urlscan.io logo urlscan.io
SecurityTrails logo

103.90.160.63 Open in urlscan Pro
103.90.160.63  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://103.90.160.63/commerz/index.php
Submission: On March 27 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 2 domains to perform 29 HTTP transactions. The main IP is 103.90.160.63, located in Miami, United States and belongs to KAMATERA, US. The main domain is 103.90.160.63.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 26th 2024. Valid for: 3 months.
This is the only time 103.90.160.63 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
9 103.90.160.63 36007 (KAMATERA)
10 212.149.50.15 16365 (COMMERZBA...)
2 104.17.25.14 13335 (CLOUDFLAR...)
6 2600:9000:215... 16509 (AMAZON-02)
29 5
Apex Domain
Subdomains		 Transfer
16 commerzbank.de
kunden.commerzbank.de — Cisco Umbrella Rank: 269182
execution.ci360.tpp.commerzbank.de — Cisco Umbrella Rank: 131520
460 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 234
172 KB
29 2
Domain Requested by
10 kunden.commerzbank.de 103.90.160.63
kunden.commerzbank.de
6 execution.ci360.tpp.commerzbank.de 103.90.160.63
execution.ci360.tpp.commerzbank.de
2 cdnjs.cloudflare.com 103.90.160.63
cdnjs.cloudflare.com
29 3
Subject Issuer Validity Valid
103.90.160.63
ZeroSSL RSA Domain Secure Site CA		 2024-03-26 -
2024-06-24		 3 months crt.sh
kunden.commerzbank.de
GlobalSign Extended Validation CA - SHA256 - G3		 2024-01-11 -
2025-02-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
execution.ci360.tpp.commerzbank.de
Amazon RSA 2048 M03		 2023-09-17 -
2024-10-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://103.90.160.63/commerz/index.php
Frame ID: 4C81F83D58666AF1359F97F37DBE4461
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmeldung zum Digital Banking - Commerzbank

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

29
Requests

93 %
HTTPS

25 %
IPv6

2
Domains

3
Subdomains

5
IPs

3
Countries

2035 kB
Transfer

3183 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
103.90.160.63/commerz/ 		31 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 / PHP/8.0.30
Resource Hash
8b1d29ae3581c06fa8da91ddef3a750fa11fee15bdaa734c7889996ac799e00f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 27 Mar 2024 16:25:15 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
Transfer-Encoding
chunked
X-Powered-By
PHP/8.0.30
ruxitagentjs_ICA27NVfqrux_10279231130031246.js
103.90.160.63/commerz/assets/ 		209 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://103.90.160.63/commerz/assets/ruxitagentjs_ICA27NVfqrux_10279231130031246.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
cf696fe5fda77bb90815a99aa1dcf5013e2d4ef03d8f3d2e0a8b5a70987d4485

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/commerz/index.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
Last-Modified
Tue, 26 Mar 2024 16:26:28 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
ETag
"345fa-61492c08f5f59"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
214522
main.css
kunden.commerzbank.de/portal/media/system/40.191.29/css/ 		393 KB
117 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/css/main.css
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
ed69448e04faa2a20c6f109317015fb17c40e321ea9bfa5c6e6747e665615158
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:17:45 GMT
Server
Apache
etag
"580226999-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
text/css
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Wed, 27 Mar 2024 16:30:15 GMT
cms.css
kunden.commerzbank.de/portal/media/system/40.191.29/css/ 		200 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/css/cms.css
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
a98f21abdbd912c11f08c38e8c891e9e63383cc41455f6b51c5f406b340d5742
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:17:45 GMT
Server
Apache
etag
"523080847-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
text/css
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Wed, 27 Mar 2024 16:30:15 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://103.90.160.63
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 16:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
508638
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18861
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-49ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oV0BzCPog0AyrdL%2Fi4dF3W4fvbbbGhDAtQ7DuJG5yEQkZQBBXa8%2F0F%2BVWtGV4jhsoxFfeMLnmJJvG65UbDP5LUt5mHhtSu7MlcfOdqUujo5Xdehj5Hg2bPI7HkgjeFiCkYrNOwlf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86b0bc410c0b6aec-FRA
expires
Mon, 17 Mar 2025 16:25:15 GMT
jQuery_3_5_1.js
kunden.commerzbank.de/portal/media/system/40.191.29/js/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/js/jQuery_3_5_1.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
984051d349eb480a2a06db83c69e1b52926cc8807ba5ceaaf2b81b20acf6ef12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
e39d63753f1bef7aea93433ac186dfccc1e28a59fe6f8f1e7c219a5bef7ddb79
Connection
Keep-Alive
Content-Length
34563
x-xss-protection
1; mode=block
last-modified
Wed, 27 Mar 2024 03:30:12 GMT
Server
Apache
etag
"-1955860737-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Wed, 27 Mar 2024 16:30:15 GMT
jQuery-ui_1_13_1.js
kunden.commerzbank.de/portal/media/system/40.191.29/js/ 		517 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/js/jQuery-ui_1_13_1.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
e97315234cc1f1c4737d98ea29c0f4d4f06c032dc5943012ae50bc4b10a92276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
8c9d544b53f5ac8839c65b37a7bb7765af02f862b9412d6375b4014bfe3da536
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:14:30 GMT
Server
Apache
etag
"31234053-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Wed, 27 Mar 2024 16:30:15 GMT
lib_head.js
kunden.commerzbank.de/portal/media/system/40.191.29/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/40.191.29/js/lib_head.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
d51e6fb75cf674223508baf2d172da5ad892d25a1db9a8126226c204eded0743
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:17:45 GMT
Server
Apache
etag
"-1228143681-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Wed, 27 Mar 2024 16:30:15 GMT
lib_smartbanner.js
kunden.commerzbank.de/portal/media/system/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/js/lib_smartbanner.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
1b1c35c10c9d83dd6693f3a4ec46e148211cfac635e970e34a034cfdab91ce88
Connection
Keep-Alive
Content-Length
1596
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:17:45 GMT
Server
Apache
etag
"-1424997739-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Wed, 27 Mar 2024 16:30:15 GMT
cmp_puk.js
103.90.160.63/commerz/assets/ 		804 KB
804 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://103.90.160.63/commerz/assets/cmp_puk.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
df894e369a97b9ce264d891e8f0d179e3c8e0cdffef74e5f6efd52a274490835

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/commerz/index.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
Last-Modified
Tue, 26 Mar 2024 16:26:27 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
ETag
"c8f13-61492c07d5f04"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
823059
gtm_integration_puk.js
103.90.160.63/commerz/assets/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://103.90.160.63/commerz/assets/gtm_integration_puk.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
9c6c8d1b0a86906d74783e0f1afeb0a0a3b2e8a64cc16187a727299136c0b29d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/commerz/index.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
Last-Modified
Tue, 26 Mar 2024 16:26:27 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
ETag
"1e34-61492c08335e9"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7732
ot-all.min.js
execution.ci360.tpp.commerzbank.de/js/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
Origin
https://103.90.160.63
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 16:03:38 GMT
content-encoding
gzip
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
age
1298
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
rH3AzXFNxkzhowvf8OlqxbWLIAt0TeIVUmy5LF6Sp4HPMTgQ0FsKOw==
lupe.png
kunden.commerzbank.de/portal/media/system/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/lupe.png
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
com-coba-cif-csrf-protection
b397031e5b4d79503a43d4cd0b6162978d52c391b0c9076c3d855a15d9737631
Connection
Keep-Alive
content-length
1308
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:14:30 GMT
Server
Apache
etag
"-2060418881"
x-frame-options
DENY
content-type
image/png
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=99
expires
Wed, 27 Mar 2024 16:30:15 GMT
logo_big_svg.svg
kunden.commerzbank.de/portal/media/system/images/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/logo_big_svg.svg
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
fc8379b7a171d6afbb2383c9749dd2fdb96015691a06057c5a7933563779f6e6
Connection
Keep-Alive
Content-Length
2841
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:14:28 GMT
Server
Apache
etag
"-1835332400-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
image/svg+xml
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=98
expires
Wed, 27 Mar 2024 16:30:16 GMT
logo_big_svg.svg
103.90.160.63/portal/media/system/images/ 		300 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://103.90.160.63/portal/media/system/images/logo_big_svg.svg
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
69969f4f57045d049463633491cac602f79b48b90bd8994a27c60ee5dc6c74ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/commerz/index.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:15 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
300
Content-Type
text/html; charset=iso-8859-1
lib_main.js
103.90.160.63/commerz/assets/ 		288 KB
289 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://103.90.160.63/commerz/assets/lib_main.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
7773b03f24086a3face6dc887bb1a595e93294cc336abb53fc039d420da75975

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/commerz/index.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:16 GMT
Last-Modified
Tue, 26 Mar 2024 16:26:28 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
ETag
"480d2-61492c08c09b7"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
295122
lib_cms.js
103.90.160.63/commerz/assets/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://103.90.160.63/commerz/assets/lib_cms.js
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/commerz/index.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:16 GMT
Last-Modified
Tue, 26 Mar 2024 16:26:28 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
ETag
"61d1-61492c0894394"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
25041
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0

Request headers

Referer
Origin
https://103.90.160.63
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer
Origin
https://103.90.160.63
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff
icons_woff.woff
kunden.commerzbank.de/portal/media/system/fonts/ 		0
0
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		153 KB
153 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://103.90.160.63
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 16:25:16 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1201275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
156496
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-26350"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5%2BgLLa9jc%2BbxGPhzK8MTkHeAHZ8MqwJ6y8bSwQGrOHH6Hmwk2Nb0btMHIra9SLX2FK8WNguorc36w53Gyp0LOxbdMSUoES8Ln1JN5zkFGoPiLEsOENQDxk5sJHfH%2BSk4w8MWpYA"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86b0bc485bec6aec-FRA
expires
Mon, 17 Mar 2025 16:25:16 GMT
ico_fehler_png.png
kunden.commerzbank.de/portal/media/system/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/ico_fehler_png.png
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/index.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
com-coba-cif-csrf-protection
d67241f1c494355b241f80a08f8c95425142268c88b627d471694da8d301210d
Connection
Keep-Alive
content-length
1659
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:12:02 GMT
Server
Apache
etag
"-770750057"
x-frame-options
DENY
content-type
image/png
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=97
expires
Wed, 27 Mar 2024 16:30:16 GMT
ot-min.js
execution.ci360.tpp.commerzbank.de/js/ 		172 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-min.js
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 15:57:00 GMT
content-encoding
gzip
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
age
1696
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
-Sdm3LTz7aXW6-I-FKKhtyFHV9hqDdYZ1BB6lc3Wvh0c17VzZ9Ihag==
1711556716941
execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a/ 		0
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a/1711556716941?version=1.1.0&domain=103.90.160.63&p=%2Fcommerz%2Findex.php&params=&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=https%3A%2F%2F103.90.160.63%2Fcommerz%2Findex.php&requestedfile=%2Fcommerz%2Findex.php&cts=1711556716941&tzo=-60&platform=Win32&port=&protocol=https&flash_enabled=false&flash_version=&java_enabled=false&java_version=&screen_info=800x600@24&browser_language=en-US&character_set=UTF-8&csz=563687&bsz=1600x1113&tab_id=3628556198
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 16:25:17 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
0
x-amz-cf-id
Rwlus6rw-zv3OIaWOtCycepuJrodxq05mu48OtJ48QSH8PV1scKsAQ==
icons_ttf.ttf
kunden.commerzbank.de/portal/media/system/fonts/ 		0
0
55cca7442f00010d1e64bd0a
execution.ci360.tpp.commerzbank.de/t/s/p/ 		0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/p/55cca7442f00010d1e64bd0a?version=1.1.0&domain=103.90.160.63&p=%2Fcommerz%2Findex.php&params=&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=https%3A%2F%2F103.90.160.63%2Fcommerz%2Findex.php&requestedfile=%2Fcommerz%2Findex.php&platform=Win32&port=&protocol=https&browser_language=en-US&character_set=UTF-8
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 16:25:17 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
0
x-amz-cf-id
viceAmYBKWtEXeuAMFH7m8riO0ab4CnzWA8mOjyCGHDYpsoVA_3dQQ==
ot-api.min.js
execution.ci360.tpp.commerzbank.de/js/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-api.min.js
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
84c269b38f956d51abef1e9ce7c369f847d6eb1ad7cb4582c7fb0ef067dc6798

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 16:09:48 GMT
content-encoding
gzip
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
age
929
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
max-age=1800
content-disposition
inline;filename=f.txt
x-amz-cf-id
QGqtDOlBOtBkH9TL1zfv47m6WUDfhqupiJCcm014RNQNtML62pZ46A==
55cca7442f00010d1e64bd0a
execution.ci360.tpp.commerzbank.de/t/s/c/ 		0
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a?domain=103.90.160.63&p=%2Fcommerz%2Findex.php&params=&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=https%3A%2F%2F103.90.160.63%2Fcommerz%2Findex.php&cts=1711556717088&tzo=-60&platform=Win32&port=&protocol=https&screen_info=800x600@24&browser_language=en-US&character_set=UTF-8&csz=565293&bsz=1600x1113&tab_id=3628556198&java_enabled=false&flash_enabled=false
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/assets/ruxitagentjs_ICA27NVfqrux_10279231130031246.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:6800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 16:25:17 GMT
via
1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://103.90.160.63
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
0
x-amz-cf-id
Hi9F82jmyIlpy-4QAum7E8G6oUoHaVeIzx8aw-JV2KMwVrd9LzXXtQ==
favicon.ico
kunden.commerzbank.de/portal/media/system/images/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/images/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://103.90.160.63/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:25:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
com-coba-cif-csrf-protection
e111ffb99d3c69d5921832a1612208e4765037d25b864b25bd9874728ab16131
Connection
Keep-Alive
content-length
1150
x-xss-protection
1; mode=block
last-modified
Mon, 27 Nov 2023 07:09:48 GMT
Server
Apache
etag
"-2095969169"
x-frame-options
DENY
content-type
image/x-icon
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=96
expires
Wed, 27 Mar 2024 16:30:17 GMT
rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683
103.90.160.63/banking/dynatrace/ 		300 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://103.90.160.63/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D91_sn_ECBSDV53GGQ543EUN5BPGHCCU8PVV075&svrid=-91&flavor=post&vi=GAHCFRPBCUJCSKSQQUIPUKEJVHUHOWUR-0&modifiedSince=1709626992672&rf=https%3A%2F%2F103.90.160.63%2Fcommerz%2Findex.php&bp=3&app=53cd4acc1b85e003&crc=4177853161&en=vsme09c4&end=1
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/assets/ruxitagentjs_ICA27NVfqrux_10279231130031246.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
69969f4f57045d049463633491cac602f79b48b90bd8994a27c60ee5dc6c74ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://103.90.160.63/commerz/index.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 27 Mar 2024 16:25:19 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
300
Content-Type
text/html; charset=iso-8859-1
rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683
103.90.160.63/banking/dynatrace/ 		300 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://103.90.160.63/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D91_sn_ECBSDV53GGQ543EUN5BPGHCCU8PVV075&svrid=-91&flavor=post&vi=GAHCFRPBCUJCSKSQQUIPUKEJVHUHOWUR-0&modifiedSince=1709626992672&rf=https%3A%2F%2F103.90.160.63%2Fcommerz%2Findex.php&bp=3&app=53cd4acc1b85e003&crc=2984292407&en=vsme09c4&end=1
Requested by
Host: 103.90.160.63
URL: https://103.90.160.63/commerz/assets/ruxitagentjs_ICA27NVfqrux_10279231130031246.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.90.160.63 Miami, United States, ASN36007 (KAMATERA, US),
Reverse DNS
Software
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30 /
Resource Hash
69969f4f57045d049463633491cac602f79b48b90bd8994a27c60ee5dc6c74ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://103.90.160.63/commerz/index.php
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 27 Mar 2024 16:25:21 GMT
Server
Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.0.30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
300
Content-Type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kunden.commerzbank.de
URL
https://kunden.commerzbank.de/portal/media/system/fonts/icons_woff.woff
Domain
kunden.commerzbank.de
URL
https://kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| dT_ object| dtrum object| dynatrace string| webtrekkEnabled function| $ function| jQuery object| mrm object| cfs object| Modernizr function| yepnope object| cSmartBanner undefined| setBannerTags boolean| userIsLoggedIn object| ccb_cif function| reloadActualLocation number| gtmAreaCode string| gtmScriptincludeVersion function| initGTM string| uaID object| dataLayer object| CI360_TEILNEHMERNUMMER function| ci360 function| salReInitInputSpinners function| isGTMActive function| collectGTMData function| fillCID function| Class object| Tc function| _ object| Select2 function| CobaNewsList function| CobaNews boolean| consentPA object| cookieBox object| usercentrics object| com_sas_ci_acs object| CryptoJS object| overrideDomain object| c3 function| overridePrototypes object| Hashcode object| GeneralBase64 object| Base64 function| getDecisionParams object| spotMap function| loadDoc function| extractValue object| dataTagToEventMap function| handleInjectResponse function| windowFocused function| windowBlured function| LocalQueue function| onYouTubeIframeAPIReady function| onYouTubePlayerReady object| $ci360 boolean| ci360_config_called

7 Cookies

Domain/Path Name / Value
103.90.160.63/ Name: PHPSESSID
Value: d6icsfphm45kq519oph0ojls2f
103.90.160.63/ Name: dtCookie
Value: v_4_srv_-2D91_sn_ECBSDV53GGQ543EUN5BPGHCCU8PVV075
103.90.160.63/ Name: rxVisitor
Value: 17115567161233TU1BT928QFHVL77583U3T17990587H8
103.90.160.63/ Name: dtSa
Value: -
103.90.160.63/ Name: rxvt
Value: 1711558517094|1711556716124
execution.ci360.tpp.commerzbank.de/ Name: AWSALBCORS
Value: QTEerdl/y7hcZylkr6R3OoUGl+UFyE9vluQwQ7I+RzOnOKt/rhjVTDoS1mkp5TAs5Uo1jvycp4u0j2VwmahtVEWYCENJE1LAj0W6gCZGciPaae/CxOjDpc4irkPT
103.90.160.63/ Name: dtPC
Value: -91$356716121_452h-vGAHCFRPBCUJCSKSQQUIPUKEJVHUHOWUR-0e0

13 Console Messages

Source Level URL
Text
network error URL: https://103.90.160.63/portal/media/system/images/logo_big_svg.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript error URL: https://103.90.160.63/commerz/index.php
Message:
Access to font at 'https://kunden.commerzbank.de/portal/media/system/fonts/icons_woff.woff' from origin 'https://103.90.160.63' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kunden.commerzbank.de/portal/media/system/fonts/icons_woff.woff
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://103.90.160.63/commerz/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://103.90.160.63/commerz/index.php
Message:
Access to font at 'https://kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf' from origin 'https://103.90.160.63' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://103.90.160.63/commerz/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://103.90.160.63/commerz/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://103.90.160.63/commerz/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://103.90.160.63/commerz/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://103.90.160.63/commerz/index.php
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://103.90.160.63/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D91_sn_ECBSDV53GGQ543EUN5BPGHCCU8PVV075&svrid=-91&flavor=post&vi=GAHCFRPBCUJCSKSQQUIPUKEJVHUHOWUR-0&modifiedSince=1709626992672&rf=https%3A%2F%2F103.90.160.63%2Fcommerz%2Findex.php&bp=3&app=53cd4acc1b85e003&crc=4177853161&en=vsme09c4&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://103.90.160.63/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D91_sn_ECBSDV53GGQ543EUN5BPGHCCU8PVV075&svrid=-91&flavor=post&vi=GAHCFRPBCUJCSKSQQUIPUKEJVHUHOWUR-0&modifiedSince=1709626992672&rf=https%3A%2F%2F103.90.160.63%2Fcommerz%2Findex.php&bp=3&app=53cd4acc1b85e003&crc=2984292407&en=vsme09c4&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
execution.ci360.tpp.commerzbank.de
kunden.commerzbank.de
kunden.commerzbank.de
103.90.160.63
104.17.25.14
212.149.50.15
2600:9000:2156:6800:1c:66fa:7680:93a1
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12
69969f4f57045d049463633491cac602f79b48b90bd8994a27c60ee5dc6c74ac
7773b03f24086a3face6dc887bb1a595e93294cc336abb53fc039d420da75975
84c269b38f956d51abef1e9ce7c369f847d6eb1ad7cb4582c7fb0ef067dc6798
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
8b1d29ae3581c06fa8da91ddef3a750fa11fee15bdaa734c7889996ac799e00f
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
984051d349eb480a2a06db83c69e1b52926cc8807ba5ceaaf2b81b20acf6ef12
9c6c8d1b0a86906d74783e0f1afeb0a0a3b2e8a64cc16187a727299136c0b29d
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2
cf696fe5fda77bb90815a99aa1dcf5013e2d4ef03d8f3d2e0a8b5a70987d4485
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
df894e369a97b9ce264d891e8f0d179e3c8e0cdffef74e5f6efd52a274490835
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97315234cc1f1c4737d98ea29c0f4d4f06c032dc5943012ae50bc4b10a92276
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358