urlscan.io logo urlscan.io
SecurityTrails logo

accout-update.selercentral.dr-krahmer.de Open in urlscan Pro
2001:8d8:100f:f000::25f  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://accout-update.selercentral.dr-krahmer.de/index2.html
Submission: On May 01 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2001:8d8:100f:f000::25f, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is accout-update.selercentral.dr-krahmer.de.
This is the only time accout-update.selercentral.dr-krahmer.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
5 2001:8d8:100f... 8560 (IONOS-AS ...)
3 2600:9000:223... 16509 (AMAZON-02)
8 2
Apex Domain
Subdomains		 Transfer
5 dr-krahmer.de
accout-update.selercentral.dr-krahmer.de
221 KB
3 media-amazon.com
m.media-amazon.com — Cisco Umbrella Rank: 419
61 KB
8 2
Domain Requested by
5 accout-update.selercentral.dr-krahmer.de accout-update.selercentral.dr-krahmer.de
3 m.media-amazon.com accout-update.selercentral.dr-krahmer.de
8 2

This site contains links to these domains. Also see Links.

Domain
www.amazon.de
Subject Issuer Validity Valid
images-na.ssl-images-amazon.com
DigiCert Global CA G2		 2022-10-26 -
2023-10-14		 a year crt.sh

This page contains 1 frames:

Primary Page: http://accout-update.selercentral.dr-krahmer.de/index2.html
Frame ID: C39BD57158AE1552365B98434D736AE7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon Anmelden

Page Statistics

8
Requests

38 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

282 kB
Transfer

324 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index2.html
accout-update.selercentral.dr-krahmer.de/ 		84 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://accout-update.selercentral.dr-krahmer.de/index2.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::25f , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
1272890ece3711ed4172c370fe0befd8f32dd852d39645b114faf8c209af4fcd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 01 May 2023 07:27:54 GMT
ETag
W/"150cc-5da76e21b7680"
Keep-Alive
timeout=15
Last-Modified
Fri, 18 Mar 2022 04:50:18 GMT
Server
Apache
Transfer-Encoding
chunked
31YXrY93hfL.js.download
accout-update.selercentral.dr-krahmer.de/index_files/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://accout-update.selercentral.dr-krahmer.de/index_files/31YXrY93hfL.js.download
Requested by
Host: accout-update.selercentral.dr-krahmer.de
URL: http://accout-update.selercentral.dr-krahmer.de/index2.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::25f , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
0debafeb8c39f3d5cdd9443cd018edee19d76125de4dc4765454f3008cb81a01

Request headers

Referer
http://accout-update.selercentral.dr-krahmer.de/index2.html
Origin
http://accout-update.selercentral.dr-krahmer.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 07:27:54 GMT
Last-Modified
Fri, 18 Mar 2022 10:13:40 GMT
Server
Apache
ETag
"25c5-5da7b668e7d00"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
9669
61A6IErPNXL._RC_11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31U9HrBLKmL.css_.css
accout-update.selercentral.dr-krahmer.de/index_files/ 		133 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://accout-update.selercentral.dr-krahmer.de/index_files/61A6IErPNXL._RC_11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31U9HrBLKmL.css_.css
Requested by
Host: accout-update.selercentral.dr-krahmer.de
URL: http://accout-update.selercentral.dr-krahmer.de/index2.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::25f , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
65e3ba66df0c9c45a17ac62283069d21d5e4a473d649a1d574a562a44f9a09c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://accout-update.selercentral.dr-krahmer.de/index2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 07:27:54 GMT
Last-Modified
Fri, 18 Mar 2022 10:13:40 GMT
Server
Apache
ETag
"213b1-5da7b668e7d00"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
136113
01SdjaY0ZsL._RC_31jdWD+JB+L.css,41O23DtqM3L.css_.css
accout-update.selercentral.dr-krahmer.de/index_files/ 		36 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://accout-update.selercentral.dr-krahmer.de/index_files/01SdjaY0ZsL._RC_31jdWD+JB+L.css,41O23DtqM3L.css_.css
Requested by
Host: accout-update.selercentral.dr-krahmer.de
URL: http://accout-update.selercentral.dr-krahmer.de/index2.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::25f , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
ba49da01868602a45c431e69b0fdbc1a9dde1c9437c009463ae0262f882cf50f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://accout-update.selercentral.dr-krahmer.de/index2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 07:27:54 GMT
Last-Modified
Fri, 18 Mar 2022 10:13:40 GMT
Server
Apache
ETag
"8e54-5da7b668e7d00"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
36436
113GJdhRnnL.css
accout-update.selercentral.dr-krahmer.de/index_files/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://accout-update.selercentral.dr-krahmer.de/index_files/113GJdhRnnL.css
Requested by
Host: accout-update.selercentral.dr-krahmer.de
URL: http://accout-update.selercentral.dr-krahmer.de/index2.html
Protocol
HTTP/1.1
Server
2001:8d8:100f:f000::25f , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
686bad9ed0ebf2f7cdbf20a0dbcfeb109f45b626bb09d7fe4937c9b23a07113c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://accout-update.selercentral.dr-krahmer.de/index2.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 07:27:54 GMT
Last-Modified
Fri, 18 Mar 2022 10:13:40 GMT
Server
Apache
ETag
"9c5-5da7b668e7d00"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2501
mPGmT0r6IeTyIee.png
m.media-amazon.com/images/S/sash/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.media-amazon.com/images/S/sash/mPGmT0r6IeTyIee.png
Requested by
Host: accout-update.selercentral.dr-krahmer.de
URL: http://accout-update.selercentral.dr-krahmer.de/index_files/61A6IErPNXL._RC_11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31U9HrBLKmL.css_.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:600:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
437e95a363a4291060e34ba170e043274e0155821e9be374f35de3c4f13cbaa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://accout-update.selercentral.dr-krahmer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 30 May 2022 13:22:19 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
29009135
x-cache
Hit from cloudfront
x-nginx-cache-status
HIT
server-timing
provider;desc="cf"
content-length
27972
last-modified
Tue, 17 Nov 2020 23:31:33 GMT
server
Server
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
57452487-45b7-492c-bf50-4e71f1e0b101
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
bXlHtT_1fRIG4KSYmfOWthNBWNkpr1lHuef4H0_KirR60iuMZs3r_Q==
expires
Tue, 20 May 2042 05:48:02 GMT
pDxWAF1pBB0dzGB.woff2
m.media-amazon.com/images/S/sash/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.media-amazon.com/images/S/sash/pDxWAF1pBB0dzGB.woff2
Requested by
Host: accout-update.selercentral.dr-krahmer.de
URL: http://accout-update.selercentral.dr-krahmer.de/index_files/61A6IErPNXL._RC_11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31U9HrBLKmL.css_.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:600:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
013d1dc68fadda651c773b6deb153e3e8b4dd612fb2af70db48c87af7808d1e7

Request headers

Referer
http://accout-update.selercentral.dr-krahmer.de/
Origin
http://accout-update.selercentral.dr-krahmer.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 13 May 2022 06:44:05 GMT
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
30501829
x-cache
Hit from cloudfront
x-nginx-cache-status
HIT
server-timing
provider;desc="cf"
content-length
16616
last-modified
Fri, 30 Oct 2020 21:19:16 GMT
server
Server
content-type
application/font-woff2; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
8e485442-d1a1-4541-b60e-f1358e06d0c8
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
h6T1-RhreM5KDDLCMshwV3KkMy-xCZANlkL1LkNanvrXqSrR9CaiCQ==
expires
Sat, 18 May 2041 15:12:46 GMT
KFPk-9IF4FqAqY-.woff2
m.media-amazon.com/images/S/sash/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://m.media-amazon.com/images/S/sash/KFPk-9IF4FqAqY-.woff2
Requested by
Host: accout-update.selercentral.dr-krahmer.de
URL: http://accout-update.selercentral.dr-krahmer.de/index_files/61A6IErPNXL._RC_11Fd9tJOdtL.css,11tfezETfFL.css,31Q3id-QR0L.css,31U9HrBLKmL.css_.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:600:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
0eef431cee18b1dc43636dd2a7703b7c0ce9f6bdbad9f280b7313d0ded232327

Request headers

Referer
http://accout-update.selercentral.dr-krahmer.de/
Origin
http://accout-update.selercentral.dr-krahmer.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 13:45:02 GMT
via
1.1 63f629236e2f93bf1af732a50e42e586.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
20626972
x-cache
Hit from cloudfront
x-nginx-cache-status
HIT
server-timing
provider;desc="cf"
content-length
16460
last-modified
Fri, 30 Oct 2020 21:19:26 GMT
server
Server
content-type
application/font-woff2; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=630720000,public
x-amz-ir-id
104fd2d6-0e1a-4fd2-bf34-5851e1b3953b
accept-ranges
bytes
timing-allow-origin
https://www.amazon.in, https://www.amazon.com
x-amz-cf-id
y03MkzZRmLFOj7L7xMRASblykAKt1eZ1BHCKRfp_wJawnjBVdeb2zw==
expires
Sat, 15 Mar 2042 23:40:19 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless number| aPageStart function| cf object| metadataList undefined| input undefined| authenticationFormList number| index object| fwcimCmd undefined| ue_mbl undefined| ue_pty undefined| ue_spty undefined| ue_adb undefined| ue_adb_rtla undefined| ue_wtc_c undefined| ue_aa_a number| ue_ibe

0 Cookies