www.strato.de.dff7.de Open in urlscan Pro
2001:8d8:100f:f000::2f0  Malicious Activity! Public Scan

URL: https://www.strato.de.dff7.de/CustomerService.dlink.OnlineInvoice/STRATO-Kunden-Login.htm
Submission: On November 05 via api from US — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2001:8d8:100f:f000::2f0, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is www.strato.de.dff7.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 5th 2024. Valid for: a year.
This is the only time www.strato.de.dff7.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Strato AG (Online)

Domain & IP information

IP Address AS Autonomous System
1 2001:8d8:100f... 8560 (IONOS-AS ...)
2 2
Apex Domain
Subdomains
Transfer
1 dff7.de
www.strato.de.dff7.de
1023 KB
0 gstatic.com Failed
www.gstatic.com Failed
2 2
Domain Requested by
1 www.strato.de.dff7.de
0 www.gstatic.com Failed www.strato.de.dff7.de
2 2

This site contains links to these domains. Also see Links.

Domain
webmail.strato.de.d9d6.de
Subject Issuer Validity Valid
strato.de.dff7.de
Sectigo RSA Domain Validation Secure Server CA
2024-11-05 -
2025-11-05
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.strato.de.dff7.de/CustomerService.dlink.OnlineInvoice/STRATO-Kunden-Login.htm
Frame ID: 15D5CDF269305C0E6181728754696991
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

STRATO Kunden-Login

Page Statistics

2
Requests

50 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1201 kB
Transfer

1638 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request STRATO-Kunden-Login.htm
www.strato.de.dff7.de/CustomerService.dlink.OnlineInvoice/
1 MB
1023 KB
Document
General
Full URL
https://www.strato.de.dff7.de/CustomerService.dlink.OnlineInvoice/STRATO-Kunden-Login.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::2f0 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
71b26d0bc6f22442a4d434dca66fedc2ff19c38bec9c9fd4ec8a9a51eccf71de

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 05 Nov 2024 11:38:27 GMT
etag
W/"1684a0-6262722e31c54"
last-modified
Tue, 05 Nov 2024 09:36:31 GMT
server
Apache
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/
0
0

truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76868546c85c1adaa0ef82c36c651974b6508777eb6e86fe0b634ccb4cdf3686

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a04f2f8e96908c5d3e4cc0b909258ace77553856bccf3f09dc55411a3d6a999d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00a51cdd3e6184a1bc3765231f0a08ad06e6786da489bb08b13d1ed665559a19

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57c0199deb3ed35f05a1f3ec34766c92f060a66884ba10422751dd854e824d23

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/png
truncated
/
181 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
16 KB
16 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://www.strato.de.dff7.de
Referer

Response headers

Content-Type
font/woff2
truncated
/
147 KB
147 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://www.strato.de.dff7.de
Referer

Response headers

Content-Type
font/woff2
truncated
/
15 KB
15 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://www.strato.de.dff7.de
Referer

Response headers

Content-Type
font/woff2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gstatic.com
URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Strato AG (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: https://www.strato.de.dff7.de/CustomerService.dlink.OnlineInvoice/STRATO-Kunden-Login.htm(Line 20)
Message:
Refused to load the stylesheet 'https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=DAY/d=0/rs=AN8SPfrCcgxoBri2FVMQptvuOBiOsolgBw/m=el_main_css' because it violates the following Content Security Policy directive: "style-src 'unsafe-inline'". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.