1und1-dslmobilfunk-log.aburuqaya.de Open in urlscan Pro
85.214.112.236 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/
Submission Tags: 7274918
Submission: On August 27 via api (August 27th 2021, 5:28:17 am UTC) from NL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 85.214.112.236, located in Germany and belongs to STRATO STRATO AG, DE. The main domain is 1und1-dslmobilfunk-log.aburuqaya.de.
TLS certificate: Issued by R3 on August 26th 2021. Valid for: 3 months.

This is the only time 1und1-dslmobilfunk-log.aburuqaya.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
8	85.214.112.236 85.214.112.236	6724 (STRATO ST...) (STRATO STRATO AG)
2	217.160.86.157 217.160.86.157	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.27 217.160.86.27	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	217.160.86.60 217.160.86.60	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
13	4

8 85.214.112.236 (Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: h2946938.stratoserver.net

1und1-dslmobilfunk-log.aburuqaya.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.160.86.157 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ias.static-1and1.com

ias.static-1and1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.27 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: media.static-1and1.com

media.static-1and1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.160.86.60 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: cors.uicdn.net

cors.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	aburuqaya.de 1und1-dslmobilfunk-log.aburuqaya.de	235 KB
3	static-1and1.com ias.static-1and1.com media.static-1and1.com	29 KB
2	uicdn.net cors.uicdn.net	53 KB
13	3

	Domain	Requested by
8	1und1-dslmobilfunk-log.aburuqaya.de	1und1-dslmobilfunk-log.aburuqaya.de
2	cors.uicdn.net	1und1-dslmobilfunk-log.aburuqaya.de
2	ias.static-1and1.com	1und1-dslmobilfunk-log.aburuqaya.de
1	media.static-1and1.com	1und1-dslmobilfunk-log.aburuqaya.de
13	4

This site contains no links.

Subject Issuer	Validity	Valid
1und1-dslmobilfunk-log.aburuqaya.de R3	`2021-08-26` - `2021-11-24`	3 months	crt.sh
ias.static-1and1.com GeoTrust RSA CA 2018	`2021-08-13` - `2022-08-13`	a year	crt.sh
media.static-1and1.com GeoTrust RSA CA 2018	`2019-10-01` - `2021-09-30`	2 years	crt.sh
cors.uicdn.net GeoTrust RSA CA 2018	`2021-02-01` - `2022-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/
Frame ID: 3093442442AC310DA6F958CF71D935A0
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1&1 Kunden-Login - Anmeldung zu Ihrem Control-Center

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

317 kB
Transfer

314 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response 1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/	96 KB 96 KB	631ms 520ms	Document text/html	85.214.112.236 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.214.112.236 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2946938.stratoserver.net Software Apache / PHP/7.3.29 PleskLin Resource Hash `6e34b8b7c64147146c2c5c7fa60f8a4d8983f70ad530b432a5b16aa356ba0784` Request headers Host 1und1-dslmobilfunk-log.aburuqaya.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:00 GMT Server Apache X-Powered-By PHP/7.3.29 PleskLin Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Set-Cookie PHPSESSID=a9gf07o1r1peb287kh4o47ti3s; path=/ Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	inpagelayer.css 1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/	19 KB 19 KB	162ms 153ms	Stylesheet text/css	85.214.112.236 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/inpagelayer.css Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.214.112.236 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2946938.stratoserver.net Software Apache / PleskLin Resource Hash `bf96600aede00b49e433974147878c8859975eca35069d8493ee9fb352126bfd` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host 1und1-dslmobilfunk-log.aburuqaya.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Cookie PHPSESSID=a9gf07o1r1peb287kh4o47ti3s Connection keep-alive Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Thu, 26 Aug 2021 09:14:10 GMT Server Apache X-Powered-By PleskLin ETag "4b76-5ca72ca241c80" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 19318
GET H/1.1	200 OK	navigation.css 1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/	57 KB 57 KB	382ms 297ms	Stylesheet text/css	85.214.112.236 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/navigation.css Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.214.112.236 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2946938.stratoserver.net Software Apache / PleskLin Resource Hash `5cad4ac401c75217759ad4386f50260c22397c629953b58e0f9f8598bb2df5d3` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host 1und1-dslmobilfunk-log.aburuqaya.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Cookie PHPSESSID=a9gf07o1r1peb287kh4o47ti3s Connection keep-alive Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Thu, 26 Aug 2021 09:14:20 GMT Server Apache X-Powered-By PleskLin ETag "e27f-5ca72cabcb300" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 57983
GET H/1.1	404 Not Found	opensans-regular.woff2 1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/	0 0	232ms 162ms	Font text/html	85.214.112.236 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/opensans-regular.woff2 Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.214.112.236 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2946938.stratoserver.net Software Apache / PleskLin Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://1und1-dslmobilfunk-log.aburuqaya.de Accept-Encoding gzip, deflate, br Host 1und1-dslmobilfunk-log.aburuqaya.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Cookie PHPSESSID=a9gf07o1r1peb287kh4o47ti3s Connection keep-alive Origin https://1und1-dslmobilfunk-log.aburuqaya.de Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Thu, 26 Aug 2021 11:38:37 GMT Server Apache X-Powered-By PleskLin ETag "328-5ca74cec35a1c" Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 808
GET H/1.1	200 200	anf_2018-06A_220x105.png ias.static-1and1.com/media/de/LOGIN_ALL_NET_FLAT/DEFAULT/	21 KB 22 KB	137ms 69ms	Image image/png	217.160.86.157 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://ias.static-1and1.com/media/de/LOGIN_ALL_NET_FLAT/DEFAULT/anf_2018-06A_220x105.png Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.160.86.157 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ias.static-1and1.com Software Apache / Resource Hash `e5cef6334c8e2b140c805f6d1568741ef87b549f79551de4012485670ad39a5c` Request headers Referer https://1und1-dslmobilfunk-log.aburuqaya.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Wed, 19 May 2021 07:32:24 GMT Server Apache ETag W/"21628-1621409544000" X-Cache-Status HIT Content-Type image/png Cache-Control public, max-age=2628000 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=15 Content-Length 21628
GET H2	404	LOGIN_OFFICE365_DEFAULT_office-small.png media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/	0 0	134ms 69ms	Image text/html	217.160.86.27 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/LOGIN_OFFICE365_DEFAULT_office-small.png?h=0c15c06ccb274fcba817bbcfd9929e8ea7d595bc Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.160.86.27 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS media.static-1and1.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://1und1-dslmobilfunk-log.aburuqaya.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H/1.1	200 200	adsl_2018-02A_220x105.png ias.static-1and1.com/media/de/LOGIN_DSL/DEFAULT/	7 KB 8 KB	100ms 32ms	Image image/png	217.160.86.157 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Show image Full URL https://ias.static-1and1.com/media/de/LOGIN_DSL/DEFAULT/adsl_2018-02A_220x105.png Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.160.86.157 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS ias.static-1and1.com Software Apache / Resource Hash `5cc0c17a856fb6218c833ebe54a5b3ad16c39c985695ca9fd4306ba897f5ecbf` Request headers Referer https://1und1-dslmobilfunk-log.aburuqaya.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Wed, 19 May 2021 07:32:24 GMT Server Apache ETag W/"7659-1621409544000" X-Cache-Status HIT Content-Type image/png Cache-Control public, max-age=2628000 Connection keep-alive Accept-Ranges bytes Keep-Alive timeout=15 Content-Length 7659
GET H/1.1	200 OK	globalnavigation.woff 1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/	6 KB 7 KB	242ms 159ms	Font font/woff	85.214.112.236 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/globalnavigation.woff Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.214.112.236 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2946938.stratoserver.net Software Apache / PleskLin Resource Hash `8b3470966c5fcb3ef0b57a56c29d35d48e188fb37030fb274cffd9374306fe12` Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://1und1-dslmobilfunk-log.aburuqaya.de Accept-Encoding gzip, deflate, br Host 1und1-dslmobilfunk-log.aburuqaya.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Cookie PHPSESSID=a9gf07o1r1peb287kh4o47ti3s Connection keep-alive Origin https://1und1-dslmobilfunk-log.aburuqaya.de Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Thu, 26 Aug 2021 09:14:14 GMT Server Apache X-Powered-By PleskLin ETag "199c-5ca72ca612580" Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6556
GET H/1.1	404 Not Found	ciso-styleguide-icons.woff2 1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/	0 0	267ms 183ms	Font text/html	85.214.112.236 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/ciso-styleguide-icons.woff2 Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.214.112.236 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2946938.stratoserver.net Software Apache / PleskLin Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://1und1-dslmobilfunk-log.aburuqaya.de Accept-Encoding gzip, deflate, br Host 1und1-dslmobilfunk-log.aburuqaya.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Cookie PHPSESSID=a9gf07o1r1peb287kh4o47ti3s Connection keep-alive Origin https://1und1-dslmobilfunk-log.aburuqaya.de Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Thu, 26 Aug 2021 11:38:37 GMT Server Apache X-Powered-By PleskLin ETag "328-5ca74cec35a1c" Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 808
GET H/1.1	404 Not Found	opensans-regular.woff 1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/	0 0	248ms 248ms	Font text/html	85.214.112.236 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/opensans-regular.woff Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.214.112.236 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2946938.stratoserver.net Software Apache / PleskLin Resource Hash Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://1und1-dslmobilfunk-log.aburuqaya.de Accept-Encoding gzip, deflate, br Host 1und1-dslmobilfunk-log.aburuqaya.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Cookie PHPSESSID=a9gf07o1r1peb287kh4o47ti3s Connection keep-alive Origin https://1und1-dslmobilfunk-log.aburuqaya.de Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Thu, 26 Aug 2021 11:38:37 GMT Server Apache X-Powered-By PleskLin ETag "328-5ca74cec35a1c" Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 808
GET H/1.1	200 OK	ciso-styleguide-icons.woff 1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/	56 KB 56 KB	157ms 157ms	Font font/woff	85.214.112.236 STRATO STRATO AG
General Check archive.org Show headers Download Go to Full URL https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/ciso-styleguide-icons.woff Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 85.214.112.236 , Germany, ASN6724 (STRATO STRATO AG, DE), Reverse DNS h2946938.stratoserver.net Software Apache / PleskLin Resource Hash `da0b66653caa061918cc973fbef05517e0d199eb194a8bb5bc17dd8f512f4ca2` Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://1und1-dslmobilfunk-log.aburuqaya.de Accept-Encoding gzip, deflate, br Host 1und1-dslmobilfunk-log.aburuqaya.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ Cookie PHPSESSID=a9gf07o1r1peb287kh4o47ti3s Connection keep-alive Origin https://1und1-dslmobilfunk-log.aburuqaya.de Referer https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Fri, 27 Aug 2021 05:28:01 GMT Last-Modified Thu, 26 Aug 2021 09:14:08 GMT Server Apache X-Powered-By PleskLin ETag "df10-5ca72ca059800" Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 57104
GET H2	200	globalnavigation.woff cors.uicdn.net/fonts/	6 KB 7 KB	135ms 74ms	Font application/font-woff	217.160.86.60 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://cors.uicdn.net/fonts/globalnavigation.woff Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/inpagelayer.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.160.86.60 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS cors.uicdn.net Software Apache / Resource Hash `8b3470966c5fcb3ef0b57a56c29d35d48e188fb37030fb274cffd9374306fe12` Request headers Origin https://1und1-dslmobilfunk-log.aburuqaya.de Referer https://1und1-dslmobilfunk-log.aburuqaya.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 05:28:01 GMT last-modified Mon, 10 Apr 2017 13:30:08 GMT server Apache content-type application/font-woff access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 6556 expires Sat, 27 Aug 2022 05:28:01 GMT
GET H2	200	opensans-regular.woff2 cors.uicdn.net/fonts/	46 KB 46 KB	85ms 85ms	Font font/woff2	217.160.86.60 IONOS-AS This is ...
General Check archive.org Show headers Download Go to Full URL https://cors.uicdn.net/fonts/opensans-regular.woff2 Requested by Host: 1und1-dslmobilfunk-log.aburuqaya.de URL: https://1und1-dslmobilfunk-log.aburuqaya.de/LLKINOOLPLog/de/files/navigation.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.160.86.60 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE), Reverse DNS cors.uicdn.net Software Apache / Resource Hash `4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3` Request headers Origin https://1und1-dslmobilfunk-log.aburuqaya.de Referer https://1und1-dslmobilfunk-log.aburuqaya.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Fri, 27 Aug 2021 05:28:01 GMT last-modified Fri, 12 May 2017 09:04:39 GMT server Apache content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes content-length 47016 expires Sat, 27 Aug 2022 05:28:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			1und1-dslmobilfunk-log.aburuqaya.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: a9gf07o1r1peb287kh4o47ti3s

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1und1-dslmobilfunk-log.aburuqaya.de
cors.uicdn.net
ias.static-1and1.com
media.static-1and1.com
217.160.86.157
217.160.86.27
217.160.86.60
85.214.112.236
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
5cad4ac401c75217759ad4386f50260c22397c629953b58e0f9f8598bb2df5d3
5cc0c17a856fb6218c833ebe54a5b3ad16c39c985695ca9fd4306ba897f5ecbf
6e34b8b7c64147146c2c5c7fa60f8a4d8983f70ad530b432a5b16aa356ba0784
8b3470966c5fcb3ef0b57a56c29d35d48e188fb37030fb274cffd9374306fe12
bf96600aede00b49e433974147878c8859975eca35069d8493ee9fb352126bfd
da0b66653caa061918cc973fbef05517e0d199eb194a8bb5bc17dd8f512f4ca2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cef6334c8e2b140c805f6d1568741ef87b549f79551de4012485670ad39a5c

1und1-dslmobilfunk-log.aburuqaya.de Open in urlscan Pro 85.214.112.236 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

317 kBTransfer

314 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

1 Cookies

Indicators

1und1-dslmobilfunk-log.aburuqaya.de Open in urlscan Pro
85.214.112.236 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

317 kB
Transfer

314 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!