erneuerung.ihr-tan.financial Open in urlscan Pro
2606:4700:3035::6815:4cf4  Malicious Activity! Public Scan

Submitted URL: http://erneuerung.ihr-tan.financial/info.php
Effective URL: https://erneuerung.ihr-tan.financial/info.php
Submission: On August 09 via manual from DE — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3035::6815:4cf4, located in United States and belongs to CLOUDFLARENET, US. The main domain is erneuerung.ihr-tan.financial.
TLS certificate: Issued by WE1 on August 7th 2024. Valid for: 3 months.
This is the only time erneuerung.ihr-tan.financial was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
13 2
Apex Domain
Subdomains
Transfer
12 ihr-tan.financial
erneuerung.ihr-tan.financial
317 KB
0 ihr-tan.app Failed
erneuerung.ihr-tan.app Failed
13 2
Domain Requested by
12 erneuerung.ihr-tan.financial erneuerung.ihr-tan.financial
0 erneuerung.ihr-tan.app Failed erneuerung.ihr-tan.financial
13 2

This site contains links to these domains. Also see Links.

Domain
www.commerzbank.de
kunden.commerzbank.de
service.commerzbank.de
bankenverband.de
Subject Issuer Validity Valid
ihr-tan.financial
WE1
2024-08-07 -
2024-11-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://erneuerung.ihr-tan.financial/info.php
Frame ID: 68ADAC1F5F57740877596645BA6E260C
Requests: 15 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://erneuerung.ihr-tan.financial/info.php HTTP 307
    https://erneuerung.ihr-tan.financial/info.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

92 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

352 kB
Transfer

1220 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://erneuerung.ihr-tan.financial/info.php HTTP 307
    https://erneuerung.ihr-tan.financial/info.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request info.php
erneuerung.ihr-tan.financial/
Redirect Chain
  • http://erneuerung.ihr-tan.financial/info.php
  • https://erneuerung.ihr-tan.financial/info.php
542 KB
45 KB
Document
General
Full URL
https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e351f2e2f8d4a1615978a3247aa5e467dea01f7c0649c229f1c796d84247423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b07117e2dc60a61-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 10:30:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y56OtvgFiY%2BU2XM6o2mR4VW5Xzzr3HTz2PW7k8CY9jN23x7ugE0uKQjIUpa6YBBrzWPPsgnIk6jQPHo8xhcKgk0nlGsHVzFSxMqq2hnX1iO68V3nk0fm1GiD2DDqskpil1tBZwocov6H32HERZou6dlZFrm3uxqX0BNG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://erneuerung.ihr-tan.financial/info.php
Non-Authoritative-Reason
HttpsUpgrades
ust.min.js
erneuerung.ihr-tan.app/usertrack/server/
0
0

main.css
erneuerung.ihr-tan.financial/portal/media/system/41.203.28/css/
393 KB
133 KB
Stylesheet
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/css/main.css
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 16:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3750
etag
W/"667ee5c6-6224e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvX1iBDonVz9EvIoLJ7vV4tHKEYLTfdi%2B5Xodz5b2PMZM208XD%2B%2Bk6SJhdfPn%2Fs%2BaVgZR9o6YYELlZ8IcY%2Bo%2BpPOiLgDoi48qXEUtqM40NcTXV8Zm%2Ff%2FaubAJpGIVHPzeFF%2BwYtnoqdXFt1bndznrOFjb%2B6SJdZyUEic"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b07117f4eee0a61-AMS
alt-svc
h3=":443"; ma=86400
cms.css
erneuerung.ihr-tan.financial/portal/media/system/41.203.28/css/
200 KB
95 KB
Stylesheet
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/css/cms.css
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 16:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3750
etag
W/"667ee5c6-32190"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=256x7QwOHqsCHVeyRojyD1pO%2FgliOv%2Bh99ZaZPBj3TIrJq9Xb0XNF1YCQxDihMFZza8AsfxP1SPieqiSCwfXDVSvF6BVElJzQWT30O7jNP%2Fg%2FaQODCIiz%2B1ITHpXHYpJTUa9ltS36nAcVB2figld2b8Whs9IcOcZ%2F%2Fz%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8b07117f4eef0a61-AMS
alt-svc
h3=":443"; ma=86400
jQuery_3_5_1.js
erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/jQuery_3_5_1.js
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XO0%2BWdH3ZPssskSmvVtGnUX2fmDHbaJ9jtjpA8crJt7NXrlpmdhZ84Sxemlu7aImYkWHjhKg4QZcMoxPxVHPUxjSCcBpGW%2Bf5ugDTYuIfxC6IhvSxVesh0ld5j%2FDlhnuEDW0Xpf7VseIQ1XbudlNGioJz1rh2pyecJpl"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8b07117f4ef10a61-AMS
alt-svc
h3=":443"; ma=86400
jquery_ui_1_13_2.js
erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/jquery_ui_1_13_2.js
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBOF%2BtJXSfzIshOVeHd67mCKl%2FSb7W8N7OtsahJqyZkOpFpaOUT4I%2FSSiTMm%2Bo%2FZoQCTMI9GSqE%2BkSrjFOx1jN6%2FlUICBH0lY%2BdleobR2fKiLcjtthhSMmJ8JBDuWjZr9CMxDuwDg%2BicQz2HvbYjelmZEmP5AlGqG87l"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8b07117f4ef20a61-AMS
alt-svc
h3=":443"; ma=86400
lib_head.js
erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/lib_head.js
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0BSmVQMQilo8cJLg9oUYYa6WcMuX2pWY4p5loBQfHTN92WSACqFlBZpujAgP%2B86Fm9qyo0MBLgr2IKsLbldLzNVx2W%2BrwBWulaJZ9Mo%2FjHUMZK5iIJvdhyAoAE7gacbRTuI92x%2Fw%2BZEiMMk2dgtIv6qaUSQFJ3Gl3Kdq"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8b07117f4ef30a61-AMS
alt-svc
h3=":443"; ma=86400
lib_smartbanner.js
erneuerung.ihr-tan.financial/portal/media/system/js/
0
0
Script
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/js/lib_smartbanner.js
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RsXKt7vgOILVUDK5mqWPJKryFNGVpsRLVt%2BAHEfhEA4f7tVyJH4Ouz2F1pN7zL3vjdPcWAqn6WH4z9Ol%2B9CNVYQb5Fxv8QuICd%2Bjc7DkiALAtu0JqhDY%2BjLWOhvhPvrJHpPwPl9dQPtYEqcBwESus4yyk2riSLPAqWsQ"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8b07117f4ef50a61-AMS
alt-svc
h3=":443"; ma=86400
lupe.png
erneuerung.ihr-tan.financial/portal/media/system/images/
1 KB
2 KB
Image
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/images/lupe.png
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:00 GMT
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 16:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3750
etag
"667ee5c6-51c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgKs29cAUV2oGpfg4RT6pqVKIHjrPQbXBp5yO1WK%2Fbj5T%2BIxolnJH5ao8H%2BHuKPh8uVHP5eCvwHoa6LetPYI8jEXN3iz7kO%2FORZIiIcaE1DcKeln9HNbLpSWlxU%2B64CTIpjTdZgD4m2quWc46R2wq%2B3GoKefaNBD2VjV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b07117f9f390a61-AMS
alt-svc
h3=":443"; ma=86400
content-length
1308
logo_big_svg.svg
erneuerung.ihr-tan.financial/portal/media/system/images/
10 KB
3 KB
Image
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/images/logo_big_svg.svg
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 16:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3750
etag
W/"667ee5c6-2658"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCuvxbLqOr8XQM4w%2Bp0LkMr9TsmGc5LJRn4hzEeOHf%2FiGDP2WDHdbJbX%2F02axhzSGniBu0a4oF9oB1Gl3jvM3BMIVztMubQLm8pp8dGn%2Fjj7K0PULAA%2BtRYlMHJ62QRuhS39QvVRkVpT5CeWjvkUlAeiiSqsGT12157b"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8b07117f9f410a61-AMS
alt-svc
h3=":443"; ma=86400
lib_main.js
erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/lib_main.js
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:01 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BY5POuMFyYUKBu4bs2IjtOPdPK%2Fjyjy2cPJ7Z8tU5S69sBG44OI3A8bGpuObn87BfPunY5lS7kdkF1bi45GKxrqECpAUISDJDoVaEWXRrHmYq114r6tMqp80lEsrSRbfXWq7WMMeesVKzfcfxEzE%2BeFZChHx37sXlsO9"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8b07117f9f4a0a61-AMS
alt-svc
h3=":443"; ma=86400
lib_cms.js
erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/lib_cms.js
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/info.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://erneuerung.ihr-tan.financial/info.php
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:01 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tO5jFlhJGkK3owYhtTldPkM0%2BLhYi604LH0T%2B1djnskXNK%2BHqnxOCJbBbU7TNf7VfA1fwm9Iq%2Fg8ZHjTNA4W09zdg8f5UWHJpGk4PKckS2Jc3C4ePN0MzwC7kGAgVmFk0tqcbykFrEBVQoWnM2dmhHhbBxBOxIDfcK%2B8"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8b07117f9f4d0a61-AMS
alt-svc
h3=":443"; ma=86400
truncated
/
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer
Origin
https://erneuerung.ihr-tan.financial
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

Content-Type
application/x-font-woff
icons_woff.woff
erneuerung.ihr-tan.financial/portal/media/system/fonts/
40 KB
40 KB
Font
General
Full URL
https://erneuerung.ihr-tan.financial/portal/media/system/fonts/icons_woff.woff
Requested by
Host: erneuerung.ihr-tan.financial
URL: https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:4cf4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876

Request headers

Referer
https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/css/main.css
Origin
https://erneuerung.ihr-tan.financial
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

date
Fri, 09 Aug 2024 10:30:01 GMT
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 16:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3751
etag
"667ee5c6-9e84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FXo9m6dyKuuWnkaEC1A5GvxxKam4DHnsy0a4UkFf5d%2BF5VhFZomAe5CkZwoofDfXwGF9noiKWcnYXGLl%2BjXDctOwnaLGV7MkLfr2jxnJLLIB5wRhASypbkaFlmnsrlQv7ErviFUTpAznwmO%2FwsgN4lujKpXd80CY18V"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8b07118048070a61-AMS
alt-svc
h3=":443"; ma=86400
content-length
40580
truncated
/
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0

Request headers

Referer
Origin
https://erneuerung.ihr-tan.financial
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.122 Mobile Safari/537.36

Response headers

Content-Type
application/x-font-woff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
erneuerung.ihr-tan.app
URL
https://erneuerung.ihr-tan.app/usertrack/server/ust.min.js?v=3.4.4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| UST_CT object| UST string| webtrekkEnabled

0 Cookies

6 Console Messages

Source Level URL
Text
network error URL: https://erneuerung.ihr-tan.financial/portal/media/system/js/lib_smartbanner.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/jQuery_3_5_1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/jquery_ui_1_13_2.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/lib_head.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/lib_main.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://erneuerung.ihr-tan.financial/portal/media/system/41.203.28/js/lib_cms.js
Message:
Failed to load resource: the server responded with a status of 404 ()