urlscan.io logo urlscan.io
SecurityTrails logo

103.13.209.26 Open in urlscan Pro
103.13.209.26  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://103.13.209.26/Commerzbank/index.php
Submission: On March 08 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 2 domains to perform 29 HTTP transactions. The main IP is 103.13.209.26, located in Canary Wharf, United Kingdom and belongs to CLOUDWEBMANAGE-UK-1, US. The main domain is 103.13.209.26.
This is the only time 103.13.209.26 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
10 103.13.209.26 210329 (CLOUDWEBM...)
9 212.149.50.15 16365 (COMMERZBA...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2600:9000:215... 16509 (AMAZON-02)
29 5
Apex Domain
Subdomains		 Transfer
15 commerzbank.de
kunden.commerzbank.de — Cisco Umbrella Rank: 280319
execution.ci360.tpp.commerzbank.de — Cisco Umbrella Rank: 128989
458 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 228
172 KB
29 2
Domain Requested by
9 kunden.commerzbank.de 103.13.209.26
kunden.commerzbank.de
6 execution.ci360.tpp.commerzbank.de 103.13.209.26
execution.ci360.tpp.commerzbank.de
2 cdnjs.cloudflare.com 103.13.209.26
cdnjs.cloudflare.com
29 3
Subject Issuer Validity Valid
kunden.commerzbank.de
GlobalSign Extended Validation CA - SHA256 - G3		 2024-01-11 -
2025-02-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
execution.ci360.tpp.commerzbank.de
Amazon RSA 2048 M03		 2023-09-17 -
2024-10-15		 a year crt.sh

This page contains 1 frames:

Primary Page: http://103.13.209.26/Commerzbank/index.php
Frame ID: 89B5842A7566187F57A430C0D6AE2837
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmeldung zum Digital Banking - Commerzbank

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

29
Requests

59 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

5
IPs

3
Countries

2033 kB
Transfer

3182 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
103.13.209.26/Commerzbank/ 		31 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 / PHP/8.2.12
Resource Hash
8b1d29ae3581c06fa8da91ddef3a750fa11fee15bdaa734c7889996ac799e00f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Mar 2024 15:15:38 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Transfer-Encoding
chunked
X-Powered-By
PHP/8.2.12
ruxitagentjs_ICA27NVfqrux_10279231130031246.js
103.13.209.26/Commerzbank/assets/ 		209 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://103.13.209.26/Commerzbank/assets/ruxitagentjs_ICA27NVfqrux_10279231130031246.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
cf696fe5fda77bb90815a99aa1dcf5013e2d4ef03d8f3d2e0a8b5a70987d4485

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/Commerzbank/index.php
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
Last-Modified
Fri, 01 Mar 2024 20:47:31 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
ETag
"345fa-6129f7c18ae68"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
214522
main.css
kunden.commerzbank.de/portal/media/system/40.191.29/css/ 		393 KB
116 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/css/main.css
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
23c94eb47f152710ac4c3b574cc7b05669f96c2a0787054f3256de5cf7703a10
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:17:45 GMT
Server
Apache
etag
"580226999-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
text/css
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Fri, 08 Mar 2024 15:20:38 GMT
cms.css
kunden.commerzbank.de/portal/media/system/40.191.29/css/ 		200 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/css/cms.css
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
04bfdaca08da6e79c2060bdbedbed75b011a98d6b9cbd755c6a5939579d16431
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:17:45 GMT
Server
Apache
etag
"523080847-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
text/css
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Fri, 08 Mar 2024 15:20:38 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
http://103.13.209.26
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 08 Mar 2024 15:15:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
94029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18861
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-49ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLT2XzscZDSxJ9cqjcCajVIHfiqUtw3dYLwMTrfWTZGgcBmD6VPVEbr6OcBojglH15lN2maEdFwypuzjEa1UkO%2BVaxAFcEJrj799MTkXtqF8hbuDBEBYkSl61RZz%2FDBsqVXPFRc%2Bga%2BP731OryykCrTP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8613c8287f6f922f-FRA
expires
Wed, 26 Feb 2025 15:15:38 GMT
jQuery_3_5_1.js
kunden.commerzbank.de/portal/media/system/40.191.29/js/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/js/jQuery_3_5_1.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
984051d349eb480a2a06db83c69e1b52926cc8807ba5ceaaf2b81b20acf6ef12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
aafb1c6b6dfc7223b4872cf08c5e87eff6e1a016725a8f8ebc58f1d5f1cea112
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Fri, 08 Mar 2024 03:15:12 GMT
Server
Apache
etag
"316290236-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Fri, 08 Mar 2024 15:20:38 GMT
jQuery-ui_1_13_1.js
kunden.commerzbank.de/portal/media/system/40.191.29/js/ 		517 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/js/jQuery-ui_1_13_1.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
e97315234cc1f1c4737d98ea29c0f4d4f06c032dc5943012ae50bc4b10a92276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
9036f2cfe8f833d534c10ebb52c486589049991fed9422a6b9502c7c18aa3b24
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:14:30 GMT
Server
Apache
etag
"31234053-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Fri, 08 Mar 2024 15:20:38 GMT
lib_head.js
kunden.commerzbank.de/portal/media/system/40.191.29/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/js/lib_head.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
f951e758409a701d9b042f848372f8a9ac4337a2d3561475cef19324740b87d5
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:17:45 GMT
Server
Apache
etag
"-1228143681-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Fri, 08 Mar 2024 15:20:38 GMT
lib_smartbanner.js
kunden.commerzbank.de/portal/media/system/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/js/lib_smartbanner.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
e47a91f891779b144ebb841addc3c560562bf0747d256bcbaab391bf39f9551e
Connection
Keep-Alive
Content-Length
1596
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:17:45 GMT
Server
Apache
etag
"-1424997739-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Fri, 08 Mar 2024 15:20:38 GMT
cmp_puk.js
103.13.209.26/Commerzbank/assets/ 		804 KB
804 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://103.13.209.26/Commerzbank/assets/cmp_puk.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
df894e369a97b9ce264d891e8f0d179e3c8e0cdffef74e5f6efd52a274490835

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/Commerzbank/index.php
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
Last-Modified
Fri, 01 Mar 2024 20:47:32 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
ETag
"c8f13-6129f7c244014"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
823059
gtm_integration_puk.js
103.13.209.26/Commerzbank/assets/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://103.13.209.26/Commerzbank/assets/gtm_integration_puk.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
9c6c8d1b0a86906d74783e0f1afeb0a0a3b2e8a64cc16187a727299136c0b29d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/Commerzbank/index.php
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
Last-Modified
Fri, 01 Mar 2024 20:47:32 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
ETag
"1e34-6129f7c25e54e"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7732
ot-all.min.js
execution.ci360.tpp.commerzbank.de/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e

Request headers

Referer
http://103.13.209.26/
Origin
http://103.13.209.26
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 08 Mar 2024 15:02:30 GMT
content-encoding
gzip
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
age
789
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
bX8VusRMkkXk7VZHrVJ86eBnrEOdx9JCzFUhTn9h5KQ5dc9yrf99IQ==
lupe.png
kunden.commerzbank.de/portal/media/system/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/lupe.png
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
com-coba-cif-csrf-protection
45f171c54b893e460e6556983cfd791549a0fbb1f43a41a20f9ccaf76ca53f1c
Connection
Keep-Alive
content-length
1308
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:14:30 GMT
Server
Apache
etag
"-2060418881"
x-frame-options
DENY
content-type
image/png
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=99
expires
Fri, 08 Mar 2024 15:20:39 GMT
logo_big_svg.svg
kunden.commerzbank.de/portal/media/system/images/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/logo_big_svg.svg
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
68dd9f443980da6daa3a46fc918300983c6237105e84d06308169a005011642e
Connection
Keep-Alive
Content-Length
2841
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:14:28 GMT
Server
Apache
etag
"-1835332400-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
image/svg+xml
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=98
expires
Fri, 08 Mar 2024 15:20:39 GMT
logo_big_svg.svg
103.13.209.26/portal/media/system/images/ 		299 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://103.13.209.26/portal/media/system/images/logo_big_svg.svg
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
2865f9fde739397013c3cc188e9ad1e8acafd1677041634f7c77d8923f80c521

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/Commerzbank/index.php
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
299
Content-Type
text/html; charset=iso-8859-1
lib_main.js
103.13.209.26/Commerzbank/assets/ 		288 KB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://103.13.209.26/Commerzbank/assets/lib_main.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
7773b03f24086a3face6dc887bb1a595e93294cc336abb53fc039d420da75975

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/Commerzbank/index.php
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
Last-Modified
Fri, 01 Mar 2024 20:47:33 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
ETag
"480d2-6129f7c35ee81"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
295122
lib_cms.js
103.13.209.26/Commerzbank/assets/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://103.13.209.26/Commerzbank/assets/lib_cms.js
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/Commerzbank/index.php
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:39 GMT
Last-Modified
Fri, 01 Mar 2024 20:47:33 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
ETag
"61d1-6129f7c377463"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
25041
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0

Request headers

Referer
Origin
http://103.13.209.26
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer
Origin
http://103.13.209.26
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
application/x-font-woff
icons_woff.woff
kunden.commerzbank.de/portal/media/system/fonts/ 		0
0
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
http://103.13.209.26
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 08 Mar 2024 15:15:39 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
689900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
156496
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-26350"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amiQD5AFnM4JSO13oZR4R%2FYiBXgwePP%2Fo0%2BDMkkT3eg1Jneb79c%2Fs%2BPKdGs%2BOlwp8DPRHofww8qVXUEEfwmav%2FNym%2BifVT1EsCTn8oeAP5XTSs0xGexXxClOEvM1%2BH24gn3agNeKXas%2FwTltGgIlAR8D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8613c829681c922f-FRA
expires
Wed, 26 Feb 2025 15:15:39 GMT
ico_fehler_png.png
kunden.commerzbank.de/portal/media/system/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/ico_fehler_png.png
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
com-coba-cif-csrf-protection
d3d87cc42192e2e59b054026b08709e639519a524005273967fbf8be8a82aecf
Connection
Keep-Alive
content-length
1659
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:12:02 GMT
Server
Apache
etag
"-770750057"
x-frame-options
DENY
content-type
image/png
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=99
expires
Fri, 08 Mar 2024 15:20:39 GMT
icon-512.png
103.13.209.26/portal/media/anwendungen/apps/appstore/ 		299 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://103.13.209.26/portal/media/anwendungen/apps/appstore/icon-512.png
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/index.php
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
2865f9fde739397013c3cc188e9ad1e8acafd1677041634f7c77d8923f80c521

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/Commerzbank/index.php
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Fri, 08 Mar 2024 15:15:39 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
299
Content-Type
text/html; charset=iso-8859-1
icons_ttf.ttf
kunden.commerzbank.de/portal/media/system/fonts/ 		0
0
ot-min.js
execution.ci360.tpp.commerzbank.de/js/ 		172 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-min.js
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 08 Mar 2024 14:49:20 GMT
content-encoding
gzip
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
age
1579
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
PItw2LzVjWROHbke1h1SxWBEn-QE33YlLLEAk1ulnmr4nprJxEaoDw==
1709910939419
execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a/ 		0
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a/1709910939419?version=1.1.0&domain=103.13.209.26&p=%2FCommerzbank%2Findex.php&params=&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=http%3A%2F%2F103.13.209.26%2FCommerzbank%2Findex.php&requestedfile=%2FCommerzbank%2Findex.php&cts=1709910939419&tzo=-60&platform=Linux%20x86_64&port=&protocol=http&flash_enabled=false&flash_version=&java_enabled=false&java_version=&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=564248&bsz=1600x1200&tab_id=32818052267
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 08 Mar 2024 15:15:39 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
0
x-amz-cf-id
HOpl1CKb9LkcKj3Yt_YpH4qhrkWt3z0CSbaULnO9JNkrGC10UpvjmQ==
55cca7442f00010d1e64bd0a
execution.ci360.tpp.commerzbank.de/t/s/p/ 		0
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/p/55cca7442f00010d1e64bd0a?version=1.1.0&domain=103.13.209.26&p=%2FCommerzbank%2Findex.php&params=&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=http%3A%2F%2F103.13.209.26%2FCommerzbank%2Findex.php&requestedfile=%2FCommerzbank%2Findex.php&platform=Linux%20x86_64&port=&protocol=http&browser_language=en-US&character_set=UTF-8
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 08 Mar 2024 15:15:39 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
0
x-amz-cf-id
Mc6of26ex1gZaJ-6q9UjQUBWcyYmn5o4g7bRTy6i1_UX2J6AfZHupQ==
ot-api.min.js
execution.ci360.tpp.commerzbank.de/js/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-api.min.js
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
69bd5b12b56a94886a691d71f03f92f64943335c3ab7ed8acc16becaa0bfdb64

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 08 Mar 2024 15:08:42 GMT
content-encoding
gzip
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
age
417
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
L1vX4ZTMAquTI6XQZ1NXiwD3a6M5iIC_MwNlus-hzUB6jbvuEwDbiA==
55cca7442f00010d1e64bd0a
execution.ci360.tpp.commerzbank.de/t/s/c/ 		0
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a?domain=103.13.209.26&p=%2FCommerzbank%2Findex.php&params=&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=http%3A%2F%2F103.13.209.26%2FCommerzbank%2Findex.php&cts=1709910939560&tzo=-60&platform=Linux%20x86_64&port=&protocol=http&screen_info=1600x1200@24&browser_language=en-US&character_set=UTF-8&csz=565884&bsz=1600x1200&tab_id=32818052267&java_enabled=false&flash_enabled=false
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/assets/ruxitagentjs_ICA27NVfqrux_10279231130031246.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3600:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://103.13.209.26/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Fri, 08 Mar 2024 15:15:39 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
http://103.13.209.26
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
0
x-amz-cf-id
Jorl4k0y2Alba0Hqeykd1yJKmFXlTdITkuK_Q-R8MMS2LvIeBlIodg==
rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683
103.13.209.26/banking/dynatrace/ 		299 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://103.13.209.26/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D73_sn_0KGOCKFFOM31AISIRR7PH6845LMBLTST&svrid=-73&flavor=post&vi=FJBKFKCWQPPMHKJBGACTSMRLNHDEVRFL-0&modifiedSince=1709626992672&rf=http%3A%2F%2F103.13.209.26%2FCommerzbank%2Findex.php&bp=3&app=53cd4acc1b85e003&crc=3712148281&en=vsme09c4&end=1
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/assets/ruxitagentjs_ICA27NVfqrux_10279231130031246.js
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
2865f9fde739397013c3cc188e9ad1e8acafd1677041634f7c77d8923f80c521

Request headers

Referer
http://103.13.209.26/Commerzbank/index.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 08 Mar 2024 15:15:41 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
299
Content-Type
text/html; charset=iso-8859-1
rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683
103.13.209.26/banking/dynatrace/ 		299 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://103.13.209.26/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D73_sn_0KGOCKFFOM31AISIRR7PH6845LMBLTST&svrid=-73&flavor=post&vi=FJBKFKCWQPPMHKJBGACTSMRLNHDEVRFL-0&modifiedSince=1709626992672&rf=http%3A%2F%2F103.13.209.26%2FCommerzbank%2Findex.php&bp=3&app=53cd4acc1b85e003&crc=2122767769&en=vsme09c4&end=1
Requested by
Host: 103.13.209.26
URL: http://103.13.209.26/Commerzbank/assets/ruxitagentjs_ICA27NVfqrux_10279231130031246.js
Protocol
HTTP/1.1
Server
103.13.209.26 Canary Wharf, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12 /
Resource Hash
2865f9fde739397013c3cc188e9ad1e8acafd1677041634f7c77d8923f80c521

Request headers

Referer
http://103.13.209.26/Commerzbank/index.php
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 08 Mar 2024 15:15:43 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
299
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kunden.commerzbank.de
URL
https://kunden.commerzbank.de/portal/media/system/fonts/icons_woff.woff
Domain
kunden.commerzbank.de
URL
https://kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dT_ object| dtrum object| dynatrace string| webtrekkEnabled function| $ function| jQuery object| mrm object| cfs object| Modernizr function| yepnope object| cSmartBanner undefined| setBannerTags boolean| userIsLoggedIn object| ccb_cif function| reloadActualLocation number| gtmAreaCode string| gtmScriptincludeVersion function| initGTM string| uaID object| dataLayer object| CI360_TEILNEHMERNUMMER function| ci360 function| salReInitInputSpinners function| isGTMActive function| collectGTMData function| fillCID function| Class object| Tc function| _ object| Select2 function| CobaNewsList function| CobaNews boolean| consentPA object| cookieBox object| usercentrics object| com_sas_ci_acs object| CryptoJS object| overrideDomain object| c3 function| overridePrototypes object| Hashcode object| GeneralBase64 object| Base64 function| getDecisionParams object| spotMap function| loadDoc function| extractValue object| dataTagToEventMap function| handleInjectResponse function| windowFocused function| windowBlured function| LocalQueue function| onYouTubeIframeAPIReady function| onYouTubePlayerReady object| $ci360 boolean| ci360_config_called

7 Cookies

Domain/Path Name / Value
103.13.209.26/ Name: PHPSESSID
Value: emtvl5i940t3t5gb1qbat227il
103.13.209.26/ Name: dtCookie
Value: v_4_srv_-2D73_sn_0KGOCKFFOM31AISIRR7PH6845LMBLTST
103.13.209.26/ Name: rxVisitor
Value: 1709910939007VGUMK6H641C148D1HPMKGO7P8MO2UAU6
103.13.209.26/ Name: dtSa
Value: -
103.13.209.26/ Name: rxvt
Value: 1709912739571|1709910939008
execution.ci360.tpp.commerzbank.de/ Name: AWSALBCORS
Value: FBH9hlEtS14zcz04bj/4lb6UkkB+6UfrGgieDVVA087aE+PKlfGWN0jfHB6hP2yDUv89WzFJ/k+baDqMG+IHyHFpa7F10brstrAFlT7Nk505C/5B75/UfeUdkrLZ
103.13.209.26/ Name: dtPC
Value: -73$510939006_423h-vFJBKFKCWQPPMHKJBGACTSMRLNHDEVRFL-0e0

14 Console Messages

Source Level URL
Text
network error URL: http://103.13.209.26/portal/media/system/images/logo_big_svg.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://103.13.209.26/portal/media/anwendungen/apps/appstore/icon-512.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: http://103.13.209.26/Commerzbank/index.php
Message:
Access to font at 'https://kunden.commerzbank.de/portal/media/system/fonts/icons_woff.woff' from origin 'http://103.13.209.26' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kunden.commerzbank.de/portal/media/system/fonts/icons_woff.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://103.13.209.26/Commerzbank/index.php
Message:
Access to font at 'https://kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf' from origin 'http://103.13.209.26' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: http://103.13.209.26/Commerzbank/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://103.13.209.26/Commerzbank/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://103.13.209.26/Commerzbank/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://103.13.209.26/Commerzbank/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://103.13.209.26/Commerzbank/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://103.13.209.26/Commerzbank/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: http://103.13.209.26/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D73_sn_0KGOCKFFOM31AISIRR7PH6845LMBLTST&svrid=-73&flavor=post&vi=FJBKFKCWQPPMHKJBGACTSMRLNHDEVRFL-0&modifiedSince=1709626992672&rf=http%3A%2F%2F103.13.209.26%2FCommerzbank%2Findex.php&bp=3&app=53cd4acc1b85e003&crc=3712148281&en=vsme09c4&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://103.13.209.26/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D73_sn_0KGOCKFFOM31AISIRR7PH6845LMBLTST&svrid=-73&flavor=post&vi=FJBKFKCWQPPMHKJBGACTSMRLNHDEVRFL-0&modifiedSince=1709626992672&rf=http%3A%2F%2F103.13.209.26%2FCommerzbank%2Findex.php&bp=3&app=53cd4acc1b85e003&crc=2122767769&en=vsme09c4&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
execution.ci360.tpp.commerzbank.de
kunden.commerzbank.de
kunden.commerzbank.de
103.13.209.26
212.149.50.15
2600:9000:2156:3600:1c:66fa:7680:93a1
2606:4700::6811:190e
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
2865f9fde739397013c3cc188e9ad1e8acafd1677041634f7c77d8923f80c521
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12
69bd5b12b56a94886a691d71f03f92f64943335c3ab7ed8acc16becaa0bfdb64
7773b03f24086a3face6dc887bb1a595e93294cc336abb53fc039d420da75975
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
8b1d29ae3581c06fa8da91ddef3a750fa11fee15bdaa734c7889996ac799e00f
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
984051d349eb480a2a06db83c69e1b52926cc8807ba5ceaaf2b81b20acf6ef12
9c6c8d1b0a86906d74783e0f1afeb0a0a3b2e8a64cc16187a727299136c0b29d
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2
cf696fe5fda77bb90815a99aa1dcf5013e2d4ef03d8f3d2e0a8b5a70987d4485
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
df894e369a97b9ce264d891e8f0d179e3c8e0cdffef74e5f6efd52a274490835
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97315234cc1f1c4737d98ea29c0f4d4f06c032dc5943012ae50bc4b10a92276
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358