meinecommerzbank-phototan.com.de
Open in
urlscan Pro
2606:4700:3033::6815:3e49
Malicious Activity!
Public Scan
Effective URL: https://meinecommerzbank-phototan.com.de/pages
Submission: On April 28 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by E1 on April 27th 2023. Valid for: 3 months.
This is the only time meinecommerzbank-phototan.com.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 15 | 2606:4700:303... 2606:4700:3033::6815:3e49 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 2 |
ASN13335 (CLOUDFLARENET, US)
meinecommerzbank-phototan.com.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
com.de
2 redirects
meinecommerzbank-phototan.com.de |
304 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
15 | meinecommerzbank-phototan.com.de |
2 redirects
meinecommerzbank-phototan.com.de
|
13 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
kunden.commerzbank.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
meinecommerzbank-phototan.com.de E1 |
2023-04-27 - 2023-07-26 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://meinecommerzbank-phototan.com.de/pages
Frame ID: 75F5AF19C104AE64B7F36FB5A587E086
Requests: 13 HTTP requests in this frame
Frame:
https://meinecommerzbank-phototan.com.de/front_end/front_end_files/cdcs-iframe-index.html
Frame ID: D4EC152BB30C94896B5668D4274746BB
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Anmeldung zum Digital Banking - CommerzbankPage URL History Show full URLs
-
http://meinecommerzbank-phototan.com.de/
HTTP 301
https://meinecommerzbank-phototan.com.de/ HTTP 302
https://meinecommerzbank-phototan.com.de/pages Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Wertpapierumsätze
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://meinecommerzbank-phototan.com.de/
HTTP 301
https://meinecommerzbank-phototan.com.de/ HTTP 302
https://meinecommerzbank-phototan.com.de/pages Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pages
meinecommerzbank-phototan.com.de/ Redirect Chain
|
257 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
meinecommerzbank-phototan.com.de/front_end/front_end_files/ |
392 KB 110 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cms.css
meinecommerzbank-phototan.com.de/front_end/front_end_files/ |
200 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.js
meinecommerzbank-phototan.com.de/js/cntdjs/ |
87 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.js
meinecommerzbank-phototan.com.de/js/cntdjs/ |
23 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cntd.js
meinecommerzbank-phototan.com.de/js/cntdjs/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.js
meinecommerzbank-phototan.com.de/js/shared/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
online_status.js
meinecommerzbank-phototan.com.de/js/shared/ |
998 B 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lupe.png
meinecommerzbank-phototan.com.de/front_end/front_end_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_big_svg.svg
meinecommerzbank-phototan.com.de/front_end/front_end_files/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cdcs-iframe-index.html
meinecommerzbank-phototan.com.de/front_end/front_end_files/ Frame D4EC |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons_woff.woff
meinecommerzbank-phototan.com.de/front_end/front_end_files/ |
40 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cdcs.js
meinecommerzbank-phototan.com.de/front_end/front_end_files/ Frame D4EC |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless string| urlroot string| uniqueid function| $ function| jQuery object| controller string| url1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
meinecommerzbank-phototan.com.de/ | Name: PHPSESSID Value: 0csv434mkhl6s51c2vmtma2htm |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
meinecommerzbank-phototan.com.de
2606:4700:3033::6815:3e49
000bfe8646b40a3477c4620164e12bc76e5a232c4ba54a43a9e6ed95f88035f2
04186b9f02e3d1119a44b79f327a3c99d1985662a5f31b19e0de078225c0627e
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
b6354acb43062a4a28e04f002c2c427c059239cc4ca24245a965bf6ae4502124
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
ed09f0eff56524c496ea94dfecf094eeb1900e8c248472a4dd249dad939943b2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358