targo-aktualisierung.de Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://targo-aktualisierung.de/targobank/65b9788a0b7d9
Effective URL:
https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9
Submission: On February 12 via manual (February 12th 2024, 10:06:02 am UTC) from DE — Scanned from DE

Summary HTTP 10 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is targo-aktualisierung.de.
TLS certificate: Issued by GTS CA 1P5 on January 28th 2024. Valid for: 3 months.

This is the only time targo-aktualisierung.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: targobank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	47.251.10.111 47.251.10.111	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 2	145.226.174.149 145.226.174.149	8255 (EURO-INFO...) (EURO-INFORMATION)
10	4

9 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

targo-aktualisierung.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.251.10.111 (Santa Clara, United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

ip9uk39kv26rml8wjjruzg-on.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ip9uk39kv26rml8wjjruzg.on.drv.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.226.174.149 (Champigny-sur-Marne, France) 1 redirects

ASN8255 (EURO-INFORMATION, FR)
PTR: targobank.de

www.targobank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	targo-aktualisierung.de 1 redirects targo-aktualisierung.de	1 MB
2	targobank.de 1 redirects www.targobank.de — Cisco Umbrella Rank: 315404	883 B
2	drv.tw 1 redirects ip9uk39kv26rml8wjjruzg-on.drv.tw ip9uk39kv26rml8wjjruzg.on.drv.tw	2 KB
10	3

	Domain	Requested by
9	targo-aktualisierung.de	1 redirects targo-aktualisierung.de
2	www.targobank.de	1 redirects targo-aktualisierung.de
1	ip9uk39kv26rml8wjjruzg.on.drv.tw	targo-aktualisierung.de
1	ip9uk39kv26rml8wjjruzg-on.drv.tw	1 redirects
10	4

This site contains links to these domains. Also see Links.

Domain
www.targobank.de
www.bsi.bund.de

Subject Issuer	Validity	Valid
targo-aktualisierung.de GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9
Frame ID: 8C9CA7E5DE928A538BA8CF4405086E3C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Online Banking | TARGOBANKiDEAL - Mijn ING

Page URL History Show full URLs

https://targo-aktualisierung.de/targobank/65b9788a0b7d9 Page URL
https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Page URL

Page Statistics

10
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

1429 kB
Transfer

3530 kB
Size

1
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.targobank.de/
Title: Privatkunden

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	65b9788a0b7d9 Show response targo-aktualisierung.de/targobank/	745 B 856 B	512ms 141ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://targo-aktualisierung.de/targobank/65b9788a0b7d9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5e66a8c7347a07a1ed864fa0e0da8bd973efff45537ab7a7525f9dab4caaf5f3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 854403e0cceb18d9-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:05:47 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bb1V05FeCH9Rbl%2BrPlnK%2BJ%2FzvIuKwv5hxs0SswBtbhjFzJF2VQexUtEWuqngH3788t7Yg7v8EgvhnGizG2Y%2Fq4SMHuD6bIj3v7DpuE69KIZGttYjJLFyvSUV72cQYFe00jJPJCi7GL6Ig%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	Primary Request 65b9788a0b7d9 Show response targo-aktualisierung.de/targobank/authentification/	3 MB 1 MB	204ms 203ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `763ec799fe728d3702688292479dc220ddd0f4af4acc96ed06f21df564a55f6f` Request headers Referer https://targo-aktualisierung.de/targobank/65b9788a0b7d9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 854403e1ddfc18d9-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:05:47 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DXWTsxGRJhvpKnW7bdOahDTQTakz0JYnl858YcZ2Kc0%2BCrXCMrwRJngyLDJ2Yoj4sTGiLo%2FXpUhWRt5aMoPe2SFQS3uYNQYIdr8py8QhxL4b55JRdxU%2FFZPhVz2K1mAnZdK56CQGH6Hig%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `475d4aa3fbc311d30979535bec5e9922dec32caf59661567bf507235122a1015` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	59 KB 59 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193` Request headers Referer Origin https://targo-aktualisierung.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type font/woff2
GET H2	200	jsbot.js Show response ip9uk39kv26rml8wjjruzg.on.drv.tw/ Redirect Chain https://ip9uk39kv26rml8wjjruzg-on.drv.tw/jsbot.js https://ip9uk39kv26rml8wjjruzg.on.drv.tw/jsbot.js	8 KB 2 KB	3827ms 1232ms	Script text/javascript	47.251.10.111 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL https://ip9uk39kv26rml8wjjruzg.on.drv.tw/jsbot.js Requested by Host: targo-aktualisierung.de URL: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol H2 Server 47.251.10.111 Santa Clara, United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash `3274993c2ccd9b85c3597b1e5d08288dadb9611210575b093c33274c9d3bc846` Request headers accept-language de-DE,de;q=0.9 Referer https://targo-aktualisierung.de/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 12 Feb 2024 10:05:56 GMT content-encoding gzip last-modified Sat, 01 Jan 2022 15:56:07 GMT server nginx/1.14.0 (Ubuntu) vary Origin, Sec-Fetch-Mode, X-Requested-Wtih, Accept-Encoding x-cache BYPASS content-type text/javascript cache-control public, s-maxage=43200, max-age=43200 Redirect headers location https://ip9uk39kv26rml8wjjruzg.on.drv.tw/jsbot.js date Mon, 12 Feb 2024 10:05:53 GMT cache-control public, s-maxage=604800, max-age=604800 server nginx/1.14.0 (Ubuntu) x-cache BYPASS content-type text/html
GET H/1.1	200 OK	index.html Show response www.targobank.de/de/ Redirect Chain https://targo-aktualisierung.de/targobank/authentification/js/ing/bandoo.js https://www.targobank.de/ https://www.targobank.de/de/index.html	0 0	201ms 201ms	Script text/html	145.226.174.149 EURO-INFORMATION
General Check archive.org Show headers Download Go to Full URL https://www.targobank.de/de/index.html Requested by Host: targo-aktualisierung.de URL: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol HTTP/1.1 Server 145.226.174.149 Champigny-sur-Marne, France, ASN8255 (EURO-INFORMATION, FR), Reverse DNS targobank.de Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://targo-aktualisierung.de/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Redirect headers Pragma no-cache Date Mon, 12 Feb 2024 10:05:50 GMT Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy frame-ancestors 'self' www.targoversicherung.de; Server eiws X-Frame-Options SAMEORIGIN Content-Type text/html;charset=utf-8 Location /de/index.html Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Keep-Alive timeout=2, max=50 Content-Length 0 X-XSS-Protection 1; mode=block Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	login.js Show response targo-aktualisierung.de/js/targobank/	4 KB 1 KB	136ms 135ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://targo-aktualisierung.de/js/targobank/login.js Requested by Host: targo-aktualisierung.de URL: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `520193756dc3b8619e8e9af04dbe84b623b41898ca5b1003399b6f8010f8eeb3` Request headers accept-language de-DE,de;q=0.9 Referer https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 12 Feb 2024 10:05:49 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 22 Oct 2023 14:31:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"116d-6084ef66bdfc0-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O70CPsO0lh40NvfU1bvdvnyXNisW1Y1sRsDqCwq2GNKNyQR41%2FjVV3b3%2Bwe3AaTIQ%2Fi1cmfdJ8JqDDAcKcj4jHXrnXpmyr1bbMUuCALTKRP6PZMUFRxE10gLuP%2FuQaErzpU460xXeEMIIg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 854403f2893318d9-FRA alt-svc h3=":443"; ma=86400
GET H2	200	targobank.png targo-aktualisierung.de/img/	1 KB 1 KB	172ms 171ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://targo-aktualisierung.de/img/targobank.png Requested by Host: targo-aktualisierung.de URL: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2dd728523432b8b301641d20d109cb5486953cc99960eba828012e93523a53d8` Request headers accept-language de-DE,de;q=0.9 Referer https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Mon, 12 Feb 2024 10:05:49 GMT cf-cache-status MISS last-modified Sun, 22 Oct 2023 14:31:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "44c-6084ef66bdfc0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uH7sSUrvSD77tg6xgciFuRJuVBgtLbZOsVV0qeC8onQiCRHjLbusATqsaF61UmPqPfEQolWRyekkkeRE8VlJDCsY0H%2BbMt6y9C7ZUc%2BphePtoEeo3o367Cd17c2MbEUHV2okhQpP5qUhSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 854403f2893718d9-FRA alt-svc h3=":443"; ma=86400 content-length 1100
GET DATA	200 OK	truncated /	614 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5a33fcbf0f406c9e9e767d66a1f43462b8391ffb8e8aaf8de53248a1510e37aa` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	74 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `45f2967a362f767a414c279f114b8f6bd293f3ab07d3753fe9abdd4080408c1a` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	622 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `29091caa6f2374957c15476e14ef16bedead97eac46bf90fa6c55f371331fe99` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	175 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `bbd961c93397bc450f406fc284d8dfe569c39a5cdcbb04c6c847d6e57de60c47` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	31 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `64cd2352fc23c91fe8c05fd696ec62486e5383ca1fe8b67a7aa896a3c624434f` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	66 KB 66 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1aa3edd533940d94c1e417143713e5aaf22c2d269b0a205d611b770c6bb092c6` Request headers Referer Origin https://targo-aktualisierung.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	76 KB 76 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a5850616e81a1083429e862600597db59b3a5114291eae884ab2f9a7847dedc2` Request headers Referer Origin https://targo-aktualisierung.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Content-Type font/woff2
POST H2	200	online targo-aktualisierung.de/user/	1 B 0	107ms 107ms	Fetch text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://targo-aktualisierung.de/user/online Requested by Host: targo-aktualisierung.de URL: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryxr3NyBB2YUZ0XK3l Response headers pragma no-cache date Mon, 12 Feb 2024 10:05:52 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br3f79p3BlTRu2rI6ugO1Z1452DDwDJgwgVtuSHUBRGfuMKMqnPhwqDe28GnbaTh%2FbbztK7uDwK7Af5cDrAOIcoezRaGosKl1WGHBWCPOt5l%2FFBzbyLUB%2FeWDFGdkbMBRPKpUbmqxMJ%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 854404053d3618d9-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online targo-aktualisierung.de/user/	1 B 0	102ms 102ms	Fetch text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://targo-aktualisierung.de/user/online Requested by Host: targo-aktualisierung.de URL: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type multipart/form-data; boundary=----WebKitFormBoundary3dLxpa1ZzhwSwOg5 Response headers pragma no-cache date Mon, 12 Feb 2024 10:05:55 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jzs%2BMhFVWc6ux%2F7a7cO%2FOHkhpSgzvM1nLCgW1G6TCUArDTSIbY3k9OFZOrpayZtZWcI%2BF%2BJzpU2oAlFw3XZY%2FFmzuZ6Cwl6f7WI3yV7EDLfHmkXv2C2BYqgEi2Si2Nz2vy4LPmyT22ZpPg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 85440417fab618d9-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online targo-aktualisierung.de/user/	1 B 0	106ms 106ms	Fetch text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://targo-aktualisierung.de/user/online Requested by Host: targo-aktualisierung.de URL: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryGvM4Qdyd38vJW0Se Response headers pragma no-cache date Mon, 12 Feb 2024 10:05:58 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvjKWecP4OfmTFL4jwZcb56oaPEEUTQaHnkxpMvxdmMPvweXMdP%2FwH0bFvkr%2Bsy8dTAZvjJmCPxo7gopWxiZzdZESqjkO7sedO1aFUiL8Fl6EtDVb9Nc%2BxaAMeawz97zG00Ytd029%2BmTrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 8544042ab87c18d9-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online targo-aktualisierung.de/user/	1 B 0	100ms 100ms	Fetch text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://targo-aktualisierung.de/user/online Requested by Host: targo-aktualisierung.de URL: https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://targo-aktualisierung.de/targobank/authentification/65b9788a0b7d9 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type multipart/form-data; boundary=----WebKitFormBoundary9fpmLLAA2jRpIhuA Response headers pragma no-cache date Mon, 12 Feb 2024 10:06:01 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gv1MrC%2FMhht1NJ5tksDxsBv480N5hFE8hZIWjajKy6IvXEFvJZelo%2BUhYdQLYwe3fDnuo3CMGEHeuF2kX%2BVg3pSdX6X5U2o2chS%2BeaA%2FP%2FGXkr%2BXnxdUfZhj7ISOj6aLFpAYstHW3G51Yg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 8544043d7fd918d9-FRA alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

targo-aktualisierung.de Open in urlscan Pro 188.114.96.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

80 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

1429 kBTransfer

3530 kBSize

1 Cookies

21 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

Indicators

targo-aktualisierung.de Open in urlscan Pro
188.114.96.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

1429 kB
Transfer

3530 kB
Size

1
Cookies

10 HTTP transactions
10 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!