www.strato.de.dff7.de
Open in
urlscan Pro
2001:8d8:100f:f000::2f0
Malicious Activity!
Public Scan
Submission: On November 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 5th 2024. Valid for: a year.
This is the only time www.strato.de.dff7.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Strato AG (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2001:8d8:100f... 2001:8d8:100f:f000::2f0 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
2 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
1 |
dff7.de
www.strato.de.dff7.de |
1023 KB |
0 |
gstatic.com
Failed
www.gstatic.com Failed |
|
2 | 2 |
Domain | Requested by | |
---|---|---|
1 | www.strato.de.dff7.de | |
0 | www.gstatic.com Failed |
www.strato.de.dff7.de
|
2 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
webmail.strato.de.d9d6.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
strato.de.dff7.de Sectigo RSA Domain Validation Secure Server CA |
2024-11-05 - 2025-11-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.strato.de.dff7.de/CustomerService.dlink.OnlineInvoice/STRATO-Kunden-Login.htm
Frame ID: 15D5CDF269305C0E6181728754696991
Requests: 10 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Jetzt bezahlen
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
2 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
STRATO-Kunden-Login.htm
www.strato.de.dff7.de/CustomerService.dlink.OnlineInvoice/ |
1 MB 1023 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
181 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
147 KB 147 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.gstatic.com
- URL
- https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Strato AG (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.gstatic.com
www.strato.de.dff7.de
www.gstatic.com
2001:8d8:100f:f000::2f0
00a51cdd3e6184a1bc3765231f0a08ad06e6786da489bb08b13d1ed665559a19
57c0199deb3ed35f05a1f3ec34766c92f060a66884ba10422751dd854e824d23
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
71b26d0bc6f22442a4d434dca66fedc2ff19c38bec9c9fd4ec8a9a51eccf71de
76868546c85c1adaa0ef82c36c651974b6508777eb6e86fe0b634ccb4cdf3686
7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d
a04f2f8e96908c5d3e4cc0b909258ace77553856bccf3f09dc55411a3d6a999d
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e