account.1and1.it
Open in
urlscan Pro
217.160.86.30
Malicious Activity!
Public Scan
Effective URL: https://account.1and1.it/
Submission: On April 16 via api from CH
Summary
TLS certificate: Issued by GeoTrust EV SSL CA - G4 on July 27th 2017. Valid for: 2 years.
This is the only time account.1and1.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: 1&1 Ionos (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 217.160.86.24 217.160.86.24 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
2 | 217.160.86.30 217.160.86.30 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
4 | 217.160.86.60 217.160.86.60 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
3 | 217.160.86.61 217.160.86.61 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
3 | 217.160.86.74 217.160.86.74 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 195.20.250.237 195.20.250.237 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 217.160.86.155 217.160.86.155 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 217.160.86.14 217.160.86.14 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
3 | 217.160.86.27 217.160.86.27 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 217.160.86.75 217.160.86.75 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
19 | 9 |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: www.1and1.it
www.1and1.it |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: account.1and1.it
account.1and1.it |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: cors.uicdn.net
cors.uicdn.net |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: frontend-services.1and1.com
frontend-services.1and1.com |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: frontend-services.1and1.com
frontend-services.1and1.com |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: x.uimserv.net
uir.uimserv.net |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: ias.1and1.it
ias.1and1.it |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: navigation.1und1.de
navigation.1and1.it |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: media.static-1and1.com
media.static-1and1.com |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: pixel.1und1.de
pixel.1und1.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
1and1.com
frontend-services.1and1.com |
128 KB |
5 |
1and1.it
1 redirects
www.1and1.it account.1and1.it ias.1and1.it navigation.1and1.it |
63 KB |
4 |
uicdn.net
cors.uicdn.net |
145 KB |
3 |
static-1and1.com
media.static-1and1.com |
23 KB |
1 |
1und1.de
pixel.1und1.de |
492 B |
1 |
uimserv.net
uir.uimserv.net |
622 B |
19 | 6 |
Domain | Requested by | |
---|---|---|
6 | frontend-services.1and1.com |
account.1and1.it
frontend-services.1and1.com |
4 | cors.uicdn.net |
account.1and1.it
|
3 | media.static-1and1.com |
account.1and1.it
|
2 | account.1and1.it |
account.1and1.it
|
1 | pixel.1und1.de |
account.1and1.it
|
1 | navigation.1and1.it |
frontend-services.1and1.com
|
1 | ias.1and1.it |
frontend-services.1and1.com
|
1 | uir.uimserv.net |
account.1and1.it
|
1 | www.1and1.it | 1 redirects |
19 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
admin.1and1.it |
aiuto.1and1.it |
ias.1and1.it |
www.1and1.it |
Subject Issuer | Validity | Valid | |
---|---|---|---|
account.1and1.it GeoTrust EV SSL CA - G4 |
2017-07-27 - 2019-07-27 |
2 years | crt.sh |
ias.1and1.it GeoTrust SSL CA - G3 |
2017-05-03 - 2018-05-03 |
a year | crt.sh |
navigation.1and1.it GeoTrust SSL CA - G3 |
2017-07-31 - 2018-07-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://account.1and1.it/
Frame ID: 6ED9F4F73B5135914A5C0150910BF1F
Requests: 19 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.1and1.it/login
HTTP 301
https://account.1and1.it/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Area Clienti
Search URL Search Domain Scan URL
Title: Scopri di più
Search URL Search Domain Scan URL
Title: Diventa subito nostro cliente e approfitta delle nostre offerte.
Search URL Search Domain Scan URL
Title: Continua
Search URL Search Domain Scan URL
Title: Continua
Search URL Search Domain Scan URL
Title: Scopri di più!
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.1and1.it/login
HTTP 301
https://account.1and1.it/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
account.1and1.it/ Redirect Chain
|
50 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular.woff2
cors.uicdn.net/fonts/ |
46 KB 46 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ciso-styleguide-icons.woff2
cors.uicdn.net/fonts/ |
26 KB 26 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
account-webapp.js
frontend-services.1and1.com/t/tag/ONEANDONE/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
account.1and1.it/assets/js/ |
142 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnavigation.woff
cors.uicdn.net/fonts/ |
6 KB 7 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigation.js
frontend-services.1and1.com/t/navi/js/ |
225 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inpagelayer.js
frontend-services.1and1.com/t/inpagelayer/js/ |
52 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ias.js
frontend-services.1and1.com/t/ |
65 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
uir.uimserv.net/sid/ |
46 B 622 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inpagelayer.css
frontend-services.1and1.com/t/inpagelayer/css/ |
22 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
zones
ias.1and1.it/ias/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ciso-styleguide-icons.woff
cors.uicdn.net/fonts/ |
65 KB 66 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigation.css
frontend-services.1and1.com/t/navi/css/ |
57 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
navigation.1and1.it/2.0/navi/IT/ |
382 B 815 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LOGIN_OFFICE365_DEFAULT_office-small.png
media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LOGIN_DIY_DEFAULT_BKS_kachel_eshop_INT.png
media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LOGIN_DOMAIN_DEFAULT_vi-domain.png
media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
pixel.1und1.de/ |
126 B 492 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: 1&1 Ionos (Telecommunication)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| jQBrowser object| OAO string| __UI_nguserid object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| IAS4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.1and1.it/ | Name: NG_USERID Value: ac13e481-76379-1523862993-0 |
|
account.1and1.it/ | Name: _PFXSSL_ Value: true |
|
account.1and1.it/ | Name: JSESSIONID Value: 90066BCB1821C549A34348118B1A450E.TCbs7a |
|
account.1and1.it/ | Name: DPX Value: v1:PE9PK3fMna:2W68lMW4:5ad45be6:de |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' *.1and1.it pet.1and1.com pet.1and1.com frontend-services.1and1.com pixel.1und1.de; img-src 'self' data: *.1and1.it ias.static-1and1.com media.static-1and1.com pixel.1und1.de; font-src 'self' cors.uicdn.net; script-src 'self' 'nonce-koKdGWZTQnyNFeq84gXaPw' uir.uimserv.net ias.1and1.it as.1and1.it navigation.1and1.it frontend-services.1and1.com; style-src 'self' 'unsafe-inline' navigation.1and1.it frontend-services.1and1.com; frame-src data: 'self' contatti.1and1.it admin.1and1.it www.google.com; child-src data: 'self' www.google.com; frame-ancestors data: 'self' www.google.com; report-uri https://pet.1and1.com/pet/csp/account-webapp; |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
account.1and1.it
cors.uicdn.net
frontend-services.1and1.com
ias.1and1.it
media.static-1and1.com
navigation.1and1.it
pixel.1und1.de
uir.uimserv.net
www.1and1.it
195.20.250.237
217.160.86.14
217.160.86.155
217.160.86.24
217.160.86.27
217.160.86.30
217.160.86.60
217.160.86.61
217.160.86.74
217.160.86.75
2b1b6790147d4954f00cd39a07f13225bf509f9cd8bf8a3d3962fb95f3fad59d
4903ee4be30302bb874b36aa08a7964f65d472f2b0fda76281d31d37056ea233
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
59060a1f019cb761fdb4d50e32ae0040bc5a4ca2e808a1d975926fb2df1057cf
8b3470966c5fcb3ef0b57a56c29d35d48e188fb37030fb274cffd9374306fe12
8fd11f923a747bdf6a2c1a24ee7f24eceb17d6d054f92ef8fa6ef2a1723ddeab
974971550334f44672d7e69ddd4a0bc3dd39c0afe499ee1a2e4b4ff91868eeb6
98d317e0d147338e6f290512b85f5ff97578b943c1c992f8398895ca06852a3e
a46a8e3dce79090dcb3a3754e0d73ddd1cf11923e08109ddead404ab6b1a0afa
a5171677ac4d7d7f4cd6d504f751da08d7a2f2e189a93d54214ea6ca4b5a5f80
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
b340e495730f0eb549e5b252dc7f2fba5a68762f0df92996e2a6e320e07add7a
be5612cdee078f1c15a27ab82fa8e94de681db9ea0e0351f2ab19bd1aabc722d
c480ffde73447a875f3978f8579ae7bf8dedb69b058b6b098561c82246372e62
c5f149b1368224140be71f16ebe76c8c8dfa98ba7b23384ced7a619c3dfeb112
cf1c2954d5ae1b447835b7569e6471e79bc74fa5cd6f9ba4e962894c814540d2
d268081ac376fe2ab815093a01f5459606b75ca5414b438fa031276577b6b068
e902f78d9c596c6b135c83ec1c44ae4b221dcb3dfc5fffcfe007cbf83b24ad45
eea7713c81ac9a855c3f7241310576c5f63e86f729bae6e2b111012f0565411c