targos-identification-awp9833498.com Open in urlscan Pro
109.107.190.7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://targos-reload-bw983249834.com/h98394839/
Effective URL:
https://targos-identification-awp9833498.com/
Submission: On July 22 via manual (July 22nd 2022, 8:47:21 am UTC) from DE — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 35 HTTP transactions. The main IP is 109.107.190.7, located in Moscow, Russian Federation and belongs to CLOUDASSETS, RU. The main domain is targos-identification-awp9833498.com.
TLS certificate: Issued by R3 on July 22nd 2022. Valid for: 3 months.

This is the only time targos-identification-awp9833498.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: targobank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 22	109.107.190.7 109.107.190.7	212441 (CLOUDASSETS) (CLOUDASSETS)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
9	185.161.211.48 185.161.211.48	42159 (DELTAHOST-AS) (DELTAHOST-AS)
35	5

22 109.107.190.7 (Moscow, Russian Federation) 1 redirects

ASN212441 (CLOUDASSETS, RU)
PTR: host-109-107-190-7.macloud.host

targos-reload-bw983249834.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targos-identification-awp9833498.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.161.211.48 (Dronten, Netherlands)

ASN42159 (DELTAHOST-AS, UA)
PTR: 185.161.211.48.deltahost-ptr

adminpanelfake.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	targos-identification-awp9833498.com targos-identification-awp9833498.com	1 MB
9	adminpanelfake.org adminpanelfake.org	3 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 613	55 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 424	48 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2756	252 B
1	targos-reload-bw983249834.com 1 redirects targos-reload-bw983249834.com	259 B
35	6

	Domain	Requested by
21	targos-identification-awp9833498.com	targos-identification-awp9833498.com
9	adminpanelfake.org	code.jquery.com
2	code.jquery.com	targos-identification-awp9833498.com
2	cdn.jsdelivr.net	targos-identification-awp9833498.com
1	api.ipify.org	code.jquery.com
1	targos-reload-bw983249834.com	1 redirects
35	6

This site contains no links.

Subject Issuer	Validity	Valid
targos-identification-awp9833498.com R3	`2022-07-22` - `2022-10-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
adminpanelfake.org R3	`2022-05-17` - `2022-08-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://targos-identification-awp9833498.com/
Frame ID: 946B0DB3B639DF7677B4CE46992BCE9F
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Online Banking | TARGOBANK

Page URL History Show full URLs

https://targos-reload-bw983249834.com/h98394839/ HTTP 302
https://targos-identification-awp9833498.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

35
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

1448 kB
Transfer

2617 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://targos-reload-bw983249834.com/h98394839/ HTTP 302
https://targos-identification-awp9833498.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
targos-identification-awp9833498.com/
Redirect Chain

https://targos-reload-bw983249834.com/h98394839/
https://targos-identification-awp9833498.com/

114 KB
12 KB

1789ms
1161ms

Document
text/html

109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

7cb7b0d6b56f0ab8812c747b2be797ac9987603aaf94ca796fe164ff592facd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Jul 2022 08:47:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Jul 2022 08:47:14 GMT
Location: https://targos-identification-awp9833498.com
Server: nginx
Strict-Transport-Security: max-age=31536000;

GET
H/1.1 200
OK ei_base.css
targos-identification-awp9833498.com/src/ 467 KB
61 KB 319ms
319ms Stylesheet
text/css 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/ei_base.css

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

a39888b58e8adbee7ad3c333d0982c481b1578f4a5cafdf49106f0f5a06ee64a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "74bd0-5e45f35a1af6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 62433

GET
H/1.1 200
OK jquery_ei.js Show response
targos-identification-awp9833498.com/src/ 105 KB
37 KB 260ms
258ms Script
application/javascript 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/jquery_ei.js

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

4bae9939c72cd3c52f4fd850bc79bed07bf3f355907314cc12de4d57a9224559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "1a391-5e45f35a42071-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 37224

GET
H/1.1 200
OK devb_base.css
targos-identification-awp9833498.com/src/ 65 KB
10 KB 309ms
201ms Stylesheet
text/css 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/devb_base.css

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

9da448ed1584439211f421faa015813d11791486a655aa45f4766fbb8f0e68ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "10381-5e45f35a122ce-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 10314

GET
H/1.1 200
OK ei_custom_responsive.css
targos-identification-awp9833498.com/src/ 130 KB
13 KB 293ms
186ms Stylesheet
text/css 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/ei_custom_responsive.css

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

ca37561bd971ee42a03632b5b9c3d021c4c3fbf3d4cdad1be5097e4b4424d865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "208a7-5e45f35a24baf-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 13338

GET
H/1.1 200
OK ei_custom_identification.css
targos-identification-awp9833498.com/src/ 10 KB
2 KB 304ms
196ms Stylesheet
text/css 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/ei_custom_identification.css

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

55e34d4a31ebd2f32d35fd71d24af7e3362e31b77e7c99f70226cb2c504b6d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "284d-5e45f35a1af6f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 1869

GET
H/1.1 200
OK auth.js Show response
targos-identification-awp9833498.com/src/ 431 B
533 B 507ms
198ms Script
application/javascript 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/auth.js

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

61522c11ffff187f4d054088e766e894aa6a6dbf629b4fbecf508213a22db680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:35 GMT
Server: nginx
ETag: "1af-5e45f359bb42b-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 186

GET
H/1.1 200
OK ei_needscript.css
targos-identification-awp9833498.com/src/ 10 KB
2 KB 317ms
202ms Stylesheet
text/css 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/ei_needscript.css

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

f3d4a94ac184f3447468797640727aa4c5903c65b306918e4b8e9b3a454bf94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "2919-5e45f35a2f790-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 1917

GET
H/1.1 200
OK ei_custom_tile.css
targos-identification-awp9833498.com/src/ 116 KB
12 KB 488ms
184ms Stylesheet
text/css 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/ei_custom_tile.css

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

74f4e00fbf4a762bef2296d7547e7eca25b698d641b8aea0c094f974883b46d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "1cf13-5e45f35a23c0f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 11960

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 86ms
34ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://targos-identification-awp9833498.com/
Origin: https://targos-identification-awp9833498.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 22 Jul 2022 08:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3266
x-jsd-version: 4.6.0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19124-FRA, cache-iad-kiad7000129-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4OTlAv7Xa1oqJdr8GMhlqf9cTay9h%2FQ7BvI2cjEapI5f6z7iVu52CYul31U2EXJy%2F4tvmzpwxfRJhjjibIAZ93dJb4I0CyJjqBBZIUWyiYjPGMXUi6ClZ6O97l6S2SJpSazIBFq48XApfKRs6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 72eae91daa829a33-FRA
access-control-expose-headers: *

GET
H/1.1 200
OK btfermerpopup.png
targos-identification-awp9833498.com/src/ 180 B
461 B 199ms
197ms Image
image/png 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/btfermerpopup.png

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

fee60993873e788bae607f4748d81242d4781c5e47418beb856ad19a125c9292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:35 GMT
Server: nginx
ETag: "b4-5e45f359c11eb"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 180

GET
H/1.1 200
OK transparent.gif
targos-identification-awp9833498.com/src/ 43 B
323 B 201ms
199ms Image
image/gif 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/transparent.gif

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "2b-5e45f35a57832"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

GET
H/1.1 200
OK ko.png
targos-identification-awp9833498.com/src/ 6 KB
6 KB 209ms
207ms Image
image/png 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/ko.png

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

6327b14fd92266feb0c5fbf0197586c407cc3c88c5f85375ebd10f9271d2e88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "189a-5e45f35a44f51"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6298

GET
H/1.1 200
OK ok.png
targos-identification-awp9833498.com/src/ 6 KB
6 KB 210ms
208ms Image
image/png 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/ok.png

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

aa50b23da9692300e5530bb634e5eb0e5236cb1462b13d76002b0a7db3a40301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "179b-5e45f35a51a71"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6043

GET
H/1.1 200
OK validation_operation.gif
targos-identification-awp9833498.com/src/ 756 KB
756 KB 281ms
280ms Image
image/gif 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/validation_operation.gif

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

cecb7d3d2ca51beef45e4982e2c841fa82b4e7b3dbfae512d4b5c44e94731623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "bcf65-5e45f35a6a112"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 773989

GET
H/1.1 200
OK valider.gif
targos-identification-awp9833498.com/src/ 337 KB
337 KB 269ms
268ms Image
image/gif 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/valider.gif

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

e1e89fe7ab0a05aa7202f44284895339d882dcd1416ecc56486b26eaac88b1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:17 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "542dc-5e45f35a61472"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 344796

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 79ms
25ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer: https://targos-identification-awp9833498.com/
Origin: https://targos-identification-awp9833498.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 22 Jul 2022 08:47:16 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-11abc"
vary: Accept-Encoding
x-hw: 1658479636.dop041.fr8.t,1658479636.cds011.fr8.hn,1658479636.cds240.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24606

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
22 KB 32ms
29ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://targos-identification-awp9833498.com/
Origin: https://targos-identification-awp9833498.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 22 Jul 2022 08:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4168278
x-jsd-version: 4.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-iad-kiad7000155-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6PDgMxSf%2F19L0GpOs1oS3%2FqvtDI6qovLkkza6QqLZZyKxyuAla5W5e4k3xgYJ9VFIwiCou5q3ql8TaHpNlGHn5tL30dg205US4UfI5o%2FOrF8WJjI%2B5JNjLnvR4sOpbKRmIw%2BjyWbFMbxtn62uA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 72eae9208e9e9a33-FRA
access-control-expose-headers: *

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 90ms
40ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://targos-identification-awp9833498.com/
Origin: https://targos-identification-awp9833498.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 22 Jul 2022 08:47:16 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1658479636.dop041.fr8.t,1658479636.cds011.fr8.hn,1658479636.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK targo.js Show response
targos-identification-awp9833498.com/ 9 KB
2 KB 197ms
194ms Script
application/javascript 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/targo.js

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

ba685c270431e09035d7f60e1416a5e671d4d29287c4239db8f81253a4a5e78e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "23b8-5e45f359d2b2c-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Content-Length: 1976

GET
H/1.1 200
OK logo.png
targos-identification-awp9833498.com/src/ 5 KB
5 KB 336ms
205ms Image
image/png 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/logo.png

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/src/ei_base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

afe879c83aee1d47f4ad129add2c686986197a18e2305715868ed7e538592ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/src/ei_base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "1220-5e45f35a4bcb1"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4640

GET
H/1.1 200
OK targobank_icon_white.svg
targos-identification-awp9833498.com/src/ 1 KB
2 KB 331ms
210ms Image
image/svg+xml 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/targobank_icon_white.svg

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/src/ei_custom_identification.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/src/ei_custom_identification.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "54f-5e45f35a57832"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1359

GET
H/1.1 200
OK warning.svg
targos-identification-awp9833498.com/src/ 5 KB
5 KB 337ms
214ms Image
image/svg+xml 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/warning.svg

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

38fe38eba411d3098e3ebb5709178ce9f1fc56e1a3567fcaa18cb5a2395c23f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "1402-5e45f35a70e73"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5122

GET
H/1.1 200
OK icon-accordion-arrow-right.svg
targos-identification-awp9833498.com/src/ 857 B
1 KB 330ms
197ms Image
image/svg+xml 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://targos-identification-awp9833498.com/src/icon-accordion-arrow-right.svg

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

d718dd62959faa5f1f77404333840e1477147d4861287ed9f8b384681cf4ee93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "359-5e45f35a3c2b0"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 857

GET
H/1.1 200
OK fts_picto.woff2
targos-identification-awp9833498.com/src/ 71 KB
71 KB 411ms
302ms Font
application/octet-stream 109.107.190.7
CLOUDASSETS

General

Check archive.org

Show headers Download Go to

Full URL

https://targos-identification-awp9833498.com/src/fts_picto.woff2

Requested by

Host: targos-identification-awp9833498.com
URL: https://targos-identification-awp9833498.com/src/ei_base.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.107.190.7 Moscow, Russian Federation, ASN212441 (CLOUDASSETS, RU),

Reverse DNS

host-109-107-190-7.macloud.host

Software

nginx /

Resource Hash

948d667e9142996dfee7ac6fd478e061d032ace91d5618a1d5de7ceb1a2cc5c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://targos-identification-awp9833498.com/src/ei_base.css
Origin: https://targos-identification-awp9833498.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:16 GMT
Last-Modified: Fri, 22 Jul 2022 06:47:36 GMT
Server: nginx
ETag: "11ce8-5e45f35a364f0"
Strict-Transport-Security: max-age=31536000;
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72936

GET
H/1.1 200
OK / Show response
api.ipify.org/ 68 B
252 B 321ms
104ms Script
application/javascript 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=jQuery360042249931072931024_1658479636670&_=1658479636671
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-59-199.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 967d86f5264bb33bfc61b99405ab35b16c5fad6d9779ee1f09cd51a93fdb188b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://targos-identification-awp9833498.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

Date: Fri, 22 Jul 2022 08:47:17 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 68
Vary: Origin
Content-Type: application/javascript

POST
H2 200 / Show response
adminpanelfake.org/api/users/ 19 B
304 B 949ms
719ms XHR
application/json 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/users/

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

25547189f30830d1e1186deb6b25690a836cb096b8a05f17649f3810fcd2d4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://targos-identification-awp9833498.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 22 Jul 2022 08:47:18 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
x-frame-options: DENY, SAMEORIGIN
vary: Accept, Origin, Cookie
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000
allow: GET, POST, PUT, DELETE, HEAD, OPTIONS
content-length: 19
x-content-type-options: nosniff

PUT
H2 404 null Show response
adminpanelfake.org/api/time/ 4 KB
1 KB 36ms
36ms XHR
text/html 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/time/null

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

e72b967f809e8c4373bf7db64316594382e5f07d221d7417ab8c33af73f7d208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://targos-identification-awp9833498.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 22 Jul 2022 08:47:17 GMT
content-encoding: gzip
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
x-frame-options: DENY
content-type: text/html
access-control-allow-origin: *
vary: Origin
x-content-type-options: nosniff

OPTIONS
H2 200 null
adminpanelfake.org/api/time/ 0
0 32ms
31ms Preflight
text/html 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/time/null

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://targos-identification-awp9833498.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 22 Jul 2022 08:47:17 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

PUT
H2 200 12440 Show response
adminpanelfake.org/api/time/ 49 B
321 B 68ms
68ms XHR
application/json 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/time/12440

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://targos-identification-awp9833498.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 22 Jul 2022 08:47:18 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
x-frame-options: DENY, SAMEORIGIN
vary: Accept, Origin, Cookie
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000
allow: GET, PUT, HEAD, OPTIONS
content-length: 49
x-content-type-options: nosniff

OPTIONS
H2 200 12440
adminpanelfake.org/api/time/ 0
0 33ms
32ms Preflight
text/html 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/time/12440

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://targos-identification-awp9833498.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 22 Jul 2022 08:47:18 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

PUT
H2 200 12440 Show response
adminpanelfake.org/api/time/ 49 B
321 B 45ms
44ms XHR
application/json 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/time/12440

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://targos-identification-awp9833498.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 22 Jul 2022 08:47:19 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
x-frame-options: DENY, SAMEORIGIN
vary: Accept, Origin, Cookie
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000
allow: GET, PUT, HEAD, OPTIONS
content-length: 49
x-content-type-options: nosniff

OPTIONS
H2 200 12440
adminpanelfake.org/api/time/ 0
0 32ms
31ms Preflight
text/html 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/time/12440

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://targos-identification-awp9833498.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 22 Jul 2022 08:47:19 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

PUT
H2 200 12440 Show response
adminpanelfake.org/api/time/ 49 B
321 B 49ms
49ms XHR
application/json 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/time/12440

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://targos-identification-awp9833498.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

date: Fri, 22 Jul 2022 08:47:20 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
x-frame-options: DENY, SAMEORIGIN
vary: Accept, Origin, Cookie
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000
allow: GET, PUT, HEAD, OPTIONS
content-length: 49
x-content-type-options: nosniff

OPTIONS
H2 200 12440
adminpanelfake.org/api/time/ 0
0 32ms
32ms Preflight
text/html 185.161.211.48
DELTAHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adminpanelfake.org/api/time/12440

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.161.211.48 Dronten, Netherlands, ASN42159 (DELTAHOST-AS, UA),

Reverse DNS

185.161.211.48.deltahost-ptr

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Origin: https://targos-identification-awp9833498.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0

Response headers

access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 22 Jul 2022 08:47:20 GMT
referrer-policy: same-origin
server: nginx/1.14.0 (Ubuntu)
strict-transport-security: max-age=31536000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: targobank (Banking)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://adminpanelfake.org/api/time/null Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adminpanelfake.org
api.ipify.org
cdn.jsdelivr.net
code.jquery.com
targos-identification-awp9833498.com
targos-reload-bw983249834.com
109.107.190.7
185.161.211.48
2001:4de0:ac18::1:a:3b
2606:4700::6810:5514
54.91.59.199
0718cb06164b53022bb734b5d021ebab3b93324a8f7daaa75922bcb990203cd0
25547189f30830d1e1186deb6b25690a836cb096b8a05f17649f3810fcd2d4de
38fe38eba411d3098e3ebb5709178ce9f1fc56e1a3567fcaa18cb5a2395c23f5
4bae9939c72cd3c52f4fd850bc79bed07bf3f355907314cc12de4d57a9224559
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
55e34d4a31ebd2f32d35fd71d24af7e3362e31b77e7c99f70226cb2c504b6d28
61522c11ffff187f4d054088e766e894aa6a6dbf629b4fbecf508213a22db680
6327b14fd92266feb0c5fbf0197586c407cc3c88c5f85375ebd10f9271d2e88c
74f4e00fbf4a762bef2296d7547e7eca25b698d641b8aea0c094f974883b46d4
7cb7b0d6b56f0ab8812c747b2be797ac9987603aaf94ca796fe164ff592facd5
948d667e9142996dfee7ac6fd478e061d032ace91d5618a1d5de7ceb1a2cc5c1
967d86f5264bb33bfc61b99405ab35b16c5fad6d9779ee1f09cd51a93fdb188b
9da448ed1584439211f421faa015813d11791486a655aa45f4766fbb8f0e68ac
a39888b58e8adbee7ad3c333d0982c481b1578f4a5cafdf49106f0f5a06ee64a
aa50b23da9692300e5530bb634e5eb0e5236cb1462b13d76002b0a7db3a40301
afe879c83aee1d47f4ad129add2c686986197a18e2305715868ed7e538592ad3
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
ba685c270431e09035d7f60e1416a5e671d4d29287c4239db8f81253a4a5e78e
ca37561bd971ee42a03632b5b9c3d021c4c3fbf3d4cdad1be5097e4b4424d865
cecb7d3d2ca51beef45e4982e2c841fa82b4e7b3dbfae512d4b5c44e94731623
cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66
d718dd62959faa5f1f77404333840e1477147d4861287ed9f8b384681cf4ee93
e1e89fe7ab0a05aa7202f44284895339d882dcd1416ecc56486b26eaac88b1e7
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
e72b967f809e8c4373bf7db64316594382e5f07d221d7417ab8c33af73f7d208
f3d4a94ac184f3447468797640727aa4c5903c65b306918e4b8e9b3a454bf94f
fee60993873e788bae607f4748d81242d4781c5e47418beb856ad19a125c9292
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

targos-identification-awp9833498.com Open in urlscan Pro 109.107.190.7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

40 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

1448 kBTransfer

2617 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

targos-identification-awp9833498.com Open in urlscan Pro
109.107.190.7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

1448 kB
Transfer

2617 kB
Size

0
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!