commerzbank.konto-phototan.app
Open in
urlscan Pro
172.67.159.68
Malicious Activity!
Public Scan
Submission: On July 02 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by WE1 on July 2nd 2024. Valid for: 3 months.
This is the only time commerzbank.konto-phototan.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 172.67.159.68 172.67.159.68 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 34.120.104.79 34.120.104.79 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200e | 15169 (GOOGLE) (GOOGLE) | |
6 | 2600:9000:224... 2600:9000:2247:c800:1c:66fa:7680:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
29 | 5 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.104.120.34.bc.googleusercontent.com
tp.commerzbank.de |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
execution.ci360.tpp.commerzbank.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
konto-phototan.app
commerzbank.konto-phototan.app |
294 KB |
9 |
commerzbank.de
tp.commerzbank.de — Cisco Umbrella Rank: 547002 execution.ci360.tpp.commerzbank.de — Cisco Umbrella Rank: 240531 |
306 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 |
21 KB |
29 | 3 |
Domain | Requested by | |
---|---|---|
19 | commerzbank.konto-phototan.app |
commerzbank.konto-phototan.app
|
6 | execution.ci360.tpp.commerzbank.de |
commerzbank.konto-phototan.app
execution.ci360.tpp.commerzbank.de |
3 | tp.commerzbank.de |
commerzbank.konto-phototan.app
|
1 | www.google-analytics.com |
commerzbank.konto-phototan.app
|
29 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.commerzbank.de |
kunden.commerzbank.de |
service.commerzbank.de |
cbportal.commerzbank.com |
bankenverband.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
konto-phototan.app WE1 |
2024-07-02 - 2024-09-30 |
3 months | crt.sh |
tp.commerzbank.de GlobalSign ECC OV SSL CA 2018 |
2023-11-16 - 2024-12-17 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
execution.ci360.tpp.commerzbank.de Amazon RSA 2048 M03 |
2023-09-17 - 2024-10-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://commerzbank.konto-phototan.app/
Frame ID: DC17E3FE4CECE24A11E53271827A8ECC
Requests: 31 HTTP requests in this frame
Screenshot
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Konzern
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Service
Search URL Search Domain Scan URL
Title: money mate
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Zugangsdaten vergessen?
Search URL Search Domain Scan URL
Title: Zugang gesperrt?
Search URL Search Domain Scan URL
Title: Zur Anmeldung im Firmenkundenportal
Search URL Search Domain Scan URL
Title: Hilfe zur photoTAN
Search URL Search Domain Scan URL
Title: Anleitung/Hilfe
Search URL Search Domain Scan URL
Title: Sicherheit
Search URL Search Domain Scan URL
Title: Angebliche Bank-Mitarbeiter erfragen Zugangsdaten
Search URL Search Domain Scan URL
Title: Enkeltrick 2.0: BetrĂ¼ger nutzen WhatsApp (bankenverband.de)
Search URL Search Domain Scan URL
Title: Warnung vor Phishing
Search URL Search Domain Scan URL
Title: AGB
Search URL Search Domain Scan URL
Title: Rechtliche Hinweise
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
commerzbank.konto-phototan.app/ |
551 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
tp.commerzbank.de/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
tp.commerzbank.de/gtag/ |
307 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
tp.commerzbank.de/ |
492 KB 111 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot-min.js
execution.ci360.tpp.commerzbank.de/js/ |
172 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1718805450737
execution.ci360.tpp.commerzbank.de/t/s/c/55cca7442f00010d1e64bd0a/ |
21 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
55cca7442f00010d1e64bd0a
execution.ci360.tpp.commerzbank.de/t/s/p/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot-api.min.js
execution.ci360.tpp.commerzbank.de/js/ |
70 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ruxitagentjs_ICA7NVfqrux_10287240325103108.js
commerzbank.konto-phototan.app/banking/dynatrace/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ust.min.js
commerzbank.konto-phototan.app/usertrack/server/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.css
commerzbank.konto-phototan.app/portal/media/system/41.203.28/css/ |
393 KB 117 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cms.css
commerzbank.konto-phototan.app/portal/media/system/41.203.28/css/ |
200 KB 89 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jQuery_3_5_1.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery_ui_1_13_2.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lib_head.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lib_smartbanner.js
commerzbank.konto-phototan.app/portal/media/system/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cmp_puk.js
commerzbank.konto-phototan.app/analytics/consent/v1/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gtm_integration_puk.js
commerzbank.konto-phototan.app/analytics/consent/v1/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot-all.min.js
execution.ci360.tpp.commerzbank.de/js/ |
21 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lupe.png
commerzbank.konto-phototan.app/portal/media/system/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_big_svg.svg
commerzbank.konto-phototan.app/portal/media/system/images/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lib_main.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lib_cms.js
commerzbank.konto-phototan.app/portal/media/system/41.203.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons_woff.woff
commerzbank.konto-phototan.app/portal/media/system/fonts/ |
40 KB 26 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
getIP.php
commerzbank.konto-phototan.app/usertrack/server/helpers/ |
22 B 546 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
55cca7442f00010d1e64bd0a
execution.ci360.tpp.commerzbank.de/t/s/c/ |
0 684 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
createClient.php
commerzbank.konto-phototan.app/usertrack/server/tracker/ |
41 B 600 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
commerzbank.konto-phototan.app/ |
1 KB 1 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| google_tag_data function| ga object| gaplugins object| UST_CT object| UST function| addDynamicEventListener string| webtrekkEnabled boolean| userIsLoggedIn object| ccb_cif function| reloadActualLocation number| gtmAreaCode object| CI360_TEILNEHMERNUMMER function| ci360 boolean| consentPA object| google_tag_manager object| dataLayer object| com_sas_ci_acs object| CryptoJS object| overrideDomain object| $ci360 boolean| ci360_config_called object| c3 function| overridePrototypes object| Hashcode object| GeneralBase64 object| Base64 function| getDecisionParams object| spotMap function| loadDoc function| extractValue object| dataTagToEventMap function| handleInjectResponse function| windowFocused function| windowBlured function| LocalQueue function| onYouTubeIframeAPIReady function| onYouTubePlayerReady string| ust_myIP5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
execution.ci360.tpp.commerzbank.de/ | Name: _SI_VS_3.55cca7442f00010d1e64bd0a Value: 6d7701b2b8cae656d2297aec |
|
execution.ci360.tpp.commerzbank.de/ | Name: _SI_VID_3.55cca7442f00010d1e64bd0a Value: 994faede3565c739afa9bdfd |
|
execution.ci360.tpp.commerzbank.de/ | Name: _SI_SID_3.55cca7442f00010d1e64bd0a Value: 6d7701b2b8cae656d2297aec.1719931852486.0 |
|
execution.ci360.tpp.commerzbank.de/ | Name: _SI_DID_3.55cca7442f00010d1e64bd0a Value: 456263fb-6049-33c3-b0b1-46471dbc6b34 |
|
execution.ci360.tpp.commerzbank.de/ | Name: AWSALBCORS Value: Q5EbSBnYyPPiyhyunS90cxBgHJWLaJg4ca+0HQ5PI/EfhlKr/pCdBI+w4pLinA/2Yl8mLMInBJzx/V0w8YyP9MGk934xJ8aNmITCKPnCbY92v3t4LOz5ijz9NgnN |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
commerzbank.konto-phototan.app
execution.ci360.tpp.commerzbank.de
tp.commerzbank.de
www.google-analytics.com
172.67.159.68
2600:9000:2247:c800:1c:66fa:7680:93a1
2a00:1450:4001:806::200e
34.120.104.79
09b6f6aa1ed0a329609b2b6a68f4f50e0e578624fccf1dc9954d6f8ad77c8b71
1846d3b4112a311e9fdf9c3644cb467953db7c3074a35f21c18f5fafa9de9f17
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
454c9a4cd8d9b36b5c46b8cf7c8bd0bae565721394fa0cbca86fda0f8340147f
490b0d73c63ee8b7b8c420abfd81282cde261aceeb14f7ec1081e4b63d3cdb9e
5c8c40f973a570ebbf958161d651efa1d84343d75fa99073b1adbe6f7cead33e
7c8c566128ad71a17e7f5c5242d72dec5d17ffe0386f3a4954f44f26b9837476
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
99b36df601a9d47afd8ad434edb2cae49683465b3847f0906eb1293761012cd4
9ef6b931df739ddad688a7f7f5b035a1deb4da74209be86c6dead7b6682d9605
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
c5d0e72d3ea893638261dbe7e230d111df6644ee735952c1bc1e6bd2930999d5
cfeb0d8de76be005e8cf7a41d4417c7a52071ed74eef1f7309f53aef5f3534dc
d4d192f11494d84bb24be0d54eac065a77a9ba762d9bc6faa5e4133d1817b065
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f30d5e75191cea452561164d91b2cd841723d37ad5ff41595e4571c017ba59b2
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358