urlscan.io logo urlscan.io
SecurityTrails logo

educel.com Open in urlscan Pro
198.46.93.253  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://smy1p7.gringosamigos.hu/
Effective URL: https://educel.com/commerz18/
Submission: On April 13 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 198.46.93.253, located in United States and belongs to INMOTION, US. The main domain is educel.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 12th 2023. Valid for: 3 months.
This is the only time educel.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 176.111.173.47 213010 (GIGAHOSTI...)
1 6 198.46.93.253 22611 (INMOTION)
10 212.149.50.15 16365 (COMMERZBA...)
15 3
Apex Domain
Subdomains		 Transfer
10 commerzbank.de
kunden.commerzbank.de — Cisco Umbrella Rank: 325517
383 KB
6 educel.com
educel.com
474 KB
1 gringosamigos.hu
smy1p7.gringosamigos.hu
264 B
15 3
Domain Requested by
10 kunden.commerzbank.de educel.com
6 educel.com 1 redirects educel.com
kunden.commerzbank.de
1 smy1p7.gringosamigos.hu 1 redirects
15 3

This site contains links to these domains. Also see Links.

Domain
kunden.commerzbank.de
www.commerzbank.de
Subject Issuer Validity Valid
educel.com
cPanel, Inc. Certification Authority		 2023-04-12 -
2023-07-11		 3 months crt.sh
kunden.commerzbank.de
GlobalSign Extended Validation CA - SHA256 - G3		 2022-12-21 -
2024-01-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://educel.com/commerz18/
Frame ID: 7FFEB13B39D68F329F210A9D60ADA4F9
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmeldung zum Digital Banking - Commerzbank

Page URL History Show full URLs

  1. http://smy1p7.gringosamigos.hu/ HTTP 301
    https://educel.com/commerz18 HTTP 301
    https://educel.com/commerz18/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

892 kB
Transfer

1645 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://smy1p7.gringosamigos.hu/ HTTP 301
    https://educel.com/commerz18 HTTP 301
    https://educel.com/commerz18/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
educel.com/commerz18/
Redirect Chain
  • http://smy1p7.gringosamigos.hu/
  • https://educel.com/commerz18
  • https://educel.com/commerz18/
15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.46.93.253 , United States, ASN22611 (INMOTION, US),
Reverse DNS
safesidewalks.webhostseattle.net
Software
Apache /
Resource Hash
7f6891d6a1eb26979fbc55c0c11ebcd86f3bb0916afc12aadc9dcfe2b9b32bc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Apr 2023 10:05:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
237
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 13 Apr 2023 10:05:09 GMT
Keep-Alive
timeout=5, max=100
Location
https://educel.com/commerz18/
Server
Apache
ruxitagentjs_ICA27NVfqrux_10259230221142207.js
kunden.commerzbank.de/banking/dynatrace/ 		222 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/banking/dynatrace/ruxitagentjs_ICA27NVfqrux_10259230221142207.js
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
fcac0584d499c6043e09c4550453ed5428f9f7a5181271d66df95b6e8c63b4f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
Server
Apache
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=31536000, immutable, private
Connection
Keep-Alive
Keep-Alive
timeout=15, max=100
content-length
86099
expires
Fri, 12 Apr 2024 10:05:09 GMT
main.css
educel.com/commerz18/images/ 		457 KB
457 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://educel.com/commerz18/images/main.css
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.46.93.253 , United States, ASN22611 (INMOTION, US),
Reverse DNS
safesidewalks.webhostseattle.net
Software
Apache /
Resource Hash
5d4ea7a769566deb234d8175977f4cbe2222e839fd06eaf3ce46c6a5be32da06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/commerz18/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:09 GMT
Last-Modified
Fri, 31 Mar 2023 22:44:18 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
468154
cms.css
kunden.commerzbank.de/portal/media/system/38.176.19/css/ 		200 KB
89 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/38.176.19/css/cms.css
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
5a5d34c08dcc2d91906a70e08ebbec141c8e961b00437bc6e319f10b7ae423c7
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Wed, 04 Jan 2023 10:56:16 GMT
Server
Apache
etag
"-136495325-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
text/css
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Thu, 13 Apr 2023 10:10:09 GMT
jquery_1_12_4.js
kunden.commerzbank.de/portal/media/system/38.176.19/js/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/38.176.19/js/jquery_1_12_4.js
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
bd6cd73d8a89e640b0871e655e29724f6a62a6a7ed12c444123be621718e5479
Connection
Keep-Alive
Content-Length
33760
x-xss-protection
1; mode=block
last-modified
Mon, 21 Nov 2022 05:17:49 GMT
Server
Apache
etag
"-1982691847-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Thu, 13 Apr 2023 10:10:09 GMT
jquery_ui_1_12_1.js
kunden.commerzbank.de/portal/media/system/38.176.19/js/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/38.176.19/js/jquery_ui_1_12_1.js
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
b3205c103e69c143bc7fef06939ff6a0ca9ab9c698fc9f300d4fc2c9b406ba51
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Mon, 21 Nov 2022 05:17:49 GMT
Server
Apache
etag
"-1536096480-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Thu, 13 Apr 2023 10:10:09 GMT
lib_head.js
kunden.commerzbank.de/portal/media/system/38.176.19/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/38.176.19/js/lib_head.js
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
2fa014bdfbfd97e263c1b93bf2b07ee7c22903d00fb835a56b7bec9c37ff616d
Connection
Keep-Alive
Content-Length
11887
x-xss-protection
1; mode=block
last-modified
Mon, 21 Nov 2022 05:22:58 GMT
Server
Apache
etag
"-321040864-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Thu, 13 Apr 2023 10:10:09 GMT
lib_smartbanner.js
kunden.commerzbank.de/portal/media/system/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/js/lib_smartbanner.js
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
af9983cdf925bac173481c2acf217098726280b5783fe867f8152227cdb9f97a
Connection
Keep-Alive
Content-Length
1596
x-xss-protection
1; mode=block
last-modified
Mon, 21 Nov 2022 05:22:58 GMT
Server
Apache
etag
"543926292-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=100
expires
Thu, 13 Apr 2023 10:10:09 GMT
lupe.png
kunden.commerzbank.de/portal/media/system/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/lupe.png
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
com-coba-cif-csrf-protection
730fc017ae3f3788dde2b3c172e861d120ae274cb6a0ff8084fab42cb12166c3
Connection
Keep-Alive
content-length
1308
x-xss-protection
1; mode=block
last-modified
Tue, 22 Nov 2022 09:06:08 GMT
Server
Apache
etag
"2056581121"
x-frame-options
DENY
content-type
image/png
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=97
expires
Thu, 13 Apr 2023 10:10:09 GMT
logo_big_svg.svg
kunden.commerzbank.de/portal/media/system/images/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/logo_big_svg.svg
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
b41764b3a83c2e317e8387b7cc4f7c3e73460961ea0c76eb34ebb720bb2f5509
Connection
Keep-Alive
Content-Length
2841
x-xss-protection
1; mode=block
last-modified
Mon, 21 Nov 2022 05:17:44 GMT
Server
Apache
etag
"-2129430624-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
image/svg+xml
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=96
expires
Thu, 13 Apr 2023 10:10:09 GMT
lib_main.js
kunden.commerzbank.de/portal/media/system/38.176.19/js/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/38.176.19/js/lib_main.js
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
cb4e5a4a25b095758e702317af5145988042cd4a5fb43866b8cdc6ddbd2da809
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
7398e05c6c785804dc5c8bdc3efeb492131b475d798ac85526e1496ec5c86685
Transfer-Encoding
chunked
Connection
Keep-Alive
x-xss-protection
1; mode=block
last-modified
Thu, 02 Feb 2023 13:31:32 GMT
Server
Apache
etag
"1900273465-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=99
expires
Thu, 13 Apr 2023 10:10:09 GMT
lib_cms.js
kunden.commerzbank.de/portal/media/system/38.176.19/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/38.176.19/js/lib_cms.js
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Frankfurt am Main, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
Content-Encoding
gzip
com-coba-cif-csrf-protection
d2191fcf482f1a04009c036c778c6fce427bac6ee906301aa8618fba9dfb546a
Connection
Keep-Alive
Content-Length
6982
x-xss-protection
1; mode=block
last-modified
Mon, 21 Nov 2022 05:17:55 GMT
Server
Apache
etag
"1032703758-gzip"
x-frame-options
DENY
Vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
content-language
de-DE
cache-control
private
Keep-Alive
timeout=15, max=98
expires
Thu, 13 Apr 2023 10:10:09 GMT
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer
Origin
https://educel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
application/x-font-woff
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0

Request headers

Referer
Origin
https://educel.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type
application/x-font-woff
ico_fehler_png.png
educel.com/portal/media/system/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://educel.com/portal/media/system/images/ico_fehler_png.png
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.46.93.253 , United States, ASN22611 (INMOTION, US),
Reverse DNS
safesidewalks.webhostseattle.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/commerz18/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:10 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
icon-512.png
educel.com/portal/media/anwendungen/apps/appstore/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://educel.com/portal/media/anwendungen/apps/appstore/icon-512.png
Requested by
Host: educel.com
URL: https://educel.com/commerz18/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.46.93.253 , United States, ASN22611 (INMOTION, US),
Reverse DNS
safesidewalks.webhostseattle.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://educel.com/commerz18/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 10:05:10 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683
educel.com/banking/dynatrace/ 		315 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://educel.com/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D14_sn_1S7QO98HCN9EKBFSAOQH484NVNMLTA8E&svrid=-14&flavor=post&vi=UMAAUFWBLMFHFJFAGMCUIGDFNPRNMVUS-0&modifiedSince=1680274279046&rf=https%3A%2F%2Feducel.com%2Fcommerz18%2F&bp=3&app=53cd4acc1b85e003&crc=1357445493&en=vsme09c4&end=1
Requested by
Host: kunden.commerzbank.de
URL: https://kunden.commerzbank.de/banking/dynatrace/ruxitagentjs_ICA27NVfqrux_10259230221142207.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.46.93.253 , United States, ASN22611 (INMOTION, US),
Reverse DNS
safesidewalks.webhostseattle.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
https://educel.com/commerz18/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 13 Apr 2023 10:05:12 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dT_ object| dtrum object| dynatrace string| webtrekkEnabled function| $ function| jQuery object| mrm object| cfs object| Modernizr function| yepnope object| cSmartBanner undefined| setBannerTags function| salReInitInputSpinners function| isGTMActive function| collectGTMData function| fillCID function| Class object| Tc function| _ object| jQuery112405515014965521565 object| Select2 function| CobaNewsList function| CobaNews boolean| consentPA

7 Cookies

Domain/Path Name / Value
educel.com/ Name: PHPSESSID
Value: 0f410e976de1b7630be616939345cd53
.educel.com/ Name: dtCookie
Value: v_4_srv_-2D14_sn_1S7QO98HCN9EKBFSAOQH484NVNMLTA8E
.educel.com/ Name: rxVisitor
Value: 1681380309523UGDJH23N3EL29RA822CJIGGBJ2SUADIJ
.educel.com/ Name: dtLatC
Value: 710
.educel.com/ Name: dtSa
Value: -
.educel.com/ Name: rxvt
Value: 1681382110524|1681380309525
.educel.com/ Name: dtPC
Value: -14$180309520_310h-vUMAAUFWBLMFHFJFAGMCUIGDFNPRNMVUS-0e0

3 Console Messages

Source Level URL
Text
network error URL: https://educel.com/portal/media/system/images/ico_fehler_png.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://educel.com/portal/media/anwendungen/apps/appstore/icon-512.png
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://educel.com/banking/dynatrace/rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683?type=js3&sn=v_4_srv_-2D14_sn_1S7QO98HCN9EKBFSAOQH484NVNMLTA8E&svrid=-14&flavor=post&vi=UMAAUFWBLMFHFJFAGMCUIGDFNPRNMVUS-0&modifiedSince=1680274279046&rf=https%3A%2F%2Feducel.com%2Fcommerz18%2F&bp=3&app=53cd4acc1b85e003&crc=1357445493&en=vsme09c4&end=1
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)