n26-app.com Open in urlscan Pro
47.242.75.95 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://n26-app.com/
Effective URL:
https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/
Submission: On April 13 via manual (April 13th 2021, 4:15:44 pm UTC) from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 23 HTTP transactions. The main IP is 47.242.75.95, located in United States and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN. The main domain is n26-app.com.
TLS certificate: Issued by R3 on April 13th 2021. Valid for: 3 months.

This is the only time n26-app.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: N26 (Banking)

Domain & IP information

	IP Address	AS Autonomous System
5 22	47.242.75.95 47.242.75.95	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
23	3

22 47.242.75.95 (United States) 5 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

n26-app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

svgshare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	n26-app.com 5 redirects n26-app.com	385 KB
1	svgshare.com svgshare.com	970 B
23	2

	Domain	Requested by
22	n26-app.com	5 redirects n26-app.com
1	svgshare.com
23	2

This site contains no links.

Subject Issuer	Validity	Valid
n26-app.com R3	`2021-04-13` - `2021-07-12`	3 months	crt.sh
svgshare.com GTS CA 1D2	`2021-03-16` - `2021-06-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/
Frame ID: ABDA05981A1CB77F3E123F324359A615
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://n26-app.com/ HTTP 301
https://n26-app.com/ HTTP 302
https://n26-app.com/start/ Page URL
https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c HTTP 301
http://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/ HTTP 301
https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/ HTTP 302
https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /angular.*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

78 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

385 kB
Transfer

735 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://n26-app.com/ HTTP 301
https://n26-app.com/ HTTP 302
https://n26-app.com/start/ Page URL
https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c HTTP 301
http://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/ HTTP 301
https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/ HTTP 302
https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://n26-app.com/ HTTP 301
https://n26-app.com/ HTTP 302
https://n26-app.com/start/

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response n26-app.com/start/ Redirect Chain http://n26-app.com/ https://n26-app.com/ https://n26-app.com/start/	637 B 650 B	984ms 984ms	Document text/html	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `f153ed066f71fb5df689a04615d43b7cb83f6746f32db7a9b26d7a38d18af139` Request headers :method GET :authority n26-app.com :scheme https :path /start/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx/1.16.1 date Tue, 13 Apr 2021 16:15:28 GMT content-type text/html; charset=UTF-8 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache set-cookie PHPSESSID=b56tcml7mfgpggnglspep67sm3; path=/ vary Accept-Encoding content-encoding gzip Redirect headers server nginx/1.16.1 date Tue, 13 Apr 2021 16:15:27 GMT content-type text/html; charset=UTF-8 content-length 0 location start/
GET H2	200	Primary Request / Show response n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/ Redirect Chain https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c? http://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/? https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/? https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/?	61 KB 13 KB	659ms 659ms	Document text/html	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Requested by Host: n26-app.com URL: https://n26-app.com/start/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `82fd27bdbbbed4a3e86e43842a2e132651e8f16dc48969ef3a86c0107028c95f` Request headers :method GET :authority n26-app.com :scheme https :path /start/a1b2c3/41bf04381c52af446833548dd240451c/login/? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie bid=41bf04381c52af446833548dd240451c Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://n26-app.com/start/ Response headers server nginx/1.16.1 date Tue, 13 Apr 2021 16:15:32 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding content-encoding gzip Redirect headers server nginx/1.16.1 date Tue, 13 Apr 2021 16:15:32 GMT content-type text/html; charset=UTF-8 content-length 0 set-cookie bid=41bf04381c52af446833548dd240451c location login/?
GET H2	200	GT-America-Standard-Regular.latin.woff2 n26-app.com/start/login/	13 KB 13 KB	553ms 551ms	Font application/octet-stream	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/login/GT-America-Standard-Regular.latin.woff2 Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `57b016225d321a77e0a129515f4436a9bcd53cd6ba8dcd32a96b95ec55d7a785` Request headers Origin https://n26-app.com Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "3550-5bfda9542240d" content-length 13648
GET H2	200	GT-America-Extended-Medium.latin.woff2 n26-app.com/start/login/	21 KB 21 KB	876ms 874ms	Font application/octet-stream	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/login/GT-America-Extended-Medium.latin.woff2 Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `fdc5236b3efa02f88b747ff3d49c0a38a738f77d9d26bfa3046d2b284a0f305d` Request headers Origin https://n26-app.com Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "52d8-5bfda9542240d" content-length 21208
GET H2	200	jquery.min.js Show response n26-app.com/start/bower_components/jquery/dist/	85 KB 85 KB	973ms 969ms	Script application/javascript	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/bower_components/jquery/dist/jquery.min.js Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-15283" content-length 86659 content-type application/javascript
GET H2	200	ua-parser.min.js Show response n26-app.com/start/bower_components/ua-parser-js/dist/	17 KB 17 KB	1206ms 1201ms	Script application/javascript	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/bower_components/ua-parser-js/dist/ua-parser.min.js Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-4298" content-length 17048 content-type application/javascript
GET H2	200	font-awesome.min.css n26-app.com/start/bower_components/font-awesome/css/	30 KB 30 KB	879ms 876ms	Stylesheet text/css	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/bower_components/font-awesome/css/font-awesome.min.css Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-7918" content-length 31000 content-type text/css
GET H2	200	core_form.js Show response n26-app.com/start/core/form/	15 KB 15 KB	1205ms 1202ms	Script application/javascript	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/core/form/core_form.js Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `eb44d28bd60216f86b197f7df3aa1ad0d127af99c0a2d4ce4ea8a0e8446431be` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-3a48" content-length 14920 content-type application/javascript
GET H2	200	core_token.js Show response n26-app.com/start/core/token/	11 KB 11 KB	1205ms 1202ms	Script application/javascript	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/core/token/core_token.js Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `ea09c038022df9b0d60d9ac74d07c945c349729485ba5368eb52bbdb726d4302` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-2b27" content-length 11047 content-type application/javascript
GET H2	200	angular.min.js Show response n26-app.com/start/bower_components/angular/	165 KB 165 KB	1205ms 1202ms	Script application/javascript	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/bower_components/angular/angular.min.js Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-2937c" content-length 168828 content-type application/javascript
GET H2	200	core_form.css n26-app.com/start/core/form/	2 KB 2 KB	884ms 881ms	Stylesheet text/css	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/core/form/core_form.css Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `f4d43829a46aca95eff47f13325a06f22c5c8c981cbe102d471508241446c581` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-639" content-length 1593 content-type text/css
GET H2	200	css.css n26-app.com/start/login/form/	1 KB 1 KB	1204ms 1201ms	Stylesheet text/css	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/login/form/css.css Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `5603604614d8da1fa8dfdba98aefe476f86ec4c6c40cc48b0d97dd869469f731` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-472" content-length 1138 content-type text/css
GET H2	200	index.css n26-app.com/start/login/	647 B 771 B	1204ms 1201ms	Stylesheet text/css	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/login/index.css Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `fb96663db509de7e9a9fb5536e013e5f1989d62026944a8abc606f29ff1ea5dc` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-287" content-length 647 content-type text/css
GET H2	200	form.js Show response n26-app.com/start/login/form/	3 KB 3 KB	1205ms 1202ms	Script application/javascript	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/login/form/form.js?v=6075c3a4a7590 Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `10dcc323f5c27758ed73a1556330c2316f39807035b48d89172cf1e11f0ee44f` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-c78" content-length 3192 content-type application/javascript
GET H2	200	ng.js Show response n26-app.com/start/login/ng/	5 KB 5 KB	1205ms 1203ms	Script application/javascript	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/login/ng/ng.js?v=6075c3a4a75ca Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `63bdae9675391225be069a7fd1a80f7462d9068b32789e1583854bcf45d8f1a9` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-1346" content-length 4934 content-type application/javascript
GET H2	200	token.js Show response n26-app.com/start/login/token/	1 KB 1 KB	1204ms 1203ms	Script application/javascript	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Full URL https://n26-app.com/start/login/token/token.js?v=6075c3a4a7602 Requested by Host: n26-app.com URL: https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash `829e498c680f69362f0961a462c7aa9b7a8a40ae1177a6846ce85da95926f246` Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:33 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-54a" content-length 1354 content-type application/javascript
GET H2	200	newloader.gif n26-app.com/start/	304 KB 0	875ms 874ms	Image image/gif	47.242.75.95 CNNIC-ALIBABA-US-...
General Check archive.org Show headers Download Go to Show image Full URL https://n26-app.com/start/newloader.gif Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 47.242.75.95 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN), Reverse DNS Software nginx/1.16.1 / Resource Hash Request headers Referer https://n26-app.com/start/a1b2c3/41bf04381c52af446833548dd240451c/login/? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 16:15:36 GMT last-modified Tue, 13 Apr 2021 13:26:51 GMT server nginx/1.16.1 accept-ranges bytes etag "60759c1b-88042" content-length 557122 content-type image/gif
GET H2	200	VzR.svg svgshare.com/i/	1 KB 970 B	143ms 16ms	Image image/svg+xml	2001:4860:4802:36::15 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://svgshare.com/i/VzR.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash `f9b59f9b87a98c3620f0feaa89c743703c843eaa4dd5f039bd5d53725a4b61c9` Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 15:44:30 GMT content-encoding gzip server Google Frontend age 1866 etag sha1-pYaU3v/7crLxRxcCqCIri6PjdpI= sha256-+bWfm4epjDYg8P6qicdDcDyEPqpN1fA5vV1TclpLYck= content-type image/svg+xml x-cloud-trace-context df7df4e5e6dddd0cc7ea9f77ebe65bba cache-control public, max-age=315360000 link <https://webmention.herokuapp.com/api/webmention>; rel="webmention" content-length 699
GET		home.php n26-app.com/start/	0 0

GET		home.php n26-app.com/start/	0 0

GET		GT-America-Standard-Bold.latin.woff2 n26-app.com/start/login/	0 0

GET		GT-America-Standard-Medium.latin.woff2 n26-app.com/start/login/	0 0

GET		fontawesome-webfont.woff2 n26-app.com/start/bower_components/font-awesome/fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: n26-app.com
URL: https://n26-app.com/start/home.php?pl=token&link=n26&bid=41bf04381c52af446833548dd240451c&callback=jQuery32102782015595197629_1618330535922&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1618330535923

Domain: n26-app.com
URL: https://n26-app.com/start/home.php?pl=token&link=n26&bid=41bf04381c52af446833548dd240451c&callback=jQuery32102782015595197629_1618330535924&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1618330535925

Domain: n26-app.com
URL: https://n26-app.com/start/login/GT-America-Standard-Bold.latin.woff2

Domain: n26-app.com
URL: https://n26-app.com/start/login/GT-America-Standard-Medium.latin.woff2

Domain: n26-app.com
URL: https://n26-app.com/start/bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: N26 (Banking)

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			n26-app.com/	1969-12-31 23:59:59	Name: lng Value: en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

n26-app.com
svgshare.com
n26-app.com
2001:4860:4802:36::15
47.242.75.95
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
10dcc323f5c27758ed73a1556330c2316f39807035b48d89172cf1e11f0ee44f
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
5603604614d8da1fa8dfdba98aefe476f86ec4c6c40cc48b0d97dd869469f731
57b016225d321a77e0a129515f4436a9bcd53cd6ba8dcd32a96b95ec55d7a785
63bdae9675391225be069a7fd1a80f7462d9068b32789e1583854bcf45d8f1a9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
829e498c680f69362f0961a462c7aa9b7a8a40ae1177a6846ce85da95926f246
82fd27bdbbbed4a3e86e43842a2e132651e8f16dc48969ef3a86c0107028c95f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
ea09c038022df9b0d60d9ac74d07c945c349729485ba5368eb52bbdb726d4302
eb44d28bd60216f86b197f7df3aa1ad0d127af99c0a2d4ce4ea8a0e8446431be
f153ed066f71fb5df689a04615d43b7cb83f6746f32db7a9b26d7a38d18af139
f4d43829a46aca95eff47f13325a06f22c5c8c981cbe102d471508241446c581
f9b59f9b87a98c3620f0feaa89c743703c843eaa4dd5f039bd5d53725a4b61c9
fb96663db509de7e9a9fb5536e013e5f1989d62026944a8abc606f29ff1ea5dc
fdc5236b3efa02f88b747ff3d49c0a38a738f77d9d26bfa3046d2b284a0f305d

n26-app.com Open in urlscan Pro 47.242.75.95 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

78 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

385 kBTransfer

735 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

53 JavaScript Global Variables

1 Cookies

Indicators

n26-app.com Open in urlscan Pro
47.242.75.95 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

78 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

385 kB
Transfer

735 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!