app-n26-login.com
Open in
urlscan Pro
146.0.74.231
Malicious Activity!
Public Scan
Summary
This is the only time app-n26-login.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: N26 (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 146.0.74.231 146.0.74.231 | 57043 (HOSTKEY-AS) (HOSTKEY-AS) | |
10 | 128.65.211.162 128.65.211.162 | 34309 (LINK11 Li...) (LINK11 Link11 GmbH) | |
1 | 209.197.3.24 209.197.3.24 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 195.181.175.55 195.181.175.55 | 60068 (CDN77) (CDN77) | |
1 | 18.195.109.13 18.195.109.13 | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 195.181.175.49 195.181.175.49 | 60068 (CDN77) (CDN77) | |
25 | 6 |
ASN20446 (HIGHWINDS3, US)
PTR: vip0x018.map2.ssl.hwcdn.net
code.jquery.com |
ASN60068 (CDN77, GB)
PTR: frankfurt-53.cdn77.com
www.smartsuppchat.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-109-13.eu-central-1.compute.amazonaws.com
bootstrap.smartsuppchat.com |
ASN60068 (CDN77, GB)
PTR: frankfurt-47.cdn77.com
widget-v2.smartsuppcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
n26.com
app.n26.com |
96 KB |
7 |
smartsuppcdn.com
widget-v2.smartsuppcdn.com |
241 KB |
5 |
app-n26-login.com
app-n26-login.com |
75 KB |
2 |
smartsuppchat.com
www.smartsuppchat.com bootstrap.smartsuppchat.com |
8 KB |
1 |
jquery.com
code.jquery.com |
33 KB |
25 | 5 |
Domain | Requested by | |
---|---|---|
10 | app.n26.com |
app-n26-login.com
|
7 | widget-v2.smartsuppcdn.com |
www.smartsuppchat.com
widget-v2.smartsuppcdn.com app-n26-login.com |
5 | app-n26-login.com |
app-n26-login.com
|
1 | bootstrap.smartsuppchat.com |
www.smartsuppchat.com
|
1 | www.smartsuppchat.com |
app-n26-login.com
|
1 | code.jquery.com |
app-n26-login.com
|
25 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
app.n26.com |
get.n26.com |
docs.n26.com |
n26.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
n26.com DigiCert ECC Extended Validation Server CA |
2019-08-08 - 2021-08-08 |
2 years | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.smartsuppchat.com RapidSSL RSA CA 2018 |
2019-12-11 - 2021-01-01 |
a year | crt.sh |
*.smartsuppcdn.com RapidSSL RSA CA 2018 |
2018-11-20 - 2020-11-19 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://app-n26-login.com/
Frame ID: 00C155C268027843AD943DFF972891A6
Requests: 19 HTTP requests in this frame
Frame:
https://widget-v2.smartsuppcdn.com/static/js/runtime-main.313bbec1.js
Frame ID: 1A51DC6D57E81E4548F85BF7BA54135E
Requests: 6 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: Dimenticato?
Search URL Search Domain Scan URL
Title: Crea un conto
Search URL Search Domain Scan URL
Title: Informativa sulla Privacy(nuova tabella)
Search URL Search Domain Scan URL
Title: Imprint(nuova tabella)
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
app-n26-login.com/ |
61 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GT-America-Standard-Regular.latin.woff2
app-n26-login.com/build/fonts/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GT-America-Extended-Medium.latin.woff2
app-n26-login.com/build/fonts/ |
21 KB 21 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors~PreAppAuth~components-AccountClosurePage~components-AccountPurposePage~components-ActionsPag~013bf9d1.917bba65.js
app.n26.com/build/js/ |
58 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors~PreAppAuth~components-AccountClosurePage~components-ActivateCardForm~components-CardSettings~b45aa435.3d08156f.js
app.n26.com/build/js/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PreAppAuth~components-ActivateCardForm~components-ExternalAccountsAddFundsFlow~components-Membership~5cd4ed07.8ece9fdd.js
app.n26.com/build/js/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PreAppAuth~components-FeeStatementFormerUser~components-GDPRFormerUser~components-GDPRUser~component~f2f0d95c.daa5a68a.js
app.n26.com/build/js/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PreAppAuth.5be7d079.js
app.n26.com/build/js/ |
87 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components-AccountRouter~components-Explore~components-FeedTransactionDetailsPage~components-Members~0e1308ed.eead4a1f.js
app.n26.com/build/js/ |
0 5 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components-AccountRouter.eba122bb.js
app.n26.com/build/js/ |
0 19 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendors~components-SpacesRouter.01ae67c9.js
app.n26.com/build/js/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components-SpacesRouter.69641e1e.js
app.n26.com/build/js/ |
0 20 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
components-PremiumRouter.40d77e8e.js
app.n26.com/build/js/ |
0 1 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.min.js
code.jquery.com/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GT-America-Standard-Bold.latin.woff2
app-n26-login.com/build/fonts/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GT-America-Standard-Medium.latin.woff2
app-n26-login.com/build/fonts/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.smartsuppchat.com/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eb0b583d58072cb1c6add8c74696ae2d8a07a33d.json
bootstrap.smartsuppchat.com/widget/ |
719 B 962 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-manifest.json
widget-v2.smartsuppcdn.com/ |
2 KB 674 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.313bbec1.js
widget-v2.smartsuppcdn.com/static/js/ Frame 1A51 |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.433e2797.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 1A51 |
757 KB 200 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.985edef1.chunk.js
widget-v2.smartsuppcdn.com/static/js/ Frame 1A51 |
102 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
widget-v2.smartsuppcdn.com/translates/ Frame 1A51 |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
it.json
widget-v2.smartsuppcdn.com/translates/ Frame 1A51 |
4 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blackberry2.mp3
widget-v2.smartsuppcdn.com/assets/sounds/ Frame 1A51 |
9 KB 9 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: N26 (Banking)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes object| dataLayer function| $ function| jQuery object| _smartsupp function| smartsupp function| setImmediate function| clearImmediate boolean| SMARTSUPP_LOADED object| $smartsupp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app-n26-login.com
app.n26.com
bootstrap.smartsuppchat.com
code.jquery.com
widget-v2.smartsuppcdn.com
www.smartsuppchat.com
128.65.211.162
146.0.74.231
18.195.109.13
195.181.175.49
195.181.175.55
209.197.3.24
173a58f2f1d7cfd4232603f90b5141f5f421d8356b5bd88e274b2e61c5cfe0e3
32790c8d0b0222d14e3672fd956cf447c1cf8746929ae226c7832f4df525c8b0
41876d0229b0c2e4157e03360cd92f43a244613bb4f7abf889e70a0723ffcad7
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
57b016225d321a77e0a129515f4436a9bcd53cd6ba8dcd32a96b95ec55d7a785
5905700d5d2f9ce2602f4f33125eeb97f6b05bbd84766cddf83fe89a27101b7a
6b61e5bbf2c2e1b6539758962c86c83010c98f475e21acc44165a0f1905ea0e8
6d2ea859ba5b8a6fe6dfda77a7fc13e97f7eabbbfed57a2f591773554d8271ff
713a1269cbe341333f360d6767939d33c6dc04754fe9028b34deb6ac59e0fc1a
7c8c1847180ffbeaf821b5db1880f407f2bb7f245bda57a7c2601c3495f1e6f0
863b2ff1247c4e9e57f195b06ef5a77c3539156d817e1bbcae79bb3ddfda97a0
be6e7fbf33ead28b5a6848954d26ca36070a765ca7d1c764fcd65e0083ff01d6
c6a5e2cf7945573c6e7c595d5875a6bb3696cfb5b5783209cd3ed5c1c8ed9b9f
c9139afba68e47ea1230194488e389a07bcde98d6855c802e1d90b8553e4d6cd
d53204835be11884e457549c15bf3bb65015d5e66725345c01352bb12f6c6d3b
deff9b1f33a43d46fc94dd7bfd86d7015c07b08cdfc98646d61edbc1ec807bc9
e1c2d323b6b5d86a647a34092f9c18b935f807b46f924578865a738f7b518f10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba20da77ba8106ddbe668e9bc558045a0a8084fac164d871f3313880e7497e2
ed3f3e38318f17b8b01e7ca51c05c07609f7085165f5706c2eddbd6c8d83961b
fdc5236b3efa02f88b747ff3d49c0a38a738f77d9d26bfa3046d2b284a0f305d