Submitted URL: https://www.1and1.it/login
Effective URL: https://account.1and1.it/
Submission: On April 16 via api from CH

Summary

This website contacted 9 IPs in 1 countries across 6 domains to perform 19 HTTP transactions. The main IP is 217.160.86.30, located in Germany and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is account.1and1.it.
TLS certificate: Issued by GeoTrust EV SSL CA - G4 on July 27th 2017. Valid for: 2 years.
This is the only time account.1and1.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 1 217.160.86.24 8560 (ONEANDONE...)
2 217.160.86.30 8560 (ONEANDONE...)
4 217.160.86.60 8560 (ONEANDONE...)
3 217.160.86.61 8560 (ONEANDONE...)
3 217.160.86.74 8560 (ONEANDONE...)
1 195.20.250.237 8560 (ONEANDONE...)
1 217.160.86.155 8560 (ONEANDONE...)
1 217.160.86.14 8560 (ONEANDONE...)
3 217.160.86.27 8560 (ONEANDONE...)
1 217.160.86.75 8560 (ONEANDONE...)
19 9
Domain Requested by
6 frontend-services.1and1.com account.1and1.it
frontend-services.1and1.com
4 cors.uicdn.net account.1and1.it
3 media.static-1and1.com account.1and1.it
2 account.1and1.it account.1and1.it
1 pixel.1und1.de account.1and1.it
1 navigation.1and1.it frontend-services.1and1.com
1 ias.1and1.it frontend-services.1and1.com
1 uir.uimserv.net account.1and1.it
1 www.1and1.it 1 redirects
19 9

This site contains links to these domains. Also see Links.

Domain
admin.1and1.it
aiuto.1and1.it
ias.1and1.it
www.1and1.it
Subject Issuer Validity Valid
account.1and1.it
GeoTrust EV SSL CA - G4
2017-07-27 -
2019-07-27
2 years crt.sh
ias.1and1.it
GeoTrust SSL CA - G3
2017-05-03 -
2018-05-03
a year crt.sh
navigation.1and1.it
GeoTrust SSL CA - G3
2017-07-31 -
2018-07-31
a year crt.sh

This page contains 1 frames:

Primary Page: https://account.1and1.it/
Frame ID: 6ED9F4F73B5135914A5C0150910BF1F
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.1and1.it/login HTTP 301
    https://account.1and1.it/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

19
Requests

21 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

9
IPs

1
Countries

360 kB
Transfer

808 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.1and1.it/login HTTP 301
    https://account.1and1.it/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
account.1and1.it/
Redirect Chain
  • https://www.1and1.it/login
  • https://account.1and1.it/
50 KB
12 KB
Document
General
Full URL
https://account.1and1.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.86.30 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
account.1and1.it
Software
Apache /
Resource Hash
a5171677ac4d7d7f4cd6d504f751da08d7a2f2e189a93d54214ea6ca4b5a5f80
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.1and1.it pet.1and1.com pet.1and1.com frontend-services.1and1.com pixel.1und1.de; img-src 'self' data: *.1and1.it ias.static-1and1.com media.static-1and1.com pixel.1und1.de; font-src 'self' cors.uicdn.net; script-src 'self' 'nonce-koKdGWZTQnyNFeq84gXaPw' uir.uimserv.net ias.1and1.it as.1and1.it navigation.1and1.it frontend-services.1and1.com; style-src 'self' 'unsafe-inline' navigation.1and1.it frontend-services.1and1.com; frame-src data: 'self' contatti.1and1.it admin.1and1.it www.google.com; child-src data: 'self' www.google.com; frame-ancestors data: 'self' www.google.com; report-uri https://pet.1and1.com/pet/csp/account-webapp;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
account.1and1.it
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Pragma
no-cache
Link
<https://cors.uicdn.net/fonts/opensans-regular.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://cors.uicdn.net/fonts/ciso-styleguide-icons.woff2>;rel="preload";as="font";type="font/woff2";crossorigin
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
a5ee73a4b171766a35f1a9dc00965044
Strict-Transport-Security
max-age=31536000
Content-Type
text/html;charset=UTF-8
Cache-Control
no-cache, no-store
Content-Security-Policy
default-src 'self' *.1and1.it pet.1and1.com pet.1and1.com frontend-services.1and1.com pixel.1und1.de; img-src 'self' data: *.1and1.it ias.static-1and1.com media.static-1and1.com pixel.1und1.de; font-src 'self' cors.uicdn.net; script-src 'self' 'nonce-koKdGWZTQnyNFeq84gXaPw' uir.uimserv.net ias.1and1.it as.1and1.it navigation.1and1.it frontend-services.1and1.com; style-src 'self' 'unsafe-inline' navigation.1and1.it frontend-services.1and1.com; frame-src data: 'self' contatti.1and1.it admin.1and1.it www.google.com; child-src data: 'self' www.google.com; frame-ancestors data: 'self' www.google.com; report-uri https://pet.1and1.com/pet/csp/account-webapp;
Set-Cookie
DPX=v1:PE9PK3fMna:2W68lMW4:5ad45be6:de; Path=/; Expires=Mon, 16-Apr-18 08:16:33 GMT; HttpOnly JSESSIONID=90066BCB1821C549A34348118B1A450E.TCbs7a; Path=/; Secure; HttpOnly _PFXSSL_=true; Path=/
Keep-Alive
timeout=15
Expires
Mon, 05 Jul 1970 05:07:00 GMT

Redirect headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/html
Location
https://account.1and1.it
Set-Cookie
DPX=v1:jdcNTc1jU1:IXUq8iZ3:5ad45be6:de; Path=/; Expires=Mon, 16-Apr-18 08:16:33 GMT; HttpOnly
Connection
keep-alive
Keep-Alive
timeout=15
Content-Length
0
opensans-regular.woff2
cors.uicdn.net/fonts/
46 KB
46 KB
Font
General
Full URL
https://cors.uicdn.net/fonts/opensans-regular.woff2
Protocol
HTTP/1.1
Server
217.160.86.60 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
cors.uicdn.net
Software
Apache /
Resource Hash
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://account.1and1.it/
Origin
https://account.1and1.it

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 May 2017 09:04:39 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 16 Apr 2019 07:16:33 GMT
ciso-styleguide-icons.woff2
cors.uicdn.net/fonts/
26 KB
26 KB
Font
General
Full URL
https://cors.uicdn.net/fonts/ciso-styleguide-icons.woff2
Protocol
HTTP/1.1
Server
217.160.86.60 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
cors.uicdn.net
Software
Apache /
Resource Hash
974971550334f44672d7e69ddd4a0bc3dd39c0afe499ee1a2e4b4ff91868eeb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://account.1and1.it/
Origin
https://account.1and1.it

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 May 2017 09:04:39 GMT
Server
Apache
Transfer-Encoding
chunked
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Keep-Alive
timeout=15
Expires
Tue, 16 Apr 2019 07:16:33 GMT
account-webapp.js
frontend-services.1and1.com/t/tag/ONEANDONE/
24 KB
7 KB
Script
General
Full URL
https://frontend-services.1and1.com/t/tag/ONEANDONE/account-webapp.js
Requested by
Host: account.1and1.it
URL: https://account.1and1.it/
Protocol
HTTP/1.1
Server
217.160.86.61 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
frontend-services.1and1.com
Software
Apache /
Resource Hash
eea7713c81ac9a855c3f7241310576c5f63e86f729bae6e2b111012f0565411c

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 12:33:02 GMT
Server
Apache
ETag
W/"24133-1523536382000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=1800, s-maxage=900
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
main.js?1.7.91
account.1and1.it/assets/js/
142 KB
48 KB
Script
General
Full URL
https://account.1and1.it/assets/js/main.js?1.7.91
Requested by
Host: account.1and1.it
URL: https://account.1and1.it/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.86.30 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
account.1and1.it
Software
Apache /
Resource Hash
c480ffde73447a875f3978f8579ae7bf8dedb69b058b6b098561c82246372e62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
account.1and1.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://account.1and1.it/
Cookie
DPX=v1:PE9PK3fMna:2W68lMW4:5ad45be6:de; JSESSIONID=90066BCB1821C549A34348118B1A450E.TCbs7a; _PFXSSL_=true
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Apr 2018 11:27:28 GMT
Server
Apache
ETag
e737c0f3ea8677e842ac4f9564aa9a43
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=31449600
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Keep-Alive
timeout=15
globalnavigation.woff
cors.uicdn.net/fonts/
6 KB
7 KB
Font
General
Full URL
https://cors.uicdn.net/fonts/globalnavigation.woff
Requested by
Host: account.1and1.it
URL: https://account.1and1.it/
Protocol
HTTP/1.1
Server
217.160.86.60 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
cors.uicdn.net
Software
Apache /
Resource Hash
8b3470966c5fcb3ef0b57a56c29d35d48e188fb37030fb274cffd9374306fe12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://account.1and1.it/
Origin
https://account.1and1.it

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Last-Modified
Mon, 10 Apr 2017 13:30:08 GMT
Server
Apache
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
6556
Expires
Tue, 16 Apr 2019 07:16:33 GMT
navigation.js?v=1.0.0
frontend-services.1and1.com/t/navi/js/
225 KB
63 KB
Script
General
Full URL
https://frontend-services.1and1.com/t/navi/js/navigation.js?v=1.0.0
Requested by
Host: frontend-services.1and1.com
URL: https://frontend-services.1and1.com/t/tag/ONEANDONE/account-webapp.js
Protocol
HTTP/1.1
Server
217.160.86.61 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
frontend-services.1and1.com
Software
Apache /
Resource Hash
d268081ac376fe2ab815093a01f5459606b75ca5414b438fa031276577b6b068

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 12:31:46 GMT
Server
Apache
ETag
W/"230527-1523536306000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400, s-maxage=900
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
inpagelayer.js?v=1.0.0
frontend-services.1and1.com/t/inpagelayer/js/
52 KB
14 KB
Script
General
Full URL
https://frontend-services.1and1.com/t/inpagelayer/js/inpagelayer.js?v=1.0.0
Requested by
Host: frontend-services.1and1.com
URL: https://frontend-services.1and1.com/t/tag/ONEANDONE/account-webapp.js
Protocol
HTTP/1.1
Server
217.160.86.61 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
frontend-services.1and1.com
Software
Apache /
Resource Hash
59060a1f019cb761fdb4d50e32ae0040bc5a4ca2e808a1d975926fb2df1057cf

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 12:31:46 GMT
Server
Apache
ETag
W/"53401-1523536306000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400, s-maxage=900
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
ias.js?v=1
frontend-services.1and1.com/t/
65 KB
20 KB
Script
General
Full URL
https://frontend-services.1and1.com/t/ias.js?v=1
Requested by
Host: frontend-services.1and1.com
URL: https://frontend-services.1and1.com/t/tag/ONEANDONE/account-webapp.js
Protocol
HTTP/1.1
Server
217.160.86.74 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
frontend-services.1and1.com
Software
Apache /
Resource Hash
cf1c2954d5ae1b447835b7569e6471e79bc74fa5cd6f9ba4e962894c814540d2

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 12:33:06 GMT
Server
Apache
ETag
W/"66509-1523536386000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=86400, s-maxage=900
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
/
uir.uimserv.net/sid/
46 B
622 B
Script
General
Full URL
https://uir.uimserv.net/sid/
Requested by
Host: account.1and1.it
URL: https://account.1and1.it/assets/js/main.js?1.7.91
Protocol
HTTP/1.1
Server
195.20.250.237 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
x.uimserv.net
Software
POPS-Web/2 /
Resource Hash
b340e495730f0eb549e5b252dc7f2fba5a68762f0df92996e2a6e320e07add7a

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 16 Apr 2018 07:16:33 GMT
Server
POPS-Web/2
P3P
P3P=policyref="http://adimg.uimserv.net/UIM/netgravity/p3p/p3p.xml", CP="NON DSP NID CURa ADMa DEVa TAIa PSAa PSDa OUR STP BUS UNI COM NAV INT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Connection
close
Content-Type
text/javascript;charset=utf-8
Content-Length
46
Expires
Wed, 20 Oct 2010 20:10:20 GMT
inpagelayer.css?v=0.0.19
frontend-services.1and1.com/t/inpagelayer/css/
22 KB
4 KB
Stylesheet
General
Full URL
https://frontend-services.1and1.com/t/inpagelayer/css/inpagelayer.css?v=0.0.19
Requested by
Host: frontend-services.1and1.com
URL: https://frontend-services.1and1.com/t/inpagelayer/js/inpagelayer.js?v=1.0.0
Protocol
HTTP/1.1
Server
217.160.86.74 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
frontend-services.1and1.com
Software
Apache /
Resource Hash
4903ee4be30302bb874b36aa08a7964f65d472f2b0fda76281d31d37056ea233

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 12:31:46 GMT
Server
Apache
ETag
W/"22221-1523536306000-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=86400, s-maxage=900
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Cookie set zones?zones=%5B%7B%22zoneId%22%3A%22login_offerlink%22%2C%22container%22%3A%22ias.zone0%22%7D%2C%7B%22zoneId%22%3A%22login_teaser_slot1%22%2C%22container%22%3A%22ias.zone1%22%7D%2C%7B%22zoneId%22%3...
ias.1and1.it/ias/
6 KB
2 KB
Script
General
Full URL
https://ias.1and1.it/ias/zones?zones=%5B%7B%22zoneId%22%3A%22login_offerlink%22%2C%22container%22%3A%22ias.zone0%22%7D%2C%7B%22zoneId%22%3A%22login_teaser_slot1%22%2C%22container%22%3A%22ias.zone1%22%7D%2C%7B%22zoneId%22%3A%22login_teaser_slot2%22%2C%22container%22%3A%22ias.zone2%22%7D%2C%7B%22zoneId%22%3A%22login_teaser_slot3%22%2C%22container%22%3A%22ias.zone3%22%7D%5D&nc=1523862993681&v=2.1.39&subset=false&application=ACCOUNT_WEBAPP&page=login&pageCategories=%5B%5D&lang=it_IT&data=%7B%22domainCount%22%3A0%2C%22subdomainCount%22%3A0%7D&screenWidth=1600&screenHeight=1200&callback=__iascb6JCkb
Requested by
Host: frontend-services.1and1.com
URL: https://frontend-services.1and1.com/t/ias.js?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.160.86.155 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
ias.1and1.it
Software
Apache /
Resource Hash
2b1b6790147d4954f00cd39a07f13225bf509f9cd8bf8a3d3962fb95f3fad59d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
ias.1and1.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://account.1and1.it/
Cookie
NG_USERID=ac13e481-76379-1523862993-0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Server
Apache
X-Cache-Status
MISS
Vary
Accept-Encoding
Content-Type
application/x-javascript
Set-Cookie
DPX=v1:ryfmSHFMFw:H09NLUCu:5ad45be6:de; Path=/; Expires=Mon, 16-Apr-18 08:16:33 GMT; HttpOnly variant.configname=2017-04-18;Version=1;Comment=;Path=/;Max-Age=16070400 icnt="{"c":{},"v":"2018-04-01"}";Version=1;Comment=;Path=/;Max-Age=2678400 variant="lead:test";Version=1;Comment=;Path=/;Max-Age=16070400 fcnt="{"c":[{"z":39,"c":{"147":1}},{"z":40,"c":{"146":1}},{"z":1016,"c":{"320":1}},{"z":41,"c":{"795":1}}],"v":"2018-04-01"}";Version=1;Comment=;Path=/;Max-Age=2678400
Cache-Control
no-cache, no-store, private, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
ciso-styleguide-icons.woff
cors.uicdn.net/fonts/
65 KB
66 KB
Font
General
Full URL
https://cors.uicdn.net/fonts/ciso-styleguide-icons.woff
Protocol
HTTP/1.1
Server
217.160.86.60 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
cors.uicdn.net
Software
Apache /
Resource Hash
e902f78d9c596c6b135c83ec1c44ae4b221dcb3dfc5fffcfe007cbf83b24ad45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://account.1and1.it/
Origin
https://account.1and1.it

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Last-Modified
Mon, 27 Nov 2017 12:14:49 GMT
Server
Apache
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
66952
Expires
Tue, 16 Apr 2019 07:16:33 GMT
navigation.css?v=1.0.33
frontend-services.1and1.com/t/navi/css/
57 KB
19 KB
Stylesheet
General
Full URL
https://frontend-services.1and1.com/t/navi/css/navigation.css?v=1.0.33
Requested by
Host: frontend-services.1and1.com
URL: https://frontend-services.1and1.com/t/navi/js/navigation.js?v=1.0.0
Protocol
HTTP/1.1
Server
217.160.86.74 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
frontend-services.1and1.com
Software
Apache /
Resource Hash
a46a8e3dce79090dcb3a3754e0d73ddd1cf11923e08109ddead404ab6b1a0afa

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Apr 2018 12:31:46 GMT
Server
Apache
ETag
W/"57931-1523536306000-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public, max-age=86400, s-maxage=900
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
/
navigation.1and1.it/2.0/navi/IT/
382 B
815 B
XHR
General
Full URL
https://navigation.1and1.it/2.0/navi/IT/
Requested by
Host: frontend-services.1and1.com
URL: https://frontend-services.1and1.com/t/navi/js/navigation.js?v=1.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.160.86.14 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
navigation.1und1.de
Software
Apache /
Resource Hash
8fd11f923a747bdf6a2c1a24ee7f24eceb17d6d054f92ef8fa6ef2a1723ddeab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://account.1and1.it
Accept-Encoding
gzip, deflate
Host
navigation.1and1.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
*/*
Referer
https://account.1and1.it/
Cookie
NG_USERID=ac13e481-76379-1523862993-0
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://account.1and1.it/
Origin
https://account.1and1.it

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
Vary
Origin,Accept-Encoding
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
https://account.1and1.it
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=100
Expires
0
LOGIN_OFFICE365_DEFAULT_office-small.png?h=0c15c06ccb274fcba817bbcfd9929e8ea7d595bc
media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/
4 KB
4 KB
Image
General
Full URL
https://media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/LOGIN_OFFICE365_DEFAULT_office-small.png?h=0c15c06ccb274fcba817bbcfd9929e8ea7d595bc
Requested by
Host: account.1and1.it
URL: https://account.1and1.it/assets/js/main.js?1.7.91
Protocol
HTTP/1.1
Server
217.160.86.27 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
media.static-1and1.com
Software
Apache /
Resource Hash
98d317e0d147338e6f290512b85f5ff97578b943c1c992f8398895ca06852a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Jan 2018 11:20:15 GMT
Server
Apache
X-Cache-Status
MISS
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4023
LOGIN_DIY_DEFAULT_BKS_kachel_eshop_INT.png?h=8bb0fb1ceb477133a884871039371fe80cb750ab
media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/
9 KB
9 KB
Image
General
Full URL
https://media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/LOGIN_DIY_DEFAULT_BKS_kachel_eshop_INT.png?h=8bb0fb1ceb477133a884871039371fe80cb750ab
Requested by
Host: account.1and1.it
URL: https://account.1and1.it/assets/js/main.js?1.7.91
Protocol
HTTP/1.1
Server
217.160.86.27 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
media.static-1and1.com
Software
Apache /
Resource Hash
be5612cdee078f1c15a27ab82fa8e94de681db9ea0e0351f2ab19bd1aabc722d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02 Jan 2018 13:51:17 GMT
Server
Apache
X-Cache-Status
MISS
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
9209
LOGIN_DOMAIN_DEFAULT_vi-domain.png?h=af0f239d457fb3b484f5b12ad5ce70bdbdf668c7
media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/
9 KB
9 KB
Image
General
Full URL
https://media.static-1and1.com/fileadmin/ONEANDONE_HOSTING/import/LOGIN_DOMAIN_DEFAULT_vi-domain.png?h=af0f239d457fb3b484f5b12ad5ce70bdbdf668c7
Requested by
Host: account.1and1.it
URL: https://account.1and1.it/assets/js/main.js?1.7.91
Protocol
HTTP/1.1
Server
217.160.86.27 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
media.static-1and1.com
Software
Apache /
Resource Hash
c5f149b1368224140be71f16ebe76c8c8dfa98ba7b23384ced7a619c3dfeb112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://account.1and1.it/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 02 Jan 2018 13:51:17 GMT
Server
Apache
X-Cache-Status
MISS
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
8951
rum?dom_serial=1523862993415&application=PU.LO.IT&page=login&node_elements=174&page_size=60561&browser=chrome&browser_version=65&browser_locale=en-US&os=linux&market=IT&variant=&referer=&device_typ...
pixel.1und1.de/
126 B
492 B
XHR
General
Full URL
https://pixel.1und1.de/rum?dom_serial=1523862993415&application=PU.LO.IT&page=login&node_elements=174&page_size=60561&browser=chrome&browser_version=65&browser_locale=en-US&os=linux&market=IT&variant=&referer=&device_type=desktop&unload_time=0&navigation_time=153&browser_time=254&page_load_time=408&redirect_time=0&app_cache_time=-79&dns_time=8&tcp_time=33&request_time=36&response_time=1&resources=17&interactive_time=30&speedIndex=152&startRender=152&ttfb=-2&pfx_get_dom=3&pfx_hdl_doc=2&pfx_rex_doc=0&pfx_pre_proc=0&ng_userid=ac13e481-76379-1523862993-0&application_group=account&request_method=GET&request_id=&application_version=1.7.91&had_data=false&visit_id=
Requested by
Host: account.1and1.it
URL: https://account.1and1.it/assets/js/main.js?1.7.91
Protocol
HTTP/1.1
Server
217.160.86.75 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
pixel.1und1.de
Software
Apache /
Resource Hash
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Referer
https://account.1and1.it/
Origin
https://account.1and1.it
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Mon, 16 Apr 2018 07:16:33 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
https://account.1and1.it
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
126
Expires
Mon, 05 Jul 1970 05:07:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: 1&1 Ionos (Telecommunication)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| jQBrowser object| OAO string| __UI_nguserid object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| IAS

4 Cookies

Domain/Path Name / Value
.1and1.it/ Name: NG_USERID
Value: ac13e481-76379-1523862993-0
account.1and1.it/ Name: _PFXSSL_
Value: true
account.1and1.it/ Name: JSESSIONID
Value: 90066BCB1821C549A34348118B1A450E.TCbs7a
account.1and1.it/ Name: DPX
Value: v1:PE9PK3fMna:2W68lMW4:5ad45be6:de

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.1and1.it pet.1and1.com pet.1and1.com frontend-services.1and1.com pixel.1und1.de; img-src 'self' data: *.1and1.it ias.static-1and1.com media.static-1and1.com pixel.1und1.de; font-src 'self' cors.uicdn.net; script-src 'self' 'nonce-koKdGWZTQnyNFeq84gXaPw' uir.uimserv.net ias.1and1.it as.1and1.it navigation.1and1.it frontend-services.1and1.com; style-src 'self' 'unsafe-inline' navigation.1and1.it frontend-services.1and1.com; frame-src data: 'self' contatti.1and1.it admin.1and1.it www.google.com; child-src data: 'self' www.google.com; frame-ancestors data: 'self' www.google.com; report-uri https://pet.1and1.com/pet/csp/account-webapp;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.1and1.it
cors.uicdn.net
frontend-services.1and1.com
ias.1and1.it
media.static-1and1.com
navigation.1and1.it
pixel.1und1.de
uir.uimserv.net
www.1and1.it
195.20.250.237
217.160.86.14
217.160.86.155
217.160.86.24
217.160.86.27
217.160.86.30
217.160.86.60
217.160.86.61
217.160.86.74
217.160.86.75
2b1b6790147d4954f00cd39a07f13225bf509f9cd8bf8a3d3962fb95f3fad59d
4903ee4be30302bb874b36aa08a7964f65d472f2b0fda76281d31d37056ea233
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
59060a1f019cb761fdb4d50e32ae0040bc5a4ca2e808a1d975926fb2df1057cf
8b3470966c5fcb3ef0b57a56c29d35d48e188fb37030fb274cffd9374306fe12
8fd11f923a747bdf6a2c1a24ee7f24eceb17d6d054f92ef8fa6ef2a1723ddeab
974971550334f44672d7e69ddd4a0bc3dd39c0afe499ee1a2e4b4ff91868eeb6
98d317e0d147338e6f290512b85f5ff97578b943c1c992f8398895ca06852a3e
a46a8e3dce79090dcb3a3754e0d73ddd1cf11923e08109ddead404ab6b1a0afa
a5171677ac4d7d7f4cd6d504f751da08d7a2f2e189a93d54214ea6ca4b5a5f80
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
b340e495730f0eb549e5b252dc7f2fba5a68762f0df92996e2a6e320e07add7a
be5612cdee078f1c15a27ab82fa8e94de681db9ea0e0351f2ab19bd1aabc722d
c480ffde73447a875f3978f8579ae7bf8dedb69b058b6b098561c82246372e62
c5f149b1368224140be71f16ebe76c8c8dfa98ba7b23384ced7a619c3dfeb112
cf1c2954d5ae1b447835b7569e6471e79bc74fa5cd6f9ba4e962894c814540d2
d268081ac376fe2ab815093a01f5459606b75ca5414b438fa031276577b6b068
e902f78d9c596c6b135c83ec1c44ae4b221dcb3dfc5fffcfe007cbf83b24ad45
eea7713c81ac9a855c3f7241310576c5f63e86f729bae6e2b111012f0565411c