ionos-mein.webmail.de.flick-fix.de Open in urlscan Pro
2001:8d8:100f:f000::29d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm
Effective URL:
https://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm
Submission: On July 02 via api (July 2nd 2024, 12:28:51 am UTC) from LU — Scanned from DE

Summary HTTP 54 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 6 domains to perform 54 HTTP transactions. The main IP is 2001:8d8:100f:f000::29d, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is ionos-mein.webmail.de.flick-fix.de.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on January 5th 2024. Valid for: a year.

This is the only time ionos-mein.webmail.de.flick-fix.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
23	2001:8d8:100f... 2001:8d8:100f:f000::29d	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
6	213.165.66.58 213.165.66.58	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
10	217.160.86.61 217.160.86.61	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.41 217.160.86.41	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	217.160.86.148 217.160.86.148	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
6	108.138.7.16 108.138.7.16	16509 (AMAZON-02) (AMAZON-02)
2	217.160.86.59 217.160.86.59	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	195.20.250.190 195.20.250.190	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	195.20.250.183 195.20.250.183	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	217.160.86.27 217.160.86.27	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
54	11

23 2001:8d8:100f:f000::29d (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

ionos-mein.webmail.de.flick-fix.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.165.66.58 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ce1.uicdn.net

ce1.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 217.160.86.61 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: frontend-services.ionos.com

frontend-services.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.41 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ahab.ionos.com

ahab.ionos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.160.86.148 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ias.ionos.de

ias.ionos.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.7.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-16.fra56.r.cloudfront.net

4tdc8ll7wtnf.statuspage.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.160.86.59 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: var.uicdn.net

var.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.20.250.190 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: t-bs.ionos.de

t.ionos.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.20.250.183 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: t-bs.uimserv.net

t.uimserv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.160.86.27 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ias.uicdn.net

ias.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	flick-fix.de ionos-mein.webmail.de.flick-fix.de	2 MB
11	ionos.com frontend-services.ionos.com — Cisco Umbrella Rank: 130691 ahab.ionos.com — Cisco Umbrella Rank: 265268	203 KB
9	uicdn.net ce1.uicdn.net — Cisco Umbrella Rank: 245107 var.uicdn.net — Cisco Umbrella Rank: 214245 ias.uicdn.net — Cisco Umbrella Rank: 534022	347 KB
6	statuspage.io 4tdc8ll7wtnf.statuspage.io — Cisco Umbrella Rank: 434222	4 KB
3	ionos.de ias.ionos.de — Cisco Umbrella Rank: 584867 mail.ionos.de Failed t.ionos.de — Cisco Umbrella Rank: 699964	4 KB
1	uimserv.net t.uimserv.net — Cisco Umbrella Rank: 37306	711 B
54	6

	Domain	Requested by
23	ionos-mein.webmail.de.flick-fix.de	ionos-mein.webmail.de.flick-fix.de frontend-services.ionos.com
10	frontend-services.ionos.com	ionos-mein.webmail.de.flick-fix.de frontend-services.ionos.com
6	4tdc8ll7wtnf.statuspage.io	ionos-mein.webmail.de.flick-fix.de frontend-services.ionos.com
6	ce1.uicdn.net	ionos-mein.webmail.de.flick-fix.de frontend-services.ionos.com
2	var.uicdn.net	ionos-mein.webmail.de.flick-fix.de
2	ias.ionos.de	ionos-mein.webmail.de.flick-fix.de frontend-services.ionos.com
1	ias.uicdn.net
1	t.uimserv.net	ionos-mein.webmail.de.flick-fix.de
1	t.ionos.de	ionos-mein.webmail.de.flick-fix.de
1	ahab.ionos.com	ionos-mein.webmail.de.flick-fix.de
0	mail.ionos.de Failed
54	11

This site contains links to these domains. Also see Links.

Domain
www.ionos.de
ias.ionos.de
mein.ionos.de
hidrive.ionos.com
archiv.ionos.de
www.ionos-status.de

Subject Issuer	Validity	Valid
*.webmail.de.flick-fix.de Encryption Everywhere DV TLS CA - G2	`2024-01-05` - `2025-01-17`	a year	crt.sh
ce1.uicdn.net GeoTrust RSA CA 2018	`2024-03-20` - `2025-03-09`	a year	crt.sh
frontend-services.ionos.com GeoTrust TLS RSA CA G1	`2024-05-21` - `2025-06-05`	a year	crt.sh
ahab.ionos.com GeoTrust RSA CA 2018	`2023-12-22` - `2024-12-21`	a year	crt.sh
ias.ionos.de GeoTrust TLS RSA CA G1	`2024-04-05` - `2024-08-22`	5 months	crt.sh
*.statuspage.io Amazon RSA 2048 M03	`2023-10-18` - `2024-11-16`	a year	crt.sh
var.uicdn.net GeoTrust TLS RSA CA G1	`2023-07-21` - `2024-08-07`	a year	crt.sh
*.ionos.de GeoTrust TLS RSA CA G1	`2023-08-18` - `2024-09-17`	a year	crt.sh
*.uimserv.net GeoTrust TLS RSA CA G1	`2023-10-10` - `2024-11-09`	a year	crt.sh
ias.uicdn.net GeoTrust TLS RSA CA G1	`2024-05-29` - `2025-06-26`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm
Frame ID: BCE7FC9C29E09C5D3508D1628F7A442A
Requests: 56 HTTP requests in this frame

Frame: https://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login_files/robots.html
Frame ID: B0AEA896231C3AAB6E1257A3DA9E6891
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Login | IONOS by 1&1

Page URL History Show full URLs

http://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm HTTP 307
https://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm Page URL

Page Statistics

54
Requests

98 %
HTTPS

10 %
IPv6

6
Domains

11
Subdomains

11
IPs

2
Countries

2126 kB
Transfer

2855 kB
Size

3
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ionos.de/
Title: Webmail

Search URL Search Domain Scan URL

URL: https://www.ionos.de/hilfe/index.php?id=2327&utm_term=2327&utm_campaign=forgotpw&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=flyin
Title: Passwort vergessen?

Search URL Search Domain Scan URL

URL: https://www.ionos.de/hilfe/index.php?id=4083&utm_term=4083&utm_campaign=staysignedin&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=flyin
Title: Eingeloggt bleiben

Search URL Search Domain Scan URL

URL: https://ias.ionos.de/ias/follow/CLICK?ias_source=WEBMAILER-DE&ias_medium=login-webmailer_login&ias_content=WEBMAIL_LOGIN_TEASER_MAIL-DEFAULT&ias_campaign=MAIL_ARCHIVING&tzO=%2B2&iasSessionId=1363c0fb-2608-4c96-80ec-60601f036956&target=https%3A%2F%2Fwww.ionos.de%2Foffice-loesungen%2Feigene-email-adresse%3Fac%3DOM.PU.PU263K416852T7073a%26utm_source%3Dwebmail%26utm_medium%3Dlogin%26utm_campaign%3Dwebmail-nk%26utm_content%3Dmailbasic
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://www.ionos.de/hilfe/index.php?id=2442&utm_term=2442&utm_campaign=mobile-ios&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: iOS

Search URL Search Domain Scan URL

URL: https://www.ionos.de/hilfe/index.php?id=2444&utm_term=2444&utm_campaign=mobile-android&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Android

Search URL Search Domain Scan URL

URL: https://www.ionos.de/hilfe/index.php?id=2436&utm_term=2436&utm_campaign=desktop-thunderbird&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Thunderbird

Search URL Search Domain Scan URL

URL: https://www.ionos.de/hilfe/index.php?id=2462&utm_term=2462&utm_campaign=desktop-outlook&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Outlook

Search URL Search Domain Scan URL

URL: https://www.ionos.de/hilfe/index.php?id=2445&utm_term=2445&utm_campaign=desktop-applemail&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Apple Mail

Search URL Search Domain Scan URL

URL: https://www.ionos.de/hilfe/index.php?id=2490&utm_term=2490&utm_campaign=other-assistants&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: E-Mail-Programme (POP/IMAP)

Search URL Search Domain Scan URL

URL: https://mein.ionos.de/
Title: Mein IONOS

Search URL Search Domain Scan URL

URL: https://hidrive.ionos.com/
Title: HiDrive

Search URL Search Domain Scan URL

URL: https://archiv.ionos.de/
Title: E-Mail-Archiv

Search URL Search Domain Scan URL

URL: https://www.ionos-status.de/?utm_medium=footer&utm_content=minor&utm_source=WEBMAIL_LOGIN&utm_campaign=login&utm_term=no_search
Title: Eingeschränkte Leistung

Search URL Search Domain Scan URL

URL: https://www.ionos-status.de/?utm_medium=footer&utm_content=minor&utm_source=unknown&utm_campaign=unknown&utm_term=no_search
Title: Eingeschränkte Leistung

Search URL Search Domain Scan URL

URL: https://www.ionos.de/impressum
Title: IONOS SE • 2024

Search URL Search Domain Scan URL

URL: https://www.ionos.de/terms-gtc/terms-privacy/
Title: Datenschutzhinweise

Search URL Search Domain Scan URL

URL: https://www.ionos.de/cookies
Title: Richtlinie zur Verwendung von Cookies

Search URL Search Domain Scan URL

URL: https://www.ionos.de/terms-gtc/terms-privacy
Title: Datenschutzhinweisen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm HTTP 307
https://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Webmail_Login.htm Show response
ionos-mein.webmail.de.flick-fix.de/soce/
Redirect Chain

http://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm
https://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm

24 KB
7 KB

374ms
29ms

Document
text/html

2001:8d8:100f:f000::29d
IONOS-AS This is ...

General

Domain/Path	Expires	Name / Value
.flick-fix.de/	1970-01-21 06:30:16	Name: banner-cookieinfo Value: 1.7.40
.uimserv.net/	1970-01-21 06:30:16	Name: NGUserID Value: TGP-OPT-OUT
.ionos.de/	1970-01-21 06:30:16	Name: ionosid Value: TGP-OPT-OUT

Source	Level	URL Text
recommendation	verbose	URL: https://ionos-mein.webmail.de.flick-fix.de/soce/Webmail_Login.htm Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://ionos-mein.webmail.de.flick-fix.de/soce/maintenance/status.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ionos-mein.webmail.de.flick-fix.de/soce/false Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ionos-mein.webmail.de.flick-fix.de/soce/false Message: Failed to load resource: the server responded with a status of 404 ()

ionos-mein.webmail.de.flick-fix.de Open in urlscan Pro 2001:8d8:100f:f000::29d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

54 Requests

98 %HTTPS

10 %IPv6

6 Domains

11 Subdomains

11 IPs

2 Countries

2126 kBTransfer

2855 kBSize

3 Cookies

19 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ionos-mein.webmail.de.flick-fix.de Open in urlscan Pro
2001:8d8:100f:f000::29d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

10 %
IPv6

6
Domains

11
Subdomains

11
IPs

2
Countries

2126 kB
Transfer

2855 kB
Size

3
Cookies

54 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!