minitrip.lt
Open in
urlscan Pro
194.135.87.99
Malicious Activity!
Public Scan
Submission: On June 28 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on May 12th 2019. Valid for: 3 months.
This is the only time minitrip.lt was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: 1&1 Ionos (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 194.135.87.99 194.135.87.99 | 62282 (RACKRAY U...) (RACKRAY UAB Rakrejus) | |
7 | 213.165.66.58 213.165.66.58 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
11 | 217.160.86.61 217.160.86.61 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 74.208.255.181 74.208.255.181 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 74.208.255.133 74.208.255.133 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 195.20.250.204 195.20.250.204 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 195.20.250.237 195.20.250.237 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
3 | 52.215.192.131 52.215.192.131 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 217.160.86.148 217.160.86.148 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
1 | 217.160.86.204 217.160.86.204 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
29 | 11 |
ASN62282 (RACKRAY UAB Rakrejus, LT)
PTR: limanda.serveriai.lt
minitrip.lt |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: ce1.uicdn.net
ce1.uicdn.net |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: frontend-services.1and1.com
frontend-services.ionos.com |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: login.ionos.com
login.ionos.com |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: www.1and1.com
www.1and1.com |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: tif-bs.ionos.com
tif.ionos.com |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: x.uimserv.net
uir.uimserv.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-215-192-131.eu-west-1.compute.amazonaws.com
l4wxddfpxjw0.statuspage.io |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: ias.1und1.de
ias.ionos.de |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: pixel.1und1.de
pixel.1und1.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
ionos.com
frontend-services.ionos.com login.ionos.com tif.ionos.com |
361 KB |
7 |
uicdn.net
ce1.uicdn.net |
280 KB |
3 |
statuspage.io
l4wxddfpxjw0.statuspage.io |
1 KB |
2 |
minitrip.lt
minitrip.lt |
64 KB |
1 |
1und1.de
pixel.1und1.de |
487 B |
1 |
ionos.de
ias.ionos.de |
819 B |
1 |
uimserv.net
uir.uimserv.net |
603 B |
1 |
1and1.com
www.1and1.com |
|
29 | 8 |
Domain | Requested by | |
---|---|---|
11 | frontend-services.ionos.com |
minitrip.lt
frontend-services.ionos.com |
7 | ce1.uicdn.net |
minitrip.lt
|
3 | l4wxddfpxjw0.statuspage.io |
frontend-services.ionos.com
|
2 | minitrip.lt |
minitrip.lt
|
1 | pixel.1und1.de |
login.ionos.com
|
1 | ias.ionos.de |
frontend-services.ionos.com
|
1 | uir.uimserv.net |
login.ionos.com
|
1 | tif.ionos.com |
frontend-services.ionos.com
|
1 | www.1and1.com |
minitrip.lt
|
1 | login.ionos.com |
minitrip.lt
|
29 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ionos.com |
contact.ionos.com |
ias.ionos.de |
mail.ionos.com |
dcd.ionos.com |
hidrive.ionos.com |
www.ionos-status.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
minitrip.lt Let's Encrypt Authority X3 |
2019-05-12 - 2019-08-10 |
3 months | crt.sh |
ce1.uicdn.net GeoTrust RSA CA 2018 |
2018-03-13 - 2020-03-12 |
2 years | crt.sh |
frontend-services.ionos.com GeoTrust RSA CA 2018 |
2018-06-26 - 2020-06-25 |
2 years | crt.sh |
login.ionos.de GeoTrust EV RSA CA 2018 |
2018-11-13 - 2020-07-01 |
2 years | crt.sh |
www.1and1.com GeoTrust EV RSA CA 2018 |
2018-03-12 - 2019-09-18 |
2 years | crt.sh |
*.ionos.com GeoTrust RSA CA 2018 |
2018-12-04 - 2020-12-03 |
2 years | crt.sh |
*.uimserv.net GeoTrust RSA CA 2018 |
2018-02-19 - 2021-02-18 |
3 years | crt.sh |
*.statuspage.io DigiCert SHA2 High Assurance Server CA |
2018-02-02 - 2020-04-01 |
2 years | crt.sh |
ias.ionos.de GeoTrust RSA CA 2018 |
2018-08-27 - 2020-06-25 |
2 years | crt.sh |
pixel.1und1.de GeoTrust RSA CA 2018 |
2018-04-17 - 2020-05-02 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://minitrip.lt/wp-admin/images/www.ionos.com.verification/1and1/
Frame ID: C417419C28F88283625C199ECD263C12
Requests: 29 HTTP requests in this frame
Frame:
https://www.1and1.com/cookiecheck
Frame ID: 487D7E5BD6B5FCDEF9829BBB12C09FD2
Requests: 1 HTTP requests in this frame
12 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: Need Help?
Search URL Search Domain Scan URL
Title: Remember me
Search URL Search Domain Scan URL
Title: Jetzt Kunde werden und von unseren Angeboten profitieren.
Search URL Search Domain Scan URL
Title: Webmail
Search URL Search Domain Scan URL
Title: Data Center Designer
Search URL Search Domain Scan URL
Title: HiDrive
Search URL Search Domain Scan URL
Title: All Systems Operational
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: GoToAssist
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
minitrip.lt/wp-admin/images/www.ionos.com.verification/1and1/ |
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ionos.min.css
ce1.uicdn.net/exos/framework/1.0/ |
125 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
account-webapp.js
frontend-services.ionos.com/t/tag/IONOS/ |
31 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
login.ionos.com/assets/js/ |
144 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ionos.min.js
ce1.uicdn.net/exos/framework/1.0/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
cookiecheck
www.1and1.com/ Frame 487D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-us-200pxblack.jpg
minitrip.lt/img/ |
58 KB 58 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-regular.woff
ce1.uicdn.net/exos/fonts/open-sans/ |
62 KB 63 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exos-icon-font.woff
ce1.uicdn.net/exos/icons/ |
46 KB 47 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
overpass-regular.woff
ce1.uicdn.net/exos/fonts/overpass/ |
42 KB 42 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
opensans-bold.woff
ce1.uicdn.net/exos/fonts/open-sans/ |
62 KB 63 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
overpass-bold.woff
ce1.uicdn.net/exos/fonts/overpass/ |
41 KB 42 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigation.js
frontend-services.ionos.com/t/navi/js/ |
309 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inpagelayer.js
frontend-services.ionos.com/t/inpagelayer/js/ |
57 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
welcome-tour.js
frontend-services.ionos.com/t/welcometour/js/ |
129 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
statuspage.js
frontend-services.ionos.com/t/statuspage/js/ |
162 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pushnotifications.js
frontend-services.ionos.com/t/pushnotifications/js/ |
206 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ias.js
frontend-services.ionos.com/t/ias/js/ |
68 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigation.css
frontend-services.ionos.com/t/navi/css/ |
111 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
70000.js
tif.ionos.com/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inpagelayer.css
frontend-services.ionos.com/t/inpagelayer/css/ |
25 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
welcome-tour.css
frontend-services.ionos.com/t/welcometour/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
uir.uimserv.net/sid/ |
46 B 603 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
320 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
statuspage.css
frontend-services.ionos.com/t/statuspage/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status.json
l4wxddfpxjw0.statuspage.io/api/v2/ |
232 B 734 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
active.json
l4wxddfpxjw0.statuspage.io/api/v2/scheduled-maintenances/ |
190 B 330 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unresolved.json
l4wxddfpxjw0.statuspage.io/api/v2/incidents/ |
177 B 319 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zones
ias.ionos.de/ias/ |
790 B 819 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
pixel.1und1.de/ |
126 B 487 B |
XHR
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: 1&1 Ionos (Telecommunication)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| shopLoginLink string| displayMode boolean| shopLoginEnabled boolean| ngCookieCheck string| visitId function| ngCookieCheckMessage object| OAO object| Tap object| EXOS object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| jQBrowser object| NSfTIF string| __UI_nguserid object| IAS1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.minitrip.lt/ | Name: NG_USERID Value: ac13e480-44098-1561755919-0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ce1.uicdn.net
frontend-services.ionos.com
ias.ionos.de
l4wxddfpxjw0.statuspage.io
login.ionos.com
minitrip.lt
pixel.1und1.de
tif.ionos.com
uir.uimserv.net
www.1and1.com
194.135.87.99
195.20.250.204
195.20.250.237
213.165.66.58
217.160.86.148
217.160.86.204
217.160.86.61
52.215.192.131
74.208.255.133
74.208.255.181
067071641a5d0821ca5cb04e0242c979790c5f047a740f2d716d8b48ac068349
2706007d6467154428208a25e188b8c27ca6bdc4e52bcd2fc3533ad7cbcee987
2e1587380141daff4e10a8e3db8f7ae5887102ab7576bff43049590f637ac20b
3363f0ea105fc9081f6bcbf948502e105fb67a10c3880db84c5f9b07e03fb908
4198f54d60fad38aa090766bc7f484845d5c7bf32a02b8cc2522e69bc8279542
4b2105a0a21e2bd0723982e1a244761b344b35b8b28dbee72c6546f481d028a0
4f3922e45a7dfdb2b8b086a74fe1d1f0f4777062d89b572819349e43e4691bcd
589d9794bcb58ea72980157b4279e3bae459ed775c91aa1d23a75071db9c6466
593fb39fbb3e0d4d594abbacd3f97fd50204df43ae8b8253a9bf63b5bb98f6e0
6cae0e021c05e022add43b9a7774ad957bd4c07c169da75e9f0d22e443588835
7afccd9150b0fcbf1a1056e6cc6051c9b6d85a55da7bf1a7fb0f475c0b22facc
7d7a1a8ec55f31a6674fd2e2c41bcc6421a9aeb5cf161c6e93363f31347160f9
83ac80afb9f162b50d9f1e8328dc27d149a20eaaf29dd0e31d0399d47a403e6e
89734f87d23939bdde2c7d891000b4a0b8d6d25ba2e2119d433485099fe9e365
8f29117f5c5f35ff774100f9bd98c363020f635deeb5f5074e4def32d5203388
918cab037dd8fd34234075359889c104b4b6797ab10421553ada9b39cd496492
9851d0476957f1f77b764020415ffe126a0eecaf5824fa0289b3e61ce82b7d65
a1376a1ba458d87c7e9a6fae3d214c18d0c79ae3774d67983024cdae9b2fecfb
a3fc0b6319a0333cbe42a2e665f735d8b512f4112c41e5a135ceacd26581658f
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
aa25179e2e2decc906cdaea1624eb1567cd62ae28cc5679d4d3867172f7ccbbd
b73d0c65fdcf00de10ab80f1b9b07f62e56494e815f6a1d33a6c3cc7a99622b8
b9ad34a04945ce387bad08d8961ed12bce7f5cada655412b9ffba4bac6d30e1e
bba51b82df659b48e99749bb6db143bab1fccfe415d3dee4513df21ce703c33b
d78e7ad4838a9fb4db11451b1db78ccd0b0c7b28f5787684ce2870918ce27bb5
e45f2f6f9d0e04272e6e72bfac3379a41ea3ddb5575399739f194bb8f4651683
f218b89a383a43413870be6074a2d0a14474896ca607c0d0450c297ab2ec993f
f66eec7223b7c1ad627974434d8ce0ba1126748210e292a9caae41d3adba6cca
fb9ea091752e6b75a1f9e2abc314879a02cf74ae763814a4f4daab190004bb06