servcmmch.click Open in urlscan Pro
2606:4700:3032::6815:4312 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://servcmmch.click/gevs.php
Submission: On May 12 via automatic, source openphish (May 12th 2023, 6:34:17 am UTC) — Scanned from DE

Summary HTTP 26 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3032::6815:4312, located in United States and belongs to CLOUDFLARENET, US. The main domain is servcmmch.click.

This is the only time servcmmch.click was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3032::6815:4312	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 20	212.149.50.15 212.149.50.15	16365 (COMMERZBA...) (COMMERZBANK DE-60261 Frankfurt)
7	212.149.50.185 212.149.50.185	16365 (COMMERZBA...) (COMMERZBANK DE-60261 Frankfurt)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2600:1901:0:c... 2600:1901:0:c07c::	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:5... 2600:1901:0:5987::	15169 (GOOGLE) (GOOGLE)
26	7

2 2606:4700:3032::6815:4312 (United States)

ASN13335 (CLOUDFLARENET, US)

servcmmch.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 212.149.50.15 (Frankfurt am Main, Germany) 7 redirects

ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE)
PTR: kunden.commerzbank.de

kunden.commerzbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 212.149.50.185 (Frankfurt am Main, Germany)

ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE)
PTR: www.commerzbank.de

www.commerzbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	commerzbank.de 7 redirects kunden.commerzbank.de — Cisco Umbrella Rank: 332933 www.commerzbank.de — Cisco Umbrella Rank: 179928	723 KB
3	usercentrics.eu api.usercentrics.eu — Cisco Umbrella Rank: 10103 app.usercentrics.eu — Cisco Umbrella Rank: 10323	2 KB
2	servcmmch.click servcmmch.click	100 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 775	30 KB
26	4

	Domain	Requested by
20	kunden.commerzbank.de	7 redirects servcmmch.click
7	www.commerzbank.de	servcmmch.click
2	api.usercentrics.eu	kunden.commerzbank.de
2	servcmmch.click	servcmmch.click
1	app.usercentrics.eu	servcmmch.click
1	code.jquery.com	servcmmch.click
26	6

This site contains links to these domains. Also see Links.

Domain
kunden.commerzbank.de

Subject Issuer	Validity	Valid
kunden.commerzbank.de GlobalSign Extended Validation CA - SHA256 - G3	`2022-12-21` - `2024-01-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
api.usercentrics.eu GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
app.usercentrics.eu GTS CA 1D4	`2023-04-11` - `2023-07-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://servcmmch.click/gevs.php
Frame ID: 45CD6922725B0CE9EFA2DCD19DED8B2C
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TNR anfordern - Angaben - ST01 - Commerzbank

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

65 %
HTTPS

67 %
IPv6

4
Domains

6
Subdomains

7
IPs

3
Countries

865 kB
Transfer

3782 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://kunden.commerzbank.de/portal/de/privatkunden/startseite.html

Search URL Search Domain Scan URL

URL: https://kunden.commerzbank.de/lp/login/
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://kunden.commerzbank.de/banking/financeoverview/
Title: Finanzübersicht

Search URL Search Domain Scan URL

URL: https://kunden.commerzbank.de/banking/account/transactionoverview/
Title: Umsatzübersicht

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js HTTP 302
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js

Request Chain 6

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js HTTP 302
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js

Request Chain 7

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js HTTP 302
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js

Request Chain 8

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js HTTP 302
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js

Request Chain 9

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js HTTP 302
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js

Request Chain 17

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif HTTP 302
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif

Request Chain 18

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js HTTP 302
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js

26 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request gevs.php Show response
servcmmch.click/ 924 KB
100 KB 439ms
396ms Document
text/html 2606:4700:3032::6815:4312
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:4312 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2375460190ddae08b9e208cff57d5ea5718cdd883d2eea7755b5938693a62bfc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7c60a2719ea72c5e-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 May 2023 06:34:12 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3%2Fs7g4U9EGgDXuAORYAhPj9tyJvHOBXgYteI%2FJIFEyIwSOfCLZ%2FRUXK9Xp1YtYdtvY%2F2HLl6GZ65JoBeIM9LyJk%2FlxOnDnGp1MJvnnczO%2FqDCKoLBDIS%2BiNt4ZlyGfx%2BYqMh1vS5m4WFWwKSrY%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200 main.css
kunden.commerzbank.de/portal/media/system/28.108.14/css/ 393 KB
117 KB 96ms
58ms Stylesheet
text/css 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/css/main.css

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: 0e11bd4512e727beb58679b02259c44da752f4fcb07d7aac85f86ae175face0c
Transfer-Encoding: chunked
Connection: Keep-Alive
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Nov 2022 09:13:09 GMT
Server: Apache
etag: "163510997-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: text/css
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=100
expires: Fri, 12 May 2023 06:39:12 GMT

GET
H/1.1 200 cms.css
kunden.commerzbank.de/portal/media/system/28.108.14/css/ 200 KB
89 KB 101ms
63ms Stylesheet
text/css 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/css/cms.css

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: a0b0b4e621e2ddceea8de8f59cee76443a2163cbdbeca22a66aa5dfea1039db4
Transfer-Encoding: chunked
Connection: Keep-Alive
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Jan 2023 10:56:16 GMT
Server: Apache
etag: "-136495325-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: text/css
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=100
expires: Fri, 12 May 2023 06:39:12 GMT

GET
H/1.1 200 header_login.css
kunden.commerzbank.de/portal/media/system/28.108.14/css/ 2 KB
1 KB 107ms
70ms Stylesheet
text/css 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/css/header_login.css

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

4721430fe5f62198e3cd7f2bb6a430da5d25bf0a652400e0cbf7cb433ea7a8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: b537c07c22d44921c94507d4554c7dc3b2e18f8ce2ac546f3b7d623e2a10106b
Connection: Keep-Alive
Content-Length: 707
x-xss-protection: 1; mode=block
last-modified: Fri, 12 May 2023 03:32:22 GMT
Server: Apache
etag: "942074135-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: text/css
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=100
expires: Fri, 12 May 2023 06:39:12 GMT

GET
H/1.1 200 openforms.css
kunden.commerzbank.de/portal/media/system/28.108.14/css/ 319 KB
101 KB 111ms
72ms Stylesheet
text/css 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/css/openforms.css

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

63cd6ff5a705b72ec83a1ec6cfb800cc0a248b713bf5f6aaf332ecccf9cd0958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: 2d987fd7bae7510d7269b75feafdbfe76a81c537cc2e71964d59c46101076de0
Transfer-Encoding: chunked
Connection: Keep-Alive
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Nov 2022 05:22:58 GMT
Server: Apache
etag: "-1390996875-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: text/css
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=100
expires: Fri, 12 May 2023 06:39:12 GMT

GET
H/1.1

404

jquery-1.12.4.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/
Redirect Chain

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js

0
0

146ms
109ms

Script
text/html

212.149.50.185
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 212.149.50.185 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS: www.commerzbank.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
Server: Apache
Content-Type: application/javascript
location: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js
x-oneagent-js-injection: true
server-timing: dtRpid;desc="-1905464714", dtSInfo;desc="0"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
content-length: 0

GET
H/1.1 404
Not Found bundle.js
servcmmch.click/portal/media/system/usercentrics/ 0
0 388ms
381ms Script
text/html 2606:4700:3032::6815:4312
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://servcmmch.click/portal/media/system/usercentrics/bundle.js
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 2606:4700:3032::6815:4312 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/gevs.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:13 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfZJTNoExZPCHY2jsk5bc7N%2FWEzW4VNWjljJCM6MgCfwloyQpeH2HpJ6tUaAQnrmdFlSZ4xm2VXJVBzIf%2BqoDwCqggGD5SPMw0IW%2FDeuzzJcmxh%2FLncvXoT54J1XwDt%2FGr1QOlrAUZ2%2BsJqA36k%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 7c60a2768c3c1994-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

404

CMPageContext.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/
Redirect Chain

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js

0
0

178ms
134ms

Script
text/html

212.149.50.185
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 212.149.50.185 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS: www.commerzbank.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date: Fri, 12 May 2023 06:34:11 GMT
strict-transport-security: max-age=31536000
Server: Apache
Content-Type: application/javascript
location: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js
x-oneagent-js-injection: true
server-timing: dtRpid;desc="-1922805137", dtSInfo;desc="0"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
content-length: 0

GET
H/1.1

404

prototype.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/
Redirect Chain

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js

0
0

318ms
300ms

Script
text/html

212.149.50.185
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 212.149.50.185 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS: www.commerzbank.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
Server: Apache
Content-Type: application/javascript
location: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js
x-oneagent-js-injection: true
server-timing: dtRpid;desc="-1295406864", dtSInfo;desc="0"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
content-length: 0

GET
H/1.1

404

effects.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/
Redirect Chain

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js

0
0

170ms
152ms

Script
text/html

212.149.50.185
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 212.149.50.185 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS: www.commerzbank.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
Server: Apache
Content-Type: application/javascript
location: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js
x-oneagent-js-injection: true
server-timing: dtRpid;desc="568593156", dtSInfo;desc="0"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
content-length: 0

GET
H/1.1

404

wonder.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/
Redirect Chain

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js

0
0

206ms
188ms

Script
text/html

212.149.50.185
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 212.149.50.185 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS: www.commerzbank.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date: Fri, 12 May 2023 06:34:11 GMT
strict-transport-security: max-age=31536000
Server: Apache
Content-Type: application/javascript
location: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js
x-oneagent-js-injection: true
server-timing: dtRpid;desc="-976521466", dtSInfo;desc="0"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
content-length: 0

GET
H/1.1 200 jquery_ui_1_12_1.js Show response
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 248 KB
67 KB 231ms
114ms Script
application/javascript 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/js/jquery_ui_1_12_1.js

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: def3c9b779bbdb87159df2e3d1a401c498bd3b113e4c16c90754e77faa27bb66
Transfer-Encoding: chunked
Connection: Keep-Alive
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Nov 2022 05:17:49 GMT
Server: Apache
etag: "-1536096480-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=98
expires: Fri, 12 May 2023 06:39:12 GMT

GET
H/1.1 200 lib_head.js Show response
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 42 KB
12 KB 168ms
51ms Script
application/javascript 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_head.js

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: 173236bdcf01895573dfaef01351ae6210d34ecbb4ca57f2da563198ff090cdc
Transfer-Encoding: chunked
Connection: Keep-Alive
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Nov 2022 05:22:58 GMT
Server: Apache
etag: "-321040864-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=98
expires: Fri, 12 May 2023 06:39:12 GMT

GET
H/1.1 200 lib_smartbanner.js Show response
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 7 KB
2 KB 173ms
47ms Script
application/javascript 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_smartbanner.js

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: b57484b6a51fef5f5c0b5f3186c99137ab83f837de43baf8f5e609ae0b4bc317
Connection: Keep-Alive
Content-Length: 1596
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Nov 2022 05:22:58 GMT
Server: Apache
etag: "543926292-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=99
expires: Fri, 12 May 2023 06:39:12 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 40ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:34:12 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15d84"
vary: Accept-Encoding
x-hw: 1683873252.dop015.fr8.t,1683873252.cds231.fr8.hn,1683873252.cds327.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H/1.1 200 bundle.js Show response
kunden.commerzbank.de/portal/media/system/usercentrics/ 1 MB
229 KB 86ms
86ms Script
application/javascript 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/usercentrics/bundle.js

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

de9819776f1e0b50fb71b4519029bd53dd167375f0175d61ea5b761af646872f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: d1307dcc3fe622683d199849d5658519001bff3d17cd2ddc29553b5f7de25b23
Transfer-Encoding: chunked
Connection: Keep-Alive
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Nov 2022 05:17:57 GMT
Server: Apache
etag: "-1265751740-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=97
expires: Fri, 12 May 2023 06:39:12 GMT

GET
H/1.1 200 logo_big_svg.svg
kunden.commerzbank.de/portal/media/system/images/ 10 KB
3 KB 60ms
59ms Image
image/svg+xml 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kunden.commerzbank.de/portal/media/system/images/logo_big_svg.svg

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: 88bf7de03d29340be6402795e7f7bfd466c71ce1ac74ee1c1e385c6d52126d38
Connection: Keep-Alive
Content-Length: 2841
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Nov 2022 05:17:44 GMT
Server: Apache
etag: "-2129430624-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: image/svg+xml
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=98
expires: Fri, 12 May 2023 06:39:13 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer
Origin: http://servcmmch.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1

404

spacer.gif
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/
Redirect Chain

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif

0
0

124ms
102ms

Image
text/html

212.149.50.185
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 212.149.50.185 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS: www.commerzbank.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
Server: Apache
Content-Type: image/gif
location: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif
x-oneagent-js-injection: true
server-timing: dtRpid;desc="-1887708474", dtSInfo;desc="0"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=97
content-length: 0

GET
H/1.1

404

lib_FormCenter.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/
Redirect Chain

https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js

0
0

145ms
125ms

Script
text/html

212.149.50.185
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js
Requested by: Host: servcmmch.click
URL: http://servcmmch.click/gevs.php
Protocol: HTTP/1.1
Server: 212.149.50.185 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS: www.commerzbank.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
Server: Apache
Content-Type: application/javascript
location: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js
x-oneagent-js-injection: true
server-timing: dtRpid;desc="252962197", dtSInfo;desc="0"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=98
content-length: 0

GET
H/1.1 200 lib_main.js Show response
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 288 KB
82 KB 83ms
82ms Script
application/javascript 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_main.js

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

cb4e5a4a25b095758e702317af5145988042cd4a5fb43866b8cdc6ddbd2da809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: 2f874f1bb6f5022ed1d06d3ea1178654a1d1841331c52cf67a7afe7ae8e61f2a
Transfer-Encoding: chunked
Connection: Keep-Alive
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Feb 2023 13:31:32 GMT
Server: Apache
etag: "1900273465-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=99
expires: Fri, 12 May 2023 06:39:13 GMT

GET
H/1.1 200 lib_cms.js Show response
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 24 KB
7 KB 65ms
65ms Script
application/javascript 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_cms.js

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: 94194ee0a17d9c5bf21ae2750c7a5cf624770b14bd7b464d249337b1af2e2d91
Connection: Keep-Alive
Content-Length: 6982
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Nov 2022 05:17:55 GMT
Server: Apache
etag: "1032703758-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=99
expires: Fri, 12 May 2023 06:39:13 GMT

GET
H/1.1 200 lib_header_login.js Show response
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 2 KB
1 KB 50ms
50ms Script
application/javascript 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_header_login.js

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

ad800e49187fb5ab9613f9af42936fbbf439a500e759a05d547afd80fe451b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: 378f53c6aaa689010fe0bb7634789ac749fbd95cbabbe2512ad3abc7728495f4
Connection: Keep-Alive
Content-Length: 673
x-xss-protection: 1; mode=block
last-modified: Fri, 12 May 2023 03:34:29 GMT
Server: Apache
etag: "-1020355175-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=97
expires: Fri, 12 May 2023 06:39:13 GMT

GET
H/1.1 200 html5shiv-printshiv.js Show response
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 7 KB
3 KB 49ms
49ms Script
application/javascript 212.149.50.15
COMMERZBANK DE-60...

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.commerzbank.de/portal/media/system/28.108.14/js/html5shiv-printshiv.js

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),

Reverse DNS

kunden.commerzbank.de

Software

Apache /

Resource Hash

4f38b7e2bbb7305b0684410e23cad5ce32e9fad7c929870883f8a82d8845c502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Fri, 12 May 2023 06:34:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
Content-Encoding: gzip
com-coba-cif-csrf-protection: e8b247a1e9f313dc15b24596ed6e1c2dd9781bbd7edfdcb233e1c4c6ae32a026
Connection: Keep-Alive
Content-Length: 2404
x-xss-protection: 1; mode=block
last-modified: Fri, 12 May 2023 03:34:29 GMT
Server: Apache
etag: "-1020180155-gzip"
x-frame-options: DENY
Vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
content-language: de-DE
cache-control: private
Keep-Alive: timeout=15, max=96
expires: Fri, 12 May 2023 06:39:13 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 de.json Show response
api.usercentrics.eu/settings/undefined/latest/ 2 B
658 B 27ms
8ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/undefined/latest/de.json

Requested by

Host: kunden.commerzbank.de
URL: https://kunden.commerzbank.de/portal/media/system/usercentrics/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:31:23 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 170
x-client-geo-location: DE,
x-guploader-uploadid: ADPycdvU4bonjzj93-1PXuPJ1Xq8LYYvwomLraD1HYKULlu3-9pYODp3XEHvAUD2l_wnZFNmOUZs6LMLzQ1Ymb73Q8sFQR5rRwu-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
last-modified: Mon, 15 Apr 2019 14:52:12 GMT
server: UploadServer
etag: "30afbeaf341021198dbb372c5c1cb23a"
x-goog-generation: 1555339932618663
x-goog-hash: crc32c=Z7S0gA==, md5=MK++rzQQIRmNuzcsXByyOg==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600, no-transform
x-goog-stored-content-length: 22
accept-ranges: bytes
content-type: application/json
expires: Fri, 12 May 2023 06:41:23 GMT

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
1 KB 29ms
8ms Image
image/png 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=undefined

Requested by

Host: servcmmch.click
URL: http://servcmmch.click/gevs.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:25:14 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 539
x-guploader-uploadid: ADPycdvryQlu6rKtyR3h0c3v2W3gra5tCrCggQ1xE8tqdG2jJ570fifa0MikFpvv8VhW3abhMilTMNZzHINVoWdMCHQ2pw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
x-goog-generation: 1588928773413784
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type: image/png
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
expires: Fri, 12 May 2023 06:55:14 GMT

GET
H2 200 en.json Show response
api.usercentrics.eu/settings/undefined/latest/ 2 B
184 B 12ms
11ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/undefined/latest/en.json

Requested by

Host: kunden.commerzbank.de
URL: https://kunden.commerzbank.de/portal/media/system/usercentrics/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://servcmmch.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 06:31:23 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 170
x-client-geo-location: DE,
x-guploader-uploadid: ADPycdtcqXitkNvU5-QO4dcxmrpCp_NSEBY0mxcRYZwB9fVd3FtyFYcO8uwzOQ24h1bK5roDr1g94lhwoqOc5r6uTkv-uMgHMN0-
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
last-modified: Mon, 15 Apr 2019 14:52:12 GMT
server: UploadServer
etag: "30afbeaf341021198dbb372c5c1cb23a"
x-goog-generation: 1555339932606183
x-goog-hash: crc32c=Z7S0gA==, md5=MK++rzQQIRmNuzcsXByyOg==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=600, no-transform
x-goog-stored-content-length: 22
accept-ranges: bytes
content-type: application/json
expires: Fri, 12 May 2023 06:41:23 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: http://servcmmch.click/portal/media/system/usercentrics/bundle.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.usercentrics.eu
app.usercentrics.eu
code.jquery.com
kunden.commerzbank.de
servcmmch.click
www.commerzbank.de
2001:4de0:ac18::1:a:1a
212.149.50.15
212.149.50.185
2600:1901:0:5987::
2600:1901:0:c07c::
2606:4700:3032::6815:4312
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
2375460190ddae08b9e208cff57d5ea5718cdd883d2eea7755b5938693a62bfc
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4721430fe5f62198e3cd7f2bb6a430da5d25bf0a652400e0cbf7cb433ea7a8e5
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
4f38b7e2bbb7305b0684410e23cad5ce32e9fad7c929870883f8a82d8845c502
63cd6ff5a705b72ec83a1ec6cfb800cc0a248b713bf5f6aaf332ecccf9cd0958
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
ad800e49187fb5ab9613f9af42936fbbf439a500e759a05d547afd80fe451b21
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2
cb4e5a4a25b095758e702317af5145988042cd4a5fb43866b8cdc6ddbd2da809
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
de9819776f1e0b50fb71b4519029bd53dd167375f0175d61ea5b761af646872f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

servcmmch.click Open in urlscan Pro 2606:4700:3032::6815:4312 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

65 %HTTPS

67 %IPv6

4 Domains

6 Subdomains

7 IPs

3 Countries

865 kBTransfer

3782 kBSize

0 Cookies

4 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

servcmmch.click Open in urlscan Pro
2606:4700:3032::6815:4312 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

65 %
HTTPS

67 %
IPv6

4
Domains

6
Subdomains

7
IPs

3
Countries

865 kB
Transfer

3782 kB
Size

0
Cookies

26 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!