80MF%2FIYoqhwr7nVPPs7AcyqXJv3HtatBxg6g4w0ydeV4wczDO7mWHLsTzSAcQ2NL0F0G1MqEWPXNkNzoLMJ1IzHAn5GGHzd1g2r9pP7LaGKjMZlCDmdbtB6CWwK%2FXX%2F%2BRSG%2FNxKGXQJa8g%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	synchronization.aspx email.atachment.click/	121 KB 24 KB	814ms 639ms	Document text/html	2606:4700:3033::6815:2a16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email.atachment.click/synchronization.aspx?wzsemlotbb6605245003=NDwmJU46ViROPkctTzsnMSA8JiVLPFMoTjonNCA=&umid=E6008FA0-0A4E-C706-9673-18B2C04E166E&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-76629b9df5e1d93be2073b3d7646d453d5f81446 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2a16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options DENY Request headers Referer https://paks2-3860290007.loadars.click/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 827681d3aa770082-CDG content-encoding br content-type text/html; charset=UTF-8 date Fri, 17 Nov 2023 08:12:10 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1Zfyrta5TNnG2mIG%2Ft5pM6GiCoanMLQpVl10H49kN6X6M9TGJexoviaqXUQT%2BLiEASyA7PIpNkKJGzL0CVoOTHAdsJ9JtDX8oQPmPrEo6EjOehGE8joRhV5T7pGue%2BIeKy4pqx7f62EipH5QPFDBggJT4g%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options DENY x-turbo-charged-by LiteSpeed
GET DATA	200 OK	truncated /	14 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	Primary Request synchronization.aspx Show response email.atachment.click/	106 KB 80 KB	1054ms 1052ms	Document text/html	2606:4700:3033::6815:2a16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://email.atachment.click/synchronization.aspx?wzsemlotbb6605245003=NDwmJU46ViROPkctTzsnMSA8JiVLPFMoTjonNCA=&umid=E6008FA0-0A4E-C706-9673-18B2C04E166E&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-76629b9df5e1d93be2073b3d7646d453d5f81446 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:2a16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ec8010b91ea0f34aed66a2cd65422bd0de7b89fe4fdf1fdd06aa3c11f04834c Security Headers Name Value X-Frame-Options DENY Request headers Content-Type application/x-www-form-urlencoded Origin https://email.atachment.click Referer https://email.atachment.click/synchronization.aspx?wzsemlotbb6605245003=NDwmJU46ViROPkctTzsnMSA8JiVLPFMoTjonNCA=&umid=E6008FA0-0A4E-C706-9673-18B2C04E166E&auth=00a66cae2a43fd509bc1542948ad9815fd66a388-76629b9df5e1d93be2073b3d7646d453d5f81446 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 827681dc2b870082-CDG content-encoding br content-type text/html; charset=UTF-8 date Fri, 17 Nov 2023 08:12:12 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXKpOiO8PMqE71tqdMDxCVOL80MZTTnnjRJxi%2BKfHgn5TGsKPntt%2FoyFVl9JwMqBTtW2%2F8V6w%2FkDjkeSUmP8o2FM3CNjivSOL4N1uVtAA2Az43n%2BCsoiDj4EzZ%2B%2BaNdtX8hEfVqm3RROLXY4jBngllgMvHg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options DENY x-turbo-charged-by LiteSpeed

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _A9 function| _xx function| _A0 function| _C0 function| _um function| _Mr function| _dL function| _Oi function| _dG function| _UK function| _ZB function| _M6 function| _GZ function| _RD function| _wE function| _pJ function| _pH function| _Dj function| _Zt function| _xr function| _dp function| _Ed function| _jP function| _KY function| _oc function| _gg function| _X0 function| _Og function| _oR function| _qG function| _f5 function| _N5 function| _gW function| _DK function| _b5 function| _XP function| _cv function| _hD function| _ok function| _JF function| _u6 function| _cD function| _OO function| _lU function| _MA function| _vh function| _W8 function| _kK function| _a8 function| _Gd function| _io function| _hk function| _PI function| _HP function| _Cu function| _Tl function| _li function| _qb function| _xT function| _Xq function| _X9 function| _tB function| _vn function| _Z0 function| _QC function| _sm function| _j6 function| _be function| _ug function| _fx function| _w2 function| _x3 function| _Gs function| _o1 function| _nn function| _C9 number| r number| a number| e number| t number| g number| b

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			email.atachment.click/	1969-12-31 23:59:59	Name: PHPSESSID Value: d853534bfb86fe715b3b99d336d35899
			email.atachment.click/	1970-01-20 16:16:52	Name: googtrans Value: %2Fauto%2Fde
			.email.atachment.click/	1970-01-20 16:16:52	Name: googtrans Value: %2Fauto%2Fde

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.atachment.click
paks2-3860290007.loadars.click
2606:4700:3033::6815:2a16
2606:4700:3036::6815:42fb
4ec8010b91ea0f34aed66a2cd65422bd0de7b89fe4fdf1fdd06aa3c11f04834c