www.targetgiftscard.com Open in urlscan Pro
148.66.138.123 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.targetgiftscard.com/
Submission: On November 17 via manual (November 17th 2020, 8:21:26 pm UTC) from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 16 HTTP transactions. The main IP is 148.66.138.123, located in Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.targetgiftscard.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 8th 2020. Valid for: 3 months.

This is the only time www.targetgiftscard.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Target (Retail)

Domain & IP information

	IP Address	AS Autonomous System
8	148.66.138.123 148.66.138.123	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
16	5

8 148.66.138.123 (Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

www.targetgiftscard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	targetgiftscard.com www.targetgiftscard.com	90 KB
4	gstatic.com fonts.gstatic.com	42 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	72 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	googleapis.com fonts.googleapis.com	533 B
16	5

	Domain	Requested by
8	www.targetgiftscard.com	www.targetgiftscard.com
4	fonts.gstatic.com	fonts.googleapis.com
2	maxcdn.bootstrapcdn.com	www.targetgiftscard.com maxcdn.bootstrapcdn.com
1	cdnjs.cloudflare.com	www.targetgiftscard.com
1	fonts.googleapis.com	www.targetgiftscard.com
16	5

This site contains no links.

Subject Issuer	Validity	Valid
targetgiftscard.com Let's Encrypt Authority X3	`2020-10-08` - `2021-01-06`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.targetgiftscard.com/
Frame ID: 0BF72A631E4C6346E88A3B36E90B2497
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

16
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

212 kB
Transfer

502 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.targetgiftscard.com/ 14 KB
4 KB 660ms
215ms Document
text/html 148.66.138.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.targetgiftscard.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.123 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache / PHP/7.3.23
Resource Hash: 4a8980ff04b97c4f79afb0bb43a945bdf7abb51121ed76502ec76c1ac05bb7cc

Request headers

:method: GET
:authority: www.targetgiftscard.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 20:21:09 GMT
server: Apache
x-powered-by: PHP/7.3.23
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4183
content-type: text/html; charset=UTF-8

GET
H2 200 bootstrap.css
www.targetgiftscard.com/css/ 143 KB
21 KB 394ms
391ms Stylesheet
text/css 148.66.138.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.targetgiftscard.com/css/bootstrap.css
Requested by: Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.123 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: ad850187e2746ffcc60b36c6d36c0986277e9dc1f277406ca146298cb2d2a309

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 18:11:56 GMT
server: Apache
etag: "4880096-23aa2-5b118a69d1361-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 21337

GET
H2 200 styl.css
www.targetgiftscard.com/css/ 9 KB
2 KB 208ms
204ms Stylesheet
text/css 148.66.138.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.targetgiftscard.com/css/styl.css
Requested by: Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.123 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: c0a3bcbae36d824ab189be5c0e05e2a85c6147afcbcd9ca99c94be3017059667

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 10:54:39 GMT
server: Apache
etag: "4880124-23ac-5b126a8a621db-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2392

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
6 KB 27ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
status: 200
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 6241

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
533 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Requested by

Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6bd95fe2225457f9bdb286d1c60003164b3eb3eb36b4d5964738d36ac6e4133b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 Nov 2020 20:21:10 GMT
server: ESF
date: Tue, 17 Nov 2020 20:21:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Nov 2020 20:21:10 GMT

GET
H2 200 logo.png
www.targetgiftscard.com/images/ 2 KB
2 KB 206ms
203ms Image
image/png 148.66.138.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.targetgiftscard.com/images/logo.png
Requested by: Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.123 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 4232441bfe5eb3b458a0fe594f9cb16ae287b388ae749d02bdc0bec579fe421d

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
last-modified: Wed, 07 Oct 2020 18:11:56 GMT
server: Apache
etag: "488012b-8aa-5b118a69d1f19"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 2218

GET
H2 200 gift_card_balance_help.jpg
www.targetgiftscard.com/images/ 9 KB
9 KB 205ms
203ms Image
image/jpeg 148.66.138.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.targetgiftscard.com/images/gift_card_balance_help.jpg
Requested by: Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.123 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: b88115cf487012b98bdd9f119051df0eab76283d69e298a7460272da68b2792a

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
last-modified: Wed, 07 Oct 2020 18:11:56 GMT
server: Apache
etag: "488012c-2298-5b118a69d1f19"
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 8856

GET
H2 200 logo-footer.png
www.targetgiftscard.com/images/ 5 KB
5 KB 391ms
389ms Image
image/png 148.66.138.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.targetgiftscard.com/images/logo-footer.png
Requested by: Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.123 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 479811d755bc7fc7b286d1f5b69edb9f967b97f9e2208fe640b5dc9ece9b2f55

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
last-modified: Wed, 07 Oct 2020 18:11:56 GMT
server: Apache
etag: "4880129-1368-5b118a69d1b31"
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 4968

GET
H2 200 jquery.js Show response
www.targetgiftscard.com/js/ 94 KB
33 KB 393ms
390ms Script
application/javascript 148.66.138.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.targetgiftscard.com/js/jquery.js
Requested by: Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.123 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 18:11:56 GMT
server: Apache
etag: "4880126-176d5-5b118a69d1b31-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 33279

GET
H2 200 bootstrap.js Show response
www.targetgiftscard.com/js/ 67 KB
14 KB 392ms
389ms Script
application/javascript 148.66.138.123
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.targetgiftscard.com/js/bootstrap.js
Requested by: Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.123 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
content-encoding: gzip
last-modified: Wed, 07 Oct 2020 18:11:56 GMT
server: Apache
etag: "4880127-10d5a-5b118a69d1b31-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 14144

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 24 KB
7 KB 20ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js

Requested by

Host: www.targetgiftscard.com
URL: https://www.targetgiftscard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: https://www.targetgiftscard.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1187091
x-via: cfworker/kv
status: 200
content-length: 6970
cf-request-id: 0679775f09000006104c8b2000000001
timing-allow-origin: *
last-modified: Fri, 29 May 2020 16:54:59 GMT
server: cloudflare
etag: "5ed13e63-5f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BSg9omxy5glMpkCStWvgB%2Flr8zOLWMB8vudrygAV4jE8xLbJrNrv%2B7teBV6M1itrP1%2FXvwGfAkOi3A7dW4KnnDslzY1FDXn0o%2BbWNrEQdx0wiIZTwQx4j%2B19hoS3Hmuz0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f3c2811ad550610-FRA
expires: Sun, 07 Nov 2021 20:21:10 GMT

GET
H2 200 rP2Cp2ywxg089UriASitCBimC3YU-Ck.woff2
fonts.gstatic.com/s/dmsans/v6/ 12 KB
12 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimC3YU-Ck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2640c4595fbc86b33401ce34230f8871add04b382ed281473dbd7fb6513c28d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.targetgiftscard.com
Referer: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 22:21:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:00:19 GMT
server: sffe
age: 252009
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12052
x-xss-protection: 0
expires: Sun, 14 Nov 2021 22:21:01 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
65 KB 22ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.targetgiftscard.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 20:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 66632

GET
H2 200 rP2Hp2ywxg089UriCZOIHTWEBlw.woff2
fonts.gstatic.com/s/dmsans/v6/ 12 KB
12 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZOIHTWEBlw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

947b7ccb1ff6effa4ba2c2a9b29c5ed5c3caf45e1c65109041676da35dfce9a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.targetgiftscard.com
Referer: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 22:22:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:00:15 GMT
server: sffe
age: 251935
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12120
x-xss-protection: 0
expires: Sun, 14 Nov 2021 22:22:15 GMT

GET
H2 200 rP2Cp2ywxg089UriAWCrCBimC3YU-Ck.woff2
fonts.gstatic.com/s/dmsans/v6/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriAWCrCBimC3YU-Ck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb0c86af1c13c5131417bf4ef98a45a1f83f0cc2990096ceb5bb666722efaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.targetgiftscard.com
Referer: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Nov 2020 18:43:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:00:23 GMT
server: sffe
age: 265033
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12144
x-xss-protection: 0
expires: Sun, 14 Nov 2021 18:43:57 GMT

GET
H3-Q050 200 rP2Hp2ywxg089UriCZ2IHTWEBlwu8Q.woff2
fonts.gstatic.com/s/dmsans/v6/ 6 KB
7 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v6/rP2Hp2ywxg089UriCZ2IHTWEBlwu8Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

240678a970b4c313c206eec81b154e7afbd612f93a28db890756420a61d796ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.targetgiftscard.com
Referer: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 12 Nov 2020 19:17:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:00:23 GMT
server: sffe
age: 435829
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6408
x-xss-protection: 0
expires: Fri, 12 Nov 2021 19:17:21 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Target (Retail)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
www.targetgiftscard.com
148.66.138.123
2001:4de0:ac19::1:b:2b
2606:4700::6810:125e
2a00:1450:4001:808::200a
2a00:1450:4001:819::2003
240678a970b4c313c206eec81b154e7afbd612f93a28db890756420a61d796ad
2640c4595fbc86b33401ce34230f8871add04b382ed281473dbd7fb6513c28d7
4232441bfe5eb3b458a0fe594f9cb16ae287b388ae749d02bdc0bec579fe421d
479811d755bc7fc7b286d1f5b69edb9f967b97f9e2208fe640b5dc9ece9b2f55
4a8980ff04b97c4f79afb0bb43a945bdf7abb51121ed76502ec76c1ac05bb7cc
6bd95fe2225457f9bdb286d1c60003164b3eb3eb36b4d5964738d36ac6e4133b
947b7ccb1ff6effa4ba2c2a9b29c5ed5c3caf45e1c65109041676da35dfce9a5
9fb0c86af1c13c5131417bf4ef98a45a1f83f0cc2990096ceb5bb666722efaf7
ad850187e2746ffcc60b36c6d36c0986277e9dc1f277406ca146298cb2d2a309
b88115cf487012b98bdd9f119051df0eab76283d69e298a7460272da68b2792a
c0a3bcbae36d824ab189be5c0e05e2a85c6147afcbcd9ca99c94be3017059667
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.targetgiftscard.com Open in urlscan Pro 148.66.138.123 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

212 kBTransfer

502 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

www.targetgiftscard.com Open in urlscan Pro
148.66.138.123 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

212 kB
Transfer

502 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!