oncologiaclinicafpolis.com.br Open in urlscan Pro
200.234.194.32 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://oncologiaclinicafpolis.com.br/r/
Submission: On January 24 via automatic, source phishtank (January 24th 2023, 12:04:05 pm UTC) — Scanned from DE

Summary HTTP 32 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 7 domains to perform 32 HTTP transactions. The main IP is 200.234.194.32, located in Brazil and belongs to Locaweb Servicos de Internet SA, BR. The main domain is oncologiaclinicafpolis.com.br.

This is the only time oncologiaclinicafpolis.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
3	200.234.194.32 200.234.194.32	27715 (Locaweb S...) (Locaweb Servicos de Internet SA)
6	213.165.66.58 213.165.66.58	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	74.208.255.201 74.208.255.201	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1 1	190.115.26.9 190.115.26.9	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
8	217.160.86.61 217.160.86.61	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.41 217.160.86.41	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	217.160.86.74 217.160.86.74	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	52.215.192.131 52.215.192.131	16509 (AMAZON-02) (AMAZON-02)
2	217.160.86.59 217.160.86.59	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.148 217.160.86.148	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	195.20.250.196 195.20.250.196	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.27 217.160.86.27	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
32	13

3 200.234.194.32 (Brazil)

ASN27715 (Locaweb Servicos de Internet SA, BR)
PTR: gagarin2329.hospedagemdesites.ws

oncologiaclinicafpolis.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.165.66.58 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ce1.uicdn.net

ce1.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.208.255.201 (Norwalk, United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: mail.ionos.com

mail.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.115.26.9 (Belize City, Belize) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)

l-ol.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 217.160.86.61 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: frontend-services.ionos.com

frontend-services.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.41 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ahab.ionos.com

ahab.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.160.86.74 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: frontend-services.ionos.com

frontend-services.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.192.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-192-131.eu-west-1.compute.amazonaws.com

4tdc8ll7wtnf.statuspage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.160.86.59 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: var.uicdn.net

var.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.148 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ias.ionos.de

ias.ionos.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.20.250.196 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: t-bs.ionos.com

t.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.27 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: media.static-1and1.com

ias.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ionos.com mail.ionos.com — Cisco Umbrella Rank: 329751 frontend-services.ionos.com — Cisco Umbrella Rank: 94117 ahab.ionos.com — Cisco Umbrella Rank: 161691 t.ionos.com — Cisco Umbrella Rank: 285933	293 KB
9	uicdn.net ce1.uicdn.net — Cisco Umbrella Rank: 100777 var.uicdn.net — Cisco Umbrella Rank: 251021 ias.uicdn.net — Cisco Umbrella Rank: 242601	270 KB
3	statuspage.io 4tdc8ll7wtnf.statuspage.io — Cisco Umbrella Rank: 283802	1 KB
3	oncologiaclinicafpolis.com.br oncologiaclinicafpolis.com.br	31 KB
1	ionos.de ias.ionos.de — Cisco Umbrella Rank: 315841	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
1	l-ol.lol 1 redirects l-ol.lol	347 B
32	7

	Domain	Requested by
11	frontend-services.ionos.com	mail.ionos.com frontend-services.ionos.com
6	ce1.uicdn.net	oncologiaclinicafpolis.com.br ce1.uicdn.net
3	4tdc8ll7wtnf.statuspage.io	frontend-services.ionos.com
3	oncologiaclinicafpolis.com.br	oncologiaclinicafpolis.com.br mail.ionos.com
2	var.uicdn.net	frontend-services.ionos.com
2	mail.ionos.com	oncologiaclinicafpolis.com.br
1	ias.uicdn.net
1	t.ionos.com	var.uicdn.net
1	ias.ionos.de	frontend-services.ionos.com
1	ahab.ionos.com	mail.ionos.com
1	www.google.com	oncologiaclinicafpolis.com.br
1	l-ol.lol	1 redirects
32	12

This site contains links to these domains. Also see Links.

Domain
www.ionos.co.uk
navigation.ionos.de
ias.ionos.de
my.ionos.co.uk
hidrive.ionos.com
archive.ionos.co.uk
www.ionos-status.de

Subject Issuer	Validity	Valid
ce1.uicdn.net GeoTrust RSA CA 2018	`2022-03-01` - `2023-03-10`	a year	crt.sh
mail.ionos.com GeoTrust EV RSA CA 2018	`2022-09-30` - `2023-10-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
frontend-services.ionos.com GeoTrust RSA CA 2018	`2022-05-31` - `2023-05-31`	a year	crt.sh
ahab.ionos.com GeoTrust RSA CA 2018	`2022-12-06` - `2024-01-06`	a year	crt.sh
*.statuspage.io DigiCert TLS RSA SHA256 2020 CA1	`2022-08-08` - `2023-08-22`	a year	crt.sh
ias.ionos.de GeoTrust RSA CA 2018	`2022-07-19` - `2023-07-18`	a year	crt.sh
*.ionos.com GeoTrust RSA CA 2018	`2022-08-11` - `2023-09-11`	a year	crt.sh
ias.uicdn.net GeoTrust RSA CA 2018	`2022-06-10` - `2023-06-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://oncologiaclinicafpolis.com.br/r/
Frame ID: BF46F72DA684D31CF0A1E011A00CD5AF
Requests: 33 HTTP requests in this frame

Frame: https://www.google.com/url?sa=t&source=web&rct=j&url=https://ask.elbwaba.com/151/how-do-i-start-bitcoin-as-a-beginner&ved=2ahUKEwjs-JqnpNb8AhXbVaQEHRMiDSkQFnoECA8QAQ&usg=AOvVaw0_DFayKN2B48_EhZN1Dm5A
Frame ID: F7E91537008539760412E3F9FF495FCF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Login | IONOS by 1&1

Page Statistics

32
Requests

75 %
HTTPS

8 %
IPv6

7
Domains

12
Subdomains

13
IPs

5
Countries

598 kB
Transfer

1663 kB
Size

1
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ionos.co.uk/
Title: Webmail

Search URL Search Domain Scan URL

URL: https://navigation.ionos.de/2.0/navi/DE/track/click?url=https%3A%2F%2Fmein.ionos.de%2Fspecial-offers%3Fias.campaign%3Dnew-year-23&linkid=nav.special-offer&c=WEBMAIL_LOGIN&p=login

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2327&utm_term=2327&utm_campaign=forgotpw&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=flyin
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=4083&utm_term=4083&utm_campaign=staysignedin&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=flyin
Title: Remember me

Search URL Search Domain Scan URL

URL: https://ias.ionos.de/ias/follow/CLICK?ias_source=WEBMAILER-DE&ias_medium=login-webmailer_login&ias_content=WEBMAIL_LOGIN_TEASER_MAIL-DEFAULT&ias_campaign=MAIL_ARCHIVING&iasSessionId=d0d47fda-6d20-4c67-ae3c-ed3f31effe58&target=https%3A%2F%2Fwww.ionos.de%2Foffice-loesungen%2Feigene-email-adresse%3Fac%3DOM.PU.PU263K416852T7073a%26utm_source%3Dwebmail%26utm_medium%3Dlogin%26utm_campaign%3Dwebmail-nk%26utm_content%3Dmailbasic
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2442&utm_term=2442&utm_campaign=mobile-ios&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: iOS

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2444&utm_term=2444&utm_campaign=mobile-android&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Android

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2436&utm_term=2436&utm_campaign=desktop-thunderbird&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Thunderbird

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2462&utm_term=2462&utm_campaign=desktop-outlook&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Outlook

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2445&utm_term=2445&utm_campaign=desktop-applemail&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Apple Mail

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2490&utm_term=2490&utm_campaign=other-assistants&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: email programs (POP/IMAP)

Search URL Search Domain Scan URL

URL: https://my.ionos.co.uk/
Title: My IONOS

Search URL Search Domain Scan URL

URL: https://hidrive.ionos.com/
Title: HiDrive

Search URL Search Domain Scan URL

URL: https://archive.ionos.co.uk/
Title: Email archiving

Search URL Search Domain Scan URL

URL: https://www.ionos-status.de/?utm_medium=footer&utm_content=none&utm_source=WEBMAIL_LOGIN&utm_campaign=login&utm_term=no_search
Title: All Systems Operational

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/about
Title: IONOS Cloud Ltd. • 2023

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/terms-gtc/terms-privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://l-ol.lol/ZZH0r4 HTTP 302
https://www.google.com/url?sa=t&source=web&rct=j&url=https://ask.elbwaba.com/151/how-do-i-start-bitcoin-as-a-beginner&ved=2ahUKEwjs-JqnpNb8AhXbVaQEHRMiDSkQFnoECA8QAQ&usg=AOvVaw0_DFayKN2B48_EhZN1Dm5A

32 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
oncologiaclinicafpolis.com.br/r/ 29 KB
29 KB 1002ms
218ms Document
text/html 200.234.194.32
Locaweb Servicos ...

General

oncologiaclinicafpolis.com.br Open in urlscan Pro 200.234.194.32 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

32 Requests

75 %HTTPS

8 %IPv6

7 Domains

12 Subdomains

13 IPs

5 Countries

598 kBTransfer

1663 kBSize

1 Cookies

17 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

oncologiaclinicafpolis.com.br Open in urlscan Pro
200.234.194.32 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

75 %
HTTPS

8 %
IPv6

7
Domains

12
Subdomains

13
IPs

5
Countries

598 kB
Transfer

1663 kB
Size

1
Cookies

32 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!