sxb1plvwcpnl497350.prod.sxb1.secureserver.net Open in urlscan Pro
92.205.145.199 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://basquesummertutorial.eus/wp-content/themes/targobb.php?acde=0&data=05|01||f148349f973149dc70a108daec9b8a0b|84df9e7fe9f640...
Effective URL:
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification=
Submission: On January 03 via manual (January 3rd 2023, 12:54:50 pm UTC) from DE — Scanned from US

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 92.205.145.199, located in Strasbourg, France and belongs to GODADDY-SXB, DE. The main domain is sxb1plvwcpnl497350.prod.sxb1.secureserver.net.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on August 2nd 2022. Valid for: a year.

This is the only time sxb1plvwcpnl497350.prod.sxb1.secureserver.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: targobank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	185.104.188.17 185.104.188.17	211033 (ASCORIAWEB) (ASCORIAWEB)
3 25	92.205.145.199 92.205.145.199	21499 (GODADDY-SXB) (GODADDY-SXB)
23	2

1 185.104.188.17 (Coria del Río, Spain)

ASN211033 (ASCORIAWEB, ES)
PTR: vpslantalausev2.coriaweb.red

basquesummertutorial.eus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 92.205.145.199 (Strasbourg, France) 3 redirects

ASN21499 (GODADDY-SXB, DE)

sxb1plvwcpnl497350.prod.sxb1.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	secureserver.net 3 redirects sxb1plvwcpnl497350.prod.sxb1.secureserver.net	688 KB
1	basquesummertutorial.eus basquesummertutorial.eus	257 B
23	2

	Domain	Requested by
25	sxb1plvwcpnl497350.prod.sxb1.secureserver.net	3 redirects sxb1plvwcpnl497350.prod.sxb1.secureserver.net
1	basquesummertutorial.eus
23	2

This site contains no links.

Subject Issuer	Validity	Valid
www.basquesummertutorial.eus R3	`2022-12-18` - `2023-03-18`	3 months	crt.sh
*.prod.sxb1.secureserver.net Starfield Secure Certificate Authority - G2	`2022-08-02` - `2023-09-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification=
Frame ID: 3BA6BB4399CB0DB01EDB92E68E4ED698
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login Online Banking | TARGOBANK

Page URL History Show full URLs

https://basquesummertutorial.eus/wp-content/themes/targobb.php?acde=0&data=05|01||f148349f973149dc70a108daec9... Page URL
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/ HTTP 302
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9 HTTP 301
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/ HTTP 302
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.p... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

688 kB
Transfer

1483 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://basquesummertutorial.eus/wp-content/themes/targobb.php?acde=0&data=05|01||f148349f973149dc70a108daec9b8a0b|84df9e7fe9f640afb435aaaaaaaaaaaa|1|0|638082450024407633|Unknown|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D|3000|||&sdata=hWVIXFjkqTD65dm%2BCfCirCRwJXewGwnPKzlz8sAB1wE%3D&reserved=0%3E Page URL
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/ HTTP 302
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9 HTTP 301
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/ HTTP 302
https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	targobb.php Show response basquesummertutorial.eus/wp-content/themes/	125 B 257 B	3847ms 2954ms	Document text/html	185.104.188.17 ASCORIAWEB
General Check archive.org Show headers Download Go to Full URL https://basquesummertutorial.eus/wp-content/themes/targobb.php?acde=0&data=05\|01\|\|f148349f973149dc70a108daec9b8a0b\|84df9e7fe9f640afb435aaaaaaaaaaaa\|1\|0\|638082450024407633\|Unknown\|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D\|3000\|\|\|&sdata=hWVIXFjkqTD65dm%2BCfCirCRwJXewGwnPKzlz8sAB1wE%3D&reserved=0%3E Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.104.188.17 Coria del Río, Spain, ASN211033 (ASCORIAWEB, ES), Reverse DNS vpslantalausev2.coriaweb.red Software nginx/1.22.1 / Resource Hash `38f0377daa88051109bd6ac4a3ce7de239cf0a242c49fc5d399888ddbf760490` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 03 Jan 2023 12:54:45 GMT server nginx/1.22.1 vary Accept-Encoding
GET H2	200	Primary Request authentification.php Show response sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/ Redirect Chain https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/ https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9 https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/ https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification=	16 KB 4 KB	132ms 132ms	Document text/html	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / PHP/7.4.33 Resource Hash `32c6efb0e6620b55ce6d9a1ae634da174b0babfb810acb4e4d3856298694ddd4` Request headers Referer https://basquesummertutorial.eus/wp-content/themes/targobb.php?acde=0&data=05\|01\|\|f148349f973149dc70a108daec9b8a0b\|84df9e7fe9f640afb435aaaaaaaaaaaa\|1\|0\|638082450024407633\|Unknown\|TWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D\|3000\|\|\|&sdata=hWVIXFjkqTD65dm%2BCfCirCRwJXewGwnPKzlz8sAB1wE%3D&reserved=0%3E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding br content-length 4221 content-type text/html; charset=UTF-8 date Tue, 03 Jan 2023 12:54:46 GMT server Apache vary Accept-Encoding x-powered-by PHP/7.4.33 Redirect headers content-encoding br content-length 1 content-type text/html; charset=UTF-8 date Tue, 03 Jan 2023 12:54:46 GMT location authentification.php?identification=#NMeYjz9T8vgpWuNVG6kBO7WkYo3qhG server Apache vary Accept-Encoding x-powered-by PHP/7.4.33
GET H2	200	ei_base.css sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/	597 KB 63 KB	267ms 266ms	Stylesheet text/css	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `5ccdd17e06576785fb36b30e8f8e8b65a25fc90425b39404ab6ad6c53fc837bf` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:46 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:19:26 GMT server Apache etag "3cbd-954cc-5dc1f6a1dfb80-br" vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	devb_base.css sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/	60 KB 9 KB	143ms 141ms	Stylesheet text/css	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/devb_base.css Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `eb778615c4b21352ae39e40e73fd6b23a30ad19526b06d6e9dd89d102f4be23f` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:46 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:35:22 GMT server Apache etag "3cbc-f1ed-5dc1fa3196280-br" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 9571
GET H2	200	ei_custom_responsive.css sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/	129 KB 12 KB	141ms 140ms	Stylesheet text/css	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_custom_responsive.css Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `4c55427d1280dc8c721f78d91954191ff0e1035e5a8ec602746c85b55cb3098a` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:46 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:34:48 GMT server Apache etag "3cc1-2059b-5dc1fa1129600-br" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 12079
GET H2	200	jquery_ei.js Show response sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/js/	105 KB 36 KB	150ms 149ms	Script application/javascript	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/js/jquery_ei.js Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `00e8b18fd67868968f975af35f89792ab4860e32c07e6a7258f91a46971cb411` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:46 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:53:28 GMT server Apache etag "3cff-1a3a2-5dc1fe3d46e00-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 36095
GET H2	200	auth.js Show response sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/js/	431 B 238 B	135ms 134ms	Script application/javascript	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/js/auth.js Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `61522c11ffff187f4d054088e766e894aa6a6dbf629b4fbecf508213a22db680` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:46 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:54:36 GMT server Apache etag "3cfc-1af-5dc1fe7e20700-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 143
GET H2	200	ei_custom_identification.css sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/	8 KB 2 KB	133ms 132ms	Stylesheet text/css	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_custom_identification.css Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `2720d64672af921ddb7ca2bb3c79052ddf6395c5f54ef1cd1aea2c989f103b72` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:46 GMT content-encoding br last-modified Fri, 08 Apr 2022 08:04:14 GMT server Apache etag "3cbf-2090-5dc200a559b80-br" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1575
GET H2	200	loginpage.css sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/	6 KB 1 KB	134ms 133ms	Stylesheet text/css	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/loginpage.css Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `bd3f8ad7d7bae1cf9602d0712875f6e9ab48f57d2a809acb8bcba779b60e3e17` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:46 GMT content-encoding br last-modified Fri, 08 Apr 2022 06:52:08 GMT server Apache etag "3cc2-16ac-5dc1f087c1600-br" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1375
GET H2	200	targobank_icon_white.png sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	2 KB 2 KB	127ms 127ms	Image image/png	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/targobank_icon_white.png Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `9ca07cfe33a9de4a4f3bfcc9316fb85b84c52477ca36390201df492aec3007a7` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT last-modified Fri, 08 Apr 2022 06:48:18 GMT server Apache accept-ranges bytes etag "3cf3-674-5dc1efac69080" content-length 1652 content-type image/png
GET H2	200	logo.png sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	6 KB 7 KB	129ms 128ms	Image image/png	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/logo.png Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `39979f601f57f5d4cc6011bd5b8e5cafa2559eff1b5479a817f6f04ddbc83952` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT last-modified Fri, 08 Apr 2022 06:29:18 GMT server Apache accept-ranges bytes etag "3cec-19d0-5dc1eb6d38b80" content-length 6608 content-type image/png
GET H2	200	targobank_icon_white.svg sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	1 KB 670 B	128ms 127ms	Image image/svg+xml	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/targobank_icon_white.svg Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_custom_identification.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_custom_identification.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 08:04:44 GMT server Apache etag "3cf4-54f-5dc200c1f5f00-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 579
GET H2	200	warning.svg sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	5 KB 2 KB	130ms 129ms	Image image/svg+xml	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/warning.svg Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `38fe38eba411d3098e3ebb5709178ce9f1fc56e1a3567fcaa18cb5a2395c23f5` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 08:20:28 GMT server Apache etag "3cfa-1402-5dc204463ab00-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 2052
GET H2	200	icon-accordion-arrow-right.svg sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	857 B 509 B	130ms 129ms	Image image/svg+xml	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/icon-accordion-arrow-right.svg Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `d718dd62959faa5f1f77404333840e1477147d4861287ed9f8b384681cf4ee93` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:46:32 GMT server Apache etag "3ce8-359-5dc1fcb08c600-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 430
GET H2	200	circular--400--normal.woff2 sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/fonts/	59 KB 59 KB	129ms 129ms	Font font/woff2	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/fonts/circular--400--normal.woff2 Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193` Request headers Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Origin https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:07:36 GMT server Apache etag "3cc6-eab8-5dc1f3fcc3e00-br" vary Accept-Encoding content-type font/woff2 accept-ranges bytes content-length 60092
GET H2	200	circular--500--normal.woff2 sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/fonts/	64 KB 64 KB	251ms 249ms	Font font/woff2	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/fonts/circular--500--normal.woff2 Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `3c03272e4ac6537be4a8246e69fad3a8e9450184aec90298462a3d714a986199` Request headers Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Origin https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:06:54 GMT server Apache etag "3cc8-ff6c-5dc1f3d4b5f80-br" vary Accept-Encoding content-type font/woff2 accept-ranges bytes content-length 65392
GET H2	200	circular--700--normal.woff2 sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/fonts/	66 KB 67 KB	128ms 128ms	Font font/woff2	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/fonts/circular--700--normal.woff2 Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `1aa3edd533940d94c1e417143713e5aaf22c2d269b0a205d611b770c6bb092c6` Request headers Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Origin https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:06:08 GMT server Apache etag "3cca-1090c-5dc1f3a8d7800-br" vary Accept-Encoding content-type font/woff2 accept-ranges bytes content-length 67857
GET H2	200	fts_picto.woff2 sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/fonts/	75 KB 75 KB	254ms 254ms	Font font/woff2	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/fonts/fts_picto.woff2 Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `c72f85dbad1c57bf7462549813dc310a6bbab6f366518fded579b660237fb8fa` Request headers Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/ei_base.css Origin https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 07:18:30 GMT server Apache etag "3cce-12b90-5dc1f66c77d80-br" vary Accept-Encoding content-type font/woff2 accept-ranges bytes content-length 76693
GET H2	200	icon-check.svg sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	614 B 435 B	370ms 369ms	Image image/svg+xml	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/icon-check.svg Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/loginpage.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `5a33fcbf0f406c9e9e767d66a1f43462b8391ffb8e8aaf8de53248a1510e37aa` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/loginpage.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 06:40:28 GMT server Apache etag "3ce9-266-5dc1edec2ef00-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 357
GET H2	200	service_online-sicherheit.jpg sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	74 KB 74 KB	366ms 363ms	Image image/jpeg	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/service_online-sicherheit.jpg Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `45f2967a362f767a414c279f114b8f6bd293f3ab07d3753fe9abdd4080408c1a` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT last-modified Fri, 08 Apr 2022 06:41:38 GMT server Apache accept-ranges bytes etag "3cef-12709-5dc1ee2ef0c80" content-length 75529 content-type image/jpeg
GET H2	200	icon-accordion-arrow-down-white.svg sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	622 B 377 B	361ms 360ms	Image image/svg+xml	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/icon-accordion-arrow-down-white.svg Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/loginpage.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `29091caa6f2374957c15476e14ef16bedead97eac46bf90fa6c55f371331fe99` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/css/loginpage.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT content-encoding br last-modified Fri, 08 Apr 2022 06:51:42 GMT server Apache etag "3ce7-26e-5dc1f06ef5b80-br" vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 298
GET H2	200	tan-verfahren.jpg sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	175 KB 177 KB	360ms 360ms	Image image/jpeg	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/tan-verfahren.jpg Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `bbd961c93397bc450f406fc284d8dfe569c39a5cdcbb04c6c847d6e57de60c47` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT last-modified Fri, 08 Apr 2022 06:46:56 GMT server Apache accept-ranges bytes etag "3cf2-2bd3d-5dc1ef5e35800" content-length 179517 content-type image/jpeg
GET H2	200	banking-app-620x450.jpg sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/	31 KB 32 KB	363ms 362ms	Image image/jpeg	92.205.145.199 GODADDY-SXB
General Check archive.org Show headers Download Go to Show image Full URL https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/files/img/banking-app-620x450.jpg Requested by Host: sxb1plvwcpnl497350.prod.sxb1.secureserver.net URL: https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.205.145.199 Strasbourg, France, ASN21499 (GODADDY-SXB, DE), Reverse DNS Software Apache / Resource Hash `64cd2352fc23c91fe8c05fd696ec62486e5383ca1fe8b67a7aa896a3c624434f` Request headers accept-language en-US,en;q=0.9 Referer https://sxb1plvwcpnl497350.prod.sxb1.secureserver.net/~fb56342ewese/anmeldung/de/d8gobciz9k49ou3co61d6vd39u10x9/authentification.php?identification= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 03 Jan 2023 12:54:47 GMT last-modified Fri, 08 Apr 2022 06:47:08 GMT server Apache accept-ranges bytes etag "3cd6-7d9f-5dc1ef69a7300" content-length 32159 content-type image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: targobank (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

basquesummertutorial.eus
sxb1plvwcpnl497350.prod.sxb1.secureserver.net
185.104.188.17
92.205.145.199
00e8b18fd67868968f975af35f89792ab4860e32c07e6a7258f91a46971cb411
1aa3edd533940d94c1e417143713e5aaf22c2d269b0a205d611b770c6bb092c6
2720d64672af921ddb7ca2bb3c79052ddf6395c5f54ef1cd1aea2c989f103b72
29091caa6f2374957c15476e14ef16bedead97eac46bf90fa6c55f371331fe99
32c6efb0e6620b55ce6d9a1ae634da174b0babfb810acb4e4d3856298694ddd4
38f0377daa88051109bd6ac4a3ce7de239cf0a242c49fc5d399888ddbf760490
38fe38eba411d3098e3ebb5709178ce9f1fc56e1a3567fcaa18cb5a2395c23f5
39979f601f57f5d4cc6011bd5b8e5cafa2559eff1b5479a817f6f04ddbc83952
3c03272e4ac6537be4a8246e69fad3a8e9450184aec90298462a3d714a986199
45f2967a362f767a414c279f114b8f6bd293f3ab07d3753fe9abdd4080408c1a
4c55427d1280dc8c721f78d91954191ff0e1035e5a8ec602746c85b55cb3098a
5a33fcbf0f406c9e9e767d66a1f43462b8391ffb8e8aaf8de53248a1510e37aa
5ccdd17e06576785fb36b30e8f8e8b65a25fc90425b39404ab6ad6c53fc837bf
61522c11ffff187f4d054088e766e894aa6a6dbf629b4fbecf508213a22db680
64cd2352fc23c91fe8c05fd696ec62486e5383ca1fe8b67a7aa896a3c624434f
754235af94ace68ec407cdbdbcaab45f4baf868f32feb3ec0bca57adbc0c9193
9ca07cfe33a9de4a4f3bfcc9316fb85b84c52477ca36390201df492aec3007a7
bbd961c93397bc450f406fc284d8dfe569c39a5cdcbb04c6c847d6e57de60c47
bd3f8ad7d7bae1cf9602d0712875f6e9ab48f57d2a809acb8bcba779b60e3e17
c72f85dbad1c57bf7462549813dc310a6bbab6f366518fded579b660237fb8fa
cfefc3d1e1fd30433488f4faf720e638f0567faeee99cec325f7fb726f40db66
d718dd62959faa5f1f77404333840e1477147d4861287ed9f8b384681cf4ee93
eb778615c4b21352ae39e40e73fd6b23a30ad19526b06d6e9dd89d102f4be23f

sxb1plvwcpnl497350.prod.sxb1.secureserver.net Open in urlscan Pro 92.205.145.199 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

688 kBTransfer

1483 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

sxb1plvwcpnl497350.prod.sxb1.secureserver.net Open in urlscan Pro
92.205.145.199 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

688 kB
Transfer

1483 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!