commerzbank.konto-phototan.app Open in urlscan Pro
172.67.159.68  Malicious Activity! Public Scan

URL: https://commerzbank.konto-phototan.app/
Submission: On July 02 via manual from DE — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 29 HTTP transactions. The main IP is 172.67.159.68, located in United States and belongs to CLOUDFLARENET, US. The main domain is commerzbank.konto-phototan.app.
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time commerzbank.konto-phototan.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
19 172.67.159.68 13335 (CLOUDFLAR...)
3 34.120.104.79 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:224... 16509 (AMAZON-02)
29 5
Apex Domain
Subdomains
Transfer
19 konto-phototan.app
commerzbank.konto-phototan.app
294 KB
9 commerzbank.de
tp.commerzbank.de — Cisco Umbrella Rank: 547002
execution.ci360.tpp.commerzbank.de — Cisco Umbrella Rank: 240531
306 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
29 3
Domain Requested by
19 commerzbank.konto-phototan.app commerzbank.konto-phototan.app
6 execution.ci360.tpp.commerzbank.de commerzbank.konto-phototan.app
execution.ci360.tpp.commerzbank.de
3 tp.commerzbank.de commerzbank.konto-phototan.app
1 www.google-analytics.com commerzbank.konto-phototan.app
29 4
Subject Issuer Validity Valid
konto-phototan.app
WE1
2024-07-02 -
2024-09-30
3 months crt.sh
tp.commerzbank.de
GlobalSign ECC OV SSL CA 2018
2023-11-16 -
2024-12-17
a year crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
execution.ci360.tpp.commerzbank.de
Amazon RSA 2048 M03
2023-09-17 -
2024-10-15
a year crt.sh

This page contains 1 frames:

Primary Page: https://commerzbank.konto-phototan.app/
Frame ID: DC17E3FE4CECE24A11E53271827A8ECC
Requests: 31 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

655 kB
Transfer

2446 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
commerzbank.konto-phototan.app/
551 KB
47 KB
Document
General
Full URL
https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d192f11494d84bb24be0d54eac065a77a9ba762d9bc6faa5e4133d1817b065

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89cf735c4b4e911e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 14:50:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJTjj22kXbxZof6KmpONVegFhecQsWA%2F4rnoQ8HsVtDR5NP7IljB%2BwbEXDQhCkevXaaRYP%2BrCyVkkMRe0KbKnlPgm%2FM8Ei1L5QPIoan12ED1ugcNtIkkLacrYRdQIQCy4oM5bGreOLp0ygE32Uwo1L0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
analytics.js
tp.commerzbank.de/
52 KB
21 KB
Script
General
Full URL
https://tp.commerzbank.de/analytics.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.104.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.104.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Google Frontend
vary
accept-encoding
content-type
text/javascript
cache-control
public, max-age=7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jul 2024 16:50:52 GMT
js
tp.commerzbank.de/gtag/
307 KB
96 KB
Script
General
Full URL
https://tp.commerzbank.de/gtag/js?id=G-QFP34YGQQ6&l=dataLayer&cx=c&sign=294c87fbeda0e51550da7218b29af533891f20b3ae6ba617e8d6a6b4d81c7fe9_20240619
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.104.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.104.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
c5d0e72d3ea893638261dbe7e230d111df6644ee735952c1bc1e6bd2930999d5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
via
1.1 google
server
Google Frontend
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jul 2024 15:05:01 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jul 2024 13:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4191
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jul 2024 15:41:01 GMT
gtm.js
tp.commerzbank.de/
492 KB
111 KB
Script
General
Full URL
https://tp.commerzbank.de/gtm.js?id=GTM-PMKT8F
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.104.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.104.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5c8c40f973a570ebbf958161d651efa1d84343d75fa99073b1adbe6f7cead33e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 02 Jul 2024 12:00:00 GMT
server
Google Frontend
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jul 2024 15:05:21 GMT
ot-min.js
execution.ci360.tpp.commerzbank.de/js/
172 KB
41 KB
Script
General
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-min.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2247:c800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:43:11 GMT
content-encoding
gzip
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
MXP63-P2
age
461
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
content-disposition
inline;filename=f.txt
x-amz-cf-id
21rv9CJ53S9VXNik1v22LItyRHgij6T-fT_dxQbkAVukMOPZlna3hg==
1718805450737
execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a/
21 KB
5 KB
Script
General
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a/1718805450737?version=1.1.0&domain=kunden.commerzbank.de&p=%2Flp%2Flogin&params=CIF_Check%3Dtrue&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=https%3A%2F%2Fkunden.commerzbank.de%2Flp%2Flogin%3FCIF_Check%3Dtrue&requestedfile=%2Flp%2Flogin&cts=1718805450737&tzo=-180&platform=Win32&port=&protocol=https&flash_enabled=false&flash_version=&java_enabled=false&java_version=&screen_info=2560x1440@24&browser_language=en-US&character_set=UTF-8&csz=559574&bsz=2560x1305&tab_id=608707439858
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2247:c800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
99b36df601a9d47afd8ad434edb2cae49683465b3847f0906eb1293761012cd4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
MXP63-P2
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id
HYRS9YBgB5PkHZT-T6CALydrsyimxcCevIhXBPEQLvyV4SQkj1Wh_g==
55cca7442f00010d1e64bd0a
execution.ci360.tpp.commerzbank.de/t/s/p/
9 KB
2 KB
Script
General
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/p/55cca7442f00010d1e64bd0a?version=1.1.0&domain=kunden.commerzbank.de&p=%2Flp%2Flogin&params=CIF_Check%3Dtrue&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=https%3A%2F%2Fkunden.commerzbank.de%2Flp%2Flogin%3FCIF_Check%3Dtrue&requestedfile=%2Flp%2Flogin&platform=Win32&port=&protocol=https&browser_language=en-US&character_set=UTF-8
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2247:c800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
09b6f6aa1ed0a329609b2b6a68f4f50e0e578624fccf1dc9954d6f8ad77c8b71

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
MXP63-P2
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id
D0kkko3aeYQWJUIeuO1Ik7A8S4ih4gpGK1XUPSt771RYTj7gKNX1vg==
ot-api.min.js
execution.ci360.tpp.commerzbank.de/js/
70 KB
21 KB
Script
General
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-api.min.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2247:c800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7c8c566128ad71a17e7f5c5242d72dec5d17ffe0386f3a4954f44f26b9837476

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:43:21 GMT
content-encoding
gzip
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
MXP63-P2
age
451
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
content-disposition
inline;filename=f.txt
x-amz-cf-id
XCaUqx_YbL0DWle6bJs0utDFBObgFixu3wajZEgRbNAk3NBzWE5pog==
ruxitagentjs_ICA7NVfqrux_10287240325103108.js
commerzbank.konto-phototan.app/banking/dynatrace/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/banking/dynatrace/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tm93wIuzDBTtKMFeu7Fa0BZKuz9vGecMqr5xUs8oaFt5jt9MJbKsMAGWjRFqU7e1fyfL0xLHPecslLgzwQVR%2BVgypipYN%2FlIL%2FYea7N54%2FNjJTgpBAJaYMfwaoAi3XDAGrWoL%2BNZ%2BqKbfbvq37eTG4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cdc32911e-FRA
alt-svc
h3=":443"; ma=86400
ust.min.js
commerzbank.konto-phototan.app/usertrack/server/
22 KB
7 KB
Script
General
Full URL
https://commerzbank.konto-phototan.app/usertrack/server/ust.min.js?v=3.4.4
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1846d3b4112a311e9fdf9c3644cb467953db7c3074a35f21c18f5fafa9de9f17

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Jul 2024 09:15:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5891-61c40286172c1-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYqaTRCVhxk8nYxGzaTa8cq357O4t6dOX%2FLN%2BN3sIQcOaQFNqD2Us%2FjqnrycNJ90%2BnaxEEHLiVc0M%2BVTXSKWEKqxwG8MEgBL7DJv1dPLGdxou1spKFH%2FKz6oCoKs1JzirDC6abRndp1zK4BLZPD%2BIJU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
cf-ray
89cf735cec4d911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
7068
main.css
commerzbank.konto-phototan.app/portal/media/system/41.203.28/css/
393 KB
117 KB
Stylesheet
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/css/main.css
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 13:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4557
etag
"6224e-61bf349d59180-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lXXxPG3gm%2FXYV1pXKQ044RJWZFLhbw9Rm5HO%2BDI9m2sPWfHB8jVX06kUgTl8CgdIeBUymIZUYf2YaJ2UxhCZx1caPDki6wB2sE3ANdwMJEz4%2BQ5tGgy3kKLNWwwY6tZzA9LiBahtjfnCf0paOjeuwCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89cf735cdc38911e-FRA
alt-svc
h3=":443"; ma=86400
cms.css
commerzbank.konto-phototan.app/portal/media/system/41.203.28/css/
200 KB
89 KB
Stylesheet
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/css/cms.css
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 13:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7042
etag
"32190-61bf349d59180-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYjJYzNPX8uDu%2BFvbOHYEt1yVrS%2FspOll7u6%2BSZ8sXWCWqaLJxdRZ3cViucZFPicJUcuBo7KlQ4u1XlBlf6NgPKhYEQhOKkOy1YJ3eU2g9ysntzLYqdYAZD7JPmfFJDivvpSo8NiQDzROWYZtAVtCL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
89cf735cdc3d911e-FRA
alt-svc
h3=":443"; ma=86400
jQuery_3_5_1.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/jQuery_3_5_1.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=do%2FbiZHk0Nm7H4ZXrEdOhTSw%2By41l%2BdGEkWe1ZnppJd3NqUkFoa7YPirsOqWjWoOYaKGP0GM2SwM5eQQnNAPDbTmLs1lp7nrqvRrL9d1%2BYkLrYXUdBxlAQq32K%2FO0vz26iS7CQJdoDw5MGxFoHvmX08%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cdc40911e-FRA
alt-svc
h3=":443"; ma=86400
jquery_ui_1_13_2.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/jquery_ui_1_13_2.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2c8qz6eZIpo68dXttCPM1RgVJaaz39McxVtaVwDZM%2Bk%2FUhlBi3b4ApzodQRpK819k5%2F5y2xtZIWQZl9kRx6%2BEqBEBE84rmWt%2Fyv9jJm4uZJfjcGcLCIT0h%2BgYaijtHeBoBB%2BExx9Iuqd8nnTBLQnejA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cdc43911e-FRA
alt-svc
h3=":443"; ma=86400
lib_head.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/lib_head.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mPI%2FLScGFl81FiVmoSjoMyHCkMglL1Mct5aMC7w5MtpJCGgKbi%2FntMo846imH0JvjBcd%2F%2B%2BXEs6nN8YfKv0UHikU6j4nfhdNIgKgE07SGf1ZHe9f38wrnMvuEl8u%2BQbSnTXkzkg4KhMKKb7Uk5s%2BKek%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cdc45911e-FRA
alt-svc
h3=":443"; ma=86400
lib_smartbanner.js
commerzbank.konto-phototan.app/portal/media/system/js/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/js/lib_smartbanner.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYXih6a55Px1W0vzCMSrGrtzNS1n7kgyulsNK49gTEwQI3c8meIqjN%2Bc7c%2FRjPIKcGd5bLjjgZ8ldLsRAhhHi%2BLa4b7Ls23p6zHy4b6toOO7W%2FH3DNpvFXviDyvuQ%2BJNi%2BlY1%2FMS431lz%2BC1aOLBYaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cdc47911e-FRA
alt-svc
h3=":443"; ma=86400
cmp_puk.js
commerzbank.konto-phototan.app/analytics/consent/v1/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/analytics/consent/v1/cmp_puk.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oIYYtcK5TqKNt79NfnTQjfNTwF9eFLWJyMOAZM1J%2B9%2FliqsRE6US7Td50D2hux34E%2B1CkSj4d%2FkJzqpHbcLPJWweLr46o362sD0Ac5GzbGQDCFZOhX7RCd4hah6S31DU26LQED5n0BqqHIjWNKgw6Jc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cdc4a911e-FRA
alt-svc
h3=":443"; ma=86400
gtm_integration_puk.js
commerzbank.konto-phototan.app/analytics/consent/v1/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/analytics/consent/v1/gtm_integration_puk.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJmXzxbSaxiLysWrlvgOinknbuIFI%2FRzDL1es1r5To00aG9HBa9eYVGMQ1OGcPWXvgZSv%2BPx21kqeJcVBwPdZBgVkYS6ONndyZM%2Fdirj4tyeQpu%2Bzw5Xs9yfD%2BMoJ%2B3ZoTRxzzh%2Bbd%2FFmCxSjhhDN1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cfc65911e-FRA
alt-svc
h3=":443"; ma=86400
ot-all.min.js
execution.ci360.tpp.commerzbank.de/js/
21 KB
9 KB
Script
General
Full URL
https://execution.ci360.tpp.commerzbank.de/js/ot-all.min.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2247:c800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Origin
https://commerzbank.konto-phototan.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:43:33 GMT
content-encoding
gzip
via
1.1 e31789b52c3bffe83f120731f2480f30.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
MXP63-P2
age
439
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1800
access-control-allow-credentials
true
content-disposition
inline;filename=f.txt
x-amz-cf-id
YL4-Ln0NvCnafk06ZJNiaIxPyg-mDPxdhdjaa6kiuiFhwzQp3b3e5g==
lupe.png
commerzbank.konto-phototan.app/portal/media/system/images/
1 KB
2 KB
Image
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/images/lupe.png
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 13:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4557
etag
"51c-61bf349d59180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9L9pI1M%2F%2FT3YaDPmiWhlkK0TEuJaBe7GsfSQRReNj4d74TEeMNYjo9uzZIsLArEAf49rUg3bxcquU6a6FTId70LsMZnxye%2Bouu%2Fl5LwlT3VZ0%2BB%2BJYF0egFaSI%2BLqNtGAOOqgVXW0NltVhEoes4XX4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89cf735cfc68911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
1308
logo_big_svg.svg
commerzbank.konto-phototan.app/portal/media/system/images/
10 KB
3 KB
Image
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/images/logo_big_svg.svg
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 13:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4557
etag
W/"2658-61bf349d59180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mxVMHaDI9Pl1zzKrDECxBBIgWsBSkwnXdlnO5wXh61rEZCchJoYuP7rDUC38dRnmbCleYh%2BGtGkyWclBMXg0JHZE%2B84jJhk%2BFDZJBniZyG58RCmuBAX%2BK7KV2ol7NSl6oYvDYCGsEDVKc8e%2Bam4817M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
89cf735cfc6a911e-FRA
alt-svc
h3=":443"; ma=86400
lib_main.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/lib_main.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=toNy8Nj57mo%2FYkGBFkRonnIrKukdqlknxre24eK2MEjFgdwe8fHJ6PJbOHpLdM4%2FPneCuCzRr0VRgLQye8jSkr4psWA1dAw0cDxmHT7Jl7PPc1CyWVTQonAKjzk%2BjyvL0GkFiReG5no6QU0wz1LXf5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cfc6b911e-FRA
alt-svc
h3=":443"; ma=86400
lib_cms.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/
0
0
Script
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/lib_cms.js
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FA42fZWRfpSCK53HR%2FbLQ2eJCWwIkfsxq0VZtOPWvfS3DDt2S6rwLBDRztvLFvEX8WTzYdbgm%2Bg056APX8ixG%2B%2BwHq8Jm5kbuHDU7pff6Om9%2Fwkb%2FW3jE1vgAly%2FBt1s%2FTm37Nv55ip4WBr3mEg3LYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
89cf735cfc6f911e-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer
Origin
https://commerzbank.konto-phototan.app
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff
icons_woff.woff
commerzbank.konto-phototan.app/portal/media/system/fonts/
40 KB
26 KB
Font
General
Full URL
https://commerzbank.konto-phototan.app/portal/media/system/fonts/icons_woff.woff
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/css/main.css
Origin
https://commerzbank.konto-phototan.app
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 13:33:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4557
etag
W/"9e84-61bf349d59180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GeSYzzkfqo47nulxnxUDhykCP8N0NKZtsBsiI5k%2FZcLFH5agb103dyhP7H6od2qLDswscvHIjNDIJTigoTiXy0Biu5ER3n6LvkowpoH%2FRQ6LBkRMvNQGWlUhePJgBLgHJdmzvacTbeQGzOmljRt1tDk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
cf-ray
89cf735dbd81911e-FRA
alt-svc
h3=":443"; ma=86400
truncated
/
17 KB
17 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0

Request headers

Referer
Origin
https://commerzbank.konto-phototan.app
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff
getIP.php
commerzbank.konto-phototan.app/usertrack/server/helpers/
22 B
546 B
Script
General
Full URL
https://commerzbank.konto-phototan.app/usertrack/server/helpers/getIP.php
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/usertrack/server/ust.min.js?v=3.4.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454c9a4cd8d9b36b5c46b8cf7c8bd0bae565721394fa0cbca86fda0f8340147f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24brH952PaTHj2fsVTVFEPsV1%2FnVJk8jukA3wF%2FFHaSMcf8QBAf4apVL7rYRVs2rUWvNijNf0ZkoZ7%2FXJ1nvyfwxWASj4bCIcbvpXT8kmY2Rj%2Fc%2FSng6Ln2orFYMGJ2BuFiIeRMs%2BTP13jLBctV5Hbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
89cf735dcd8f911e-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Jan 1984 05:00:00 GMT
55cca7442f00010d1e64bd0a
execution.ci360.tpp.commerzbank.de/t/s/c/
0
684 B
XHR
General
Full URL
https://execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a?domain=commerzbank.konto-phototan.app&p=%2F&params=&page_title=Anmeldung%20zum%20Digital%20Banking%20-%20Commerzbank&referrer=&uri=https%3A%2F%2Fcommerzbank.konto-phototan.app%2F&cts=1719931852455&tzo=-120&platform=Win32&port=&protocol=https&screen_info=1600x1200@24&browser_language=de-DE&character_set=UTF-8&csz=563356&bsz=1600x1200&tab_id=866765945255&java_enabled=false&flash_enabled=false
Requested by
Host: execution.ci360.tpp.commerzbank.de
URL: https://execution.ci360.tpp.commerzbank.de/js/ot-api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2247:c800:1c:66fa:7680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
sas-service-response-flag
true
x-amz-cf-pop
MXP63-P2
x-cache
Miss from cloudfront
access-control-allow-origin
https://commerzbank.konto-phototan.app
access-control-allow-credentials
true
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
content-length
0
x-amz-cf-id
TABYJvefdcnB3UejCcz9SSgUuElwPrbJ7Z1XD4uc5e90h8bmeOFqYA==
createClient.php
commerzbank.konto-phototan.app/usertrack/server/tracker/
41 B
600 B
XHR
General
Full URL
https://commerzbank.konto-phototan.app/usertrack/server/tracker/createClient.php
Requested by
Host: commerzbank.konto-phototan.app
URL: https://commerzbank.konto-phototan.app/usertrack/server/ust.min.js?v=3.4.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef6b931df739ddad688a7f7f5b035a1deb4da74209be86c6dead7b6682d9605

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-max-age
1000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0KxfMge4Qn7eTiEkM%2BHiHlF%2BCQ47CuKg1PCPLO%2B8%2B0NFZQxwPpk6zqDrT0jFdJGtein9ZIen8BQt2fRotCToLp5ZlZYFt%2BlLkp4hjmerZLl47szQ%2BwugyX%2BZAmdItJL6rysXHaKAqe79KYRaEIvrVU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
89cf735e1e02911e-FRA
access-control-allow-headers
Content-Type
expires
Wed, 11 Jan 1984 05:00:00 GMT
favicon.ico
commerzbank.konto-phototan.app/
1 KB
1 KB
Other
General
Full URL
https://commerzbank.konto-phototan.app/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://commerzbank.konto-phototan.app/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Jul 2024 09:08:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4556
etag
W/"6683c376-47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zMuJdHv4v8LZsbIMJvoiiWBEEvyATugL8w5I82LmLBTMDkQwSt4faeQucb3TBYO17OIOZg%2B6GUPBC7TzPF8kSIx%2F1njQuQJbKPWf2iVtAnkaV%2FvzGtZ%2BpwMeWIAVJO1lLgVL%2FBy5e4kt7SetqTofJFw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
89cf735eef4e911e-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| google_tag_data function| ga object| gaplugins object| UST_CT object| UST function| addDynamicEventListener string| webtrekkEnabled boolean| userIsLoggedIn object| ccb_cif function| reloadActualLocation number| gtmAreaCode object| CI360_TEILNEHMERNUMMER function| ci360 boolean| consentPA object| google_tag_manager object| dataLayer object| com_sas_ci_acs object| CryptoJS object| overrideDomain object| $ci360 boolean| ci360_config_called object| c3 function| overridePrototypes object| Hashcode object| GeneralBase64 object| Base64 function| getDecisionParams object| spotMap function| loadDoc function| extractValue object| dataTagToEventMap function| handleInjectResponse function| windowFocused function| windowBlured function| LocalQueue function| onYouTubeIframeAPIReady function| onYouTubePlayerReady string| ust_myIP

5 Cookies

Domain/Path Name / Value
execution.ci360.tpp.commerzbank.de/ Name: _SI_VS_3.55cca7442f00010d1e64bd0a
Value: 6d7701b2b8cae656d2297aec
execution.ci360.tpp.commerzbank.de/ Name: _SI_VID_3.55cca7442f00010d1e64bd0a
Value: 994faede3565c739afa9bdfd
execution.ci360.tpp.commerzbank.de/ Name: _SI_SID_3.55cca7442f00010d1e64bd0a
Value: 6d7701b2b8cae656d2297aec.1719931852486.0
execution.ci360.tpp.commerzbank.de/ Name: _SI_DID_3.55cca7442f00010d1e64bd0a
Value: 456263fb-6049-33c3-b0b1-46471dbc6b34
execution.ci360.tpp.commerzbank.de/ Name: AWSALBCORS
Value: Q5EbSBnYyPPiyhyunS90cxBgHJWLaJg4ca+0HQ5PI/EfhlKr/pCdBI+w4pLinA/2Yl8mLMInBJzx/V0w8YyP9MGk934xJ8aNmITCKPnCbY92v3t4LOz5ijz9NgnN

10 Console Messages

Source Level URL
Text
network error URL: https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/jQuery_3_5_1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://commerzbank.konto-phototan.app/analytics/consent/v1/cmp_puk.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://commerzbank.konto-phototan.app/portal/media/system/js/lib_smartbanner.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://commerzbank.konto-phototan.app/banking/dynatrace/ruxitagentjs_ICA7NVfqrux_10287240325103108.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/jquery_ui_1_13_2.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/lib_head.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/lib_main.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://commerzbank.konto-phototan.app/analytics/consent/v1/gtm_integration_puk.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/lib_cms.js
Message:
Failed to load resource: the server responded with a status of 404 ()
deprecation warning URL: https://execution.ci360.tpp.commerzbank.de/js/ot-min.js(Line 61)
Message:
Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

commerzbank.konto-phototan.app
execution.ci360.tpp.commerzbank.de
tp.commerzbank.de
www.google-analytics.com
172.67.159.68
2600:9000:2247:c800:1c:66fa:7680:93a1
2a00:1450:4001:806::200e
34.120.104.79
09b6f6aa1ed0a329609b2b6a68f4f50e0e578624fccf1dc9954d6f8ad77c8b71
1846d3b4112a311e9fdf9c3644cb467953db7c3074a35f21c18f5fafa9de9f17
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
454c9a4cd8d9b36b5c46b8cf7c8bd0bae565721394fa0cbca86fda0f8340147f
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e
5c8c40f973a570ebbf958161d651efa1d84343d75fa99073b1adbe6f7cead33e
7c8c566128ad71a17e7f5c5242d72dec5d17ffe0386f3a4954f44f26b9837476
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
99b36df601a9d47afd8ad434edb2cae49683465b3847f0906eb1293761012cd4
9ef6b931df739ddad688a7f7f5b035a1deb4da74209be86c6dead7b6682d9605
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
c5d0e72d3ea893638261dbe7e230d111df6644ee735952c1bc1e6bd2930999d5
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
d4d192f11494d84bb24be0d54eac065a77a9ba762d9bc6faa5e4133d1817b065
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358