id-ee-page.com
Open in
urlscan Pro
68.66.248.58
Malicious Activity!
Public Scan
Effective URL: https://id-ee-page.com/login.php?&sessionid=2dd4ad90f02a165ba447c44ac8d6336d&securessl=true
Submission: On October 27 via api from QA
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 25th 2020. Valid for: 3 months.
This is the only time id-ee-page.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: EE (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 68.66.248.58 68.66.248.58 | 55293 (A2HOSTING) (A2HOSTING) | |
12 | 1 |
ASN55293 (A2HOSTING, US)
PTR: nl1-sr9.supercp.com
id-ee-page.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
id-ee-page.com
1 redirects
id-ee-page.com |
404 KB |
12 | 1 |
Domain | Requested by | |
---|---|---|
13 | id-ee-page.com |
1 redirects
id-ee-page.com
|
12 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
accessories.ee.co.uk |
prod-author.intdigital.ee.co.uk |
community.ee.co.uk |
newsroom.ee.co.uk |
recycle.ee.co.uk |
jobs.ee.co.uk |
twitter.com |
www.facebook.com |
www.youtube.com |
www.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
id-ee-page.com cPanel, Inc. Certification Authority |
2020-10-25 - 2021-01-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://id-ee-page.com/login.php?&sessionid=2dd4ad90f02a165ba447c44ac8d6336d&securessl=true
Frame ID: A165A4D808477A736CC04C2917BEF05F
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://id-ee-page.com/
HTTP 302
https://id-ee-page.com/login.php?&sessionid=2dd4ad90f02a165ba447c44ac8d6336d&securessl=true Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: Accessories
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: EE Community
Search URL Search Domain Scan URL
Title: Great Extras
Search URL Search Domain Scan URL
Title: Pay as you go perks
Search URL Search Domain Scan URL
Title: Apple Music
Search URL Search Domain Scan URL
Title: BT Sport app
Search URL Search Domain Scan URL
Title: Newsroom
Search URL Search Domain Scan URL
Title: Trade In
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: EE on Twitter
Search URL Search Domain Scan URL
Title: EE on Facebook
Search URL Search Domain Scan URL
Title: EE on YouTube
Search URL Search Domain Scan URL
Title: EE on LinkedIn
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://id-ee-page.com/
HTTP 302
https://id-ee-page.com/login.php?&sessionid=2dd4ad90f02a165ba447c44ac8d6336d&securessl=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
login.php
id-ee-page.com/ Redirect Chain
|
164 KB 20 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.525b36e.min.css
id-ee-page.com/login2_files/ |
171 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.525b36e.min.css
id-ee-page.com/login2_files/ |
54 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlibs_myee.min.css
id-ee-page.com/login2_files/ |
251 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlibs_meganav.min.css
id-ee-page.com/login2_files/ |
70 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nobblee_light.woff
id-ee-page.com/login2_files/ |
32 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rubrik_semibold.woff
id-ee-page.com/login2_files/ |
32 KB 33 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rubrik_regular.woff
id-ee-page.com/login2_files/ |
31 KB 32 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EE-main-sprite.svg
id-ee-page.com/login2_files/ |
69 KB 70 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rubrik_light.woff
id-ee-page.com/login2_files/ |
31 KB 31 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nobblee_regular.woff
id-ee-page.com/login2_files/ |
47 KB 48 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ee-icons.woff
id-ee-page.com/login2_files/ |
47 KB 48 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: EE (Telecommunication)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| empty function| change function| togglePasswordFieldClicked1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
id-ee-page.com/ | Name: PHPSESSID Value: c3c63a9dbec929345490c158d0951f5d |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
id-ee-page.com
68.66.248.58
1af05253947be88483e3340c3f971b3c0a6830a71851b9d3e5f3de83a89005f1
2b89baf67f5e1aa139e20130996a974507a41a90cea27369acf04b6e71a8de31
59a88d64e191e0adfd848a14cd3be24ac3dbbc4c2d888bb20c6e768d7ae59514
717f88116eeb521c6f62d2507b1df5331a3422cfe73126c2675382b5540cf57f
92570d2534fc4d673622e3881535a6dc39213c9f6ff05903ec90a8381b1a2ffe
946ad47743936e2e0d7568739ac424d317f65d4d91dcf726188770cea8f37741
a2b35cb11e44fb935099d43e70a5a61c3e4af9769b48c3ff27778c359052ab78
acea39034bdc9a63be47a4ce532a8cb52d1eda72dc6792c677e9a5dcd053a76d
b8f79980766088c91d36e1b7baf250817f784421ce0b09af9c6193587a4a5be8
da4cc80a79084aaf4e6edd60228913b0244dec63332d25b36c076632619b19ed
ec146eee851ae5f2e2024ca8b5d717d5de93046e249c78df51c0df2abe58fa31
f4ee3d2576721382a88d0594dc731ad0bfbdce1f8d86cd966b439e0147b4807a