email-ionos-uk.standard.us-east-1.oortech.com Open in urlscan Pro
170.106.47.94 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://email-ionos-uk.standard.us-east-1.oortech.com/index.html
Submission: On June 19 via automatic, source phishtank (June 19th 2024, 12:34:11 pm UTC) — Scanned from US

Summary HTTP 34 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 34 HTTP transactions. The main IP is 170.106.47.94, located in Ashburn, United States and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is email-ionos-uk.standard.us-east-1.oortech.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on March 28th 2024. Valid for: a year.

This is the only time email-ionos-uk.standard.us-east-1.oortech.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
3	170.106.47.94 170.106.47.94	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
5 5	104.17.96.13 104.17.96.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	209.94.90.1 209.94.90.1	40680 (PROTOCOL) (PROTOCOL)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
6	213.165.66.58 213.165.66.58	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
11	217.160.86.74 217.160.86.74	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.48 217.160.86.48	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	18.238.49.99 18.238.49.99	16509 (AMAZON-02) (AMAZON-02)
2	217.160.86.59 217.160.86.59	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.148 217.160.86.148	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.27 217.160.86.27	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
34	11

3 170.106.47.94 (Ashburn, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

email-ionos-uk.standard.us-east-1.oortech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.96.13 (None, ) 5 redirects

ASN13335 (CLOUDFLARENET, US)

cloudflare-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.94.90.1 (United States)

ASN40680 (PROTOCOL, US)

ipfs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.165.66.58 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ce1.uicdn.net

ce1.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 217.160.86.74 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: frontend-services.ionos.com

frontend-services.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.48 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ahab.ionos.com

ahab.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.49.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-99.jfk52.r.cloudfront.net

4tdc8ll7wtnf.statuspage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.160.86.59 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: var.uicdn.net

var.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.148 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ias.ionos.de

ias.ionos.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.27 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ias.uicdn.net

ias.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ionos.com frontend-services.ionos.com — Cisco Umbrella Rank: 130691 ahab.ionos.com — Cisco Umbrella Rank: 265268	218 KB
9	uicdn.net ce1.uicdn.net — Cisco Umbrella Rank: 245107 var.uicdn.net — Cisco Umbrella Rank: 214245 ias.uicdn.net — Cisco Umbrella Rank: 534022	347 KB
5	ipfs.io ipfs.io — Cisco Umbrella Rank: 87085	135 KB
5	cloudflare-ipfs.com 5 redirects cloudflare-ipfs.com	1 KB
3	statuspage.io 4tdc8ll7wtnf.statuspage.io — Cisco Umbrella Rank: 434222	3 KB
3	oortech.com email-ionos-uk.standard.us-east-1.oortech.com	9 KB
1	ionos.de ias.ionos.de — Cisco Umbrella Rank: 584867	2 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469	30 KB
34	8

	Domain	Requested by
11	frontend-services.ionos.com	cloudflare-ipfs.com frontend-services.ionos.com
6	ce1.uicdn.net	ipfs.io frontend-services.ionos.com
5	ipfs.io	email-ionos-uk.standard.us-east-1.oortech.com
5	cloudflare-ipfs.com	5 redirects
3	4tdc8ll7wtnf.statuspage.io	frontend-services.ionos.com
3	email-ionos-uk.standard.us-east-1.oortech.com	email-ionos-uk.standard.us-east-1.oortech.com cloudflare-ipfs.com
2	var.uicdn.net	frontend-services.ionos.com
1	ias.uicdn.net
1	ias.ionos.de	frontend-services.ionos.com
1	ahab.ionos.com	cloudflare-ipfs.com
1	ajax.googleapis.com	email-ionos-uk.standard.us-east-1.oortech.com
34	11

This site contains links to these domains. Also see Links.

Domain
www.ionos.com
mein.ionos.de
ias.ionos.de
my.ionos.com
hidrive.ionos.com
archive.ionos.com
www.ionos-status.de

Subject Issuer	Validity	Valid
*.standard.us-east-1.oortech.com TrustAsia RSA DV TLS CA G2	`2024-03-28` - `2025-03-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
ce1.uicdn.net GeoTrust RSA CA 2018	`2024-03-20` - `2025-03-09`	a year	crt.sh
frontend-services.ionos.com GeoTrust TLS RSA CA G1	`2024-05-21` - `2025-06-05`	a year	crt.sh
ahab.ionos.com GeoTrust RSA CA 2018	`2023-12-22` - `2024-12-21`	a year	crt.sh
*.statuspage.io Amazon RSA 2048 M03	`2023-10-18` - `2024-11-16`	a year	crt.sh
var.uicdn.net GeoTrust TLS RSA CA G1	`2023-07-21` - `2024-08-07`	a year	crt.sh
ias.ionos.de GeoTrust TLS RSA CA G1	`2024-04-05` - `2024-08-22`	5 months	crt.sh
ias.uicdn.net GeoTrust TLS RSA CA G1	`2024-05-29` - `2025-06-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://email-ionos-uk.standard.us-east-1.oortech.com/index.html
Frame ID: D23B7D0F88103C14ABDE42F0C4A1E2DA
Requests: 36 HTTP requests in this frame

Frame: https://email-ionos-uk.standard.us-east-1.oortech.com/
Frame ID: F159BC9CDB1BD1A3DB056449420B52B2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Login | IONOS by 1&1

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

85 %
HTTPS

9 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

744 kB
Transfer

2050 kB
Size

1
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ionos.com/
Title: Webmail

Search URL Search Domain Scan URL

URL: https://mein.ionos.de/support/?linkid=nav.top.support.Overlay&skipIntcpts=true

Search URL Search Domain Scan URL

URL: https://www.ionos.com/help/index.php?id=2327&utm_term=2327&utm_campaign=forgotpw&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=flyin
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.ionos.com/help/index.php?id=4083&utm_term=4083&utm_campaign=staysignedin&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=flyin
Title: Remember me

Search URL Search Domain Scan URL

URL: https://ias.ionos.de/ias/follow/CLICK?ias_source=WEBMAILER-DE&ias_medium=login-webmailer_login&ias_content=WEBMAIL_LOGIN_TEASER_MAIL-DEFAULT&ias_campaign=MAIL_ARCHIVING&tzO=-10&iasSessionId=7ca36b63-812a-41fd-a24e-9d13cd6ae7cf&target=https%3A%2F%2Fwww.ionos.de%2Foffice-loesungen%2Feigene-email-adresse%3Fac%3DOM.PU.PU263K416852T7073a%26utm_source%3Dwebmail%26utm_medium%3Dlogin%26utm_campaign%3Dwebmail-nk%26utm_content%3Dmailbasic
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.ionos.com/help/index.php?id=2442&utm_term=2442&utm_campaign=mobile-ios&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: iOS

Search URL Search Domain Scan URL

URL: https://www.ionos.com/help/index.php?id=2444&utm_term=2444&utm_campaign=mobile-android&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Android

Search URL Search Domain Scan URL

URL: https://www.ionos.com/help/index.php?id=2436&utm_term=2436&utm_campaign=desktop-thunderbird&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Thunderbird

Search URL Search Domain Scan URL

URL: https://www.ionos.com/help/index.php?id=2462&utm_term=2462&utm_campaign=desktop-outlook&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Outlook

Search URL Search Domain Scan URL

URL: https://www.ionos.com/help/index.php?id=2445&utm_term=2445&utm_campaign=desktop-applemail&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Apple Mail

Search URL Search Domain Scan URL

URL: https://www.ionos.com/help/index.php?id=2490&utm_term=2490&utm_campaign=other-assistants&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: email programs (POP/IMAP)

Search URL Search Domain Scan URL

URL: https://my.ionos.com/
Title: My IONOS

Search URL Search Domain Scan URL

URL: https://hidrive.ionos.com/
Title: HiDrive

Search URL Search Domain Scan URL

URL: https://archive.ionos.com/
Title: Email archiving

Search URL Search Domain Scan URL

URL: https://www.ionos-status.de/?utm_medium=footer&utm_content=none&utm_source=WEBMAIL_LOGIN&utm_campaign=login&utm_term=no_search
Title: All Systems Operational

Search URL Search Domain Scan URL

URL: https://www.ionos.com/about
Title: IONOS Inc. • 2024

Search URL Search Domain Scan URL

URL: https://www.ionos.com/terms-gtc/terms-privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ionos.com/cookies
Title: here

Search URL Search Domain Scan URL

URL: https://www.ionos.com/terms-gtc/terms-privacy
Title: Privacy Policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cloudflare-ipfs.com/ipfs/QmNbY4viBrMnUQYUEqQpPGkcWkxX3qo1sPoANM2fL73EZL/ionos.min17e5.css?v=1676455791476 HTTP 301
https://ipfs.io/ipfs/QmNbY4viBrMnUQYUEqQpPGkcWkxX3qo1sPoANM2fL73EZL/ionos.min17e5.css

Request Chain 1

https://cloudflare-ipfs.com/ipfs/QmZmGi77jPfcw5FYk7DQ3FXyXt96QpTdyFWnsiHYkEXvzH/login.min17e5.css?v=1676455791476 HTTP 301
https://ipfs.io/ipfs/QmZmGi77jPfcw5FYk7DQ3FXyXt96QpTdyFWnsiHYkEXvzH/login.min17e5.css

Request Chain 3

https://cloudflare-ipfs.com/ipfs/QmbFKSyg9Cu8fNCxkDgJpNuiewvwyHsXaMUvYvmRhfm7Sr/ionos.min17e5.js?v=1676455791476 HTTP 301
https://ipfs.io/ipfs/QmbFKSyg9Cu8fNCxkDgJpNuiewvwyHsXaMUvYvmRhfm7Sr/ionos.min17e5.js

Request Chain 4

https://cloudflare-ipfs.com/ipfs/QmVP7rUxi8WpFM9G6WHk2CtLnZDaA7cu4cFp6VtHsSBHDT/main.min17e5.js?v=1676455791476 HTTP 301
https://ipfs.io/ipfs/QmVP7rUxi8WpFM9G6WHk2CtLnZDaA7cu4cFp6VtHsSBHDT/main.min17e5.js

Request Chain 32

https://cloudflare-ipfs.com/ipfs/QmaJqfEBcMx6BnaQ9TL6zgL5oZE1K8xJXyLwxMX4W4G9bB/favicon.ico HTTP 301
https://ipfs.io/ipfs/QmaJqfEBcMx6BnaQ9TL6zgL5oZE1K8xJXyLwxMX4W4G9bB/favicon.ico

34 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.html Show response
email-ionos-uk.standard.us-east-1.oortech.com/ 39 KB
8 KB 308ms
179ms Document
text/html 170.106.47.94
TENCENT-NET-AP-CN...

General

Source	Level	URL Text
recommendation	verbose	URL: https://email-ionos-uk.standard.us-east-1.oortech.com/index.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://email-ionos-uk.standard.us-east-1.oortech.com/ Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://email-ionos-uk.standard.us-east-1.oortech.com/maintenance/status.json Message: Failed to load resource: the server responded with a status of 400 ()

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

email-ionos-uk.standard.us-east-1.oortech.com Open in urlscan Pro 170.106.47.94 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

85 %HTTPS

9 %IPv6

8 Domains

11 Subdomains

11 IPs

3 Countries

744 kBTransfer

2050 kBSize

1 Cookies

19 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

email-ionos-uk.standard.us-east-1.oortech.com Open in urlscan Pro
170.106.47.94 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

85 %
HTTPS

9 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

744 kB
Transfer

2050 kB
Size

1
Cookies

34 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!