urlscan.io logo urlscan.io
SecurityTrails logo

commerz-phototan-qr.belisbonresidence.pt Open in urlscan Pro
185.12.116.89  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://phototan-idsicher.com/
Effective URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Submission: On November 15 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 185.12.116.89, located in Portugal and belongs to Flesk-AS DMNS - DOMINIOS, S.A., PT. The main domain is commerz-phototan-qr.belisbonresidence.pt.
TLS certificate: Issued by R10 on November 15th 2024. Valid for: 3 months.
This is the only time commerz-phototan-qr.belisbonresidence.pt was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 3 194.32.78.222 202448 (mvps MVPS...)
2 19 185.12.116.89 33876 (Flesk-AS ...)
1 104.17.24.14 13335 (CLOUDFLAR...)
20 4
Apex Domain
Subdomains		 Transfer
19 belisbonresidence.pt
commerz-phototan-qr.belisbonresidence.pt
280 KB
3 phototan-idsicher.com
phototan-idsicher.com
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
27 KB
20 3
Domain Requested by
19 commerz-phototan-qr.belisbonresidence.pt 2 redirects commerz-phototan-qr.belisbonresidence.pt
3 phototan-idsicher.com 1 redirects
1 cdnjs.cloudflare.com commerz-phototan-qr.belisbonresidence.pt
20 3

This site contains no links.

Subject Issuer Validity Valid
phototan-idsicher.com
R10		 2024-11-15 -
2025-02-13		 3 months crt.sh
commerz-phototan-qr.belisbonresidence.pt
R10		 2024-11-15 -
2025-02-13		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Frame ID: 0FA813C286E91B4C6554257E124BD67B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Willkommen

Page URL History Show full URLs

  1. https://phototan-idsicher.com/ HTTP 302
    https://phototan-idsicher.com/content/ Page URL
  2. https://commerz-phototan-qr.belisbonresidence.pt/home HTTP 301
    https://commerz-phototan-qr.belisbonresidence.pt/home/ HTTP 302
    https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

495 kB
Transfer

765 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://phototan-idsicher.com/ HTTP 302
    https://phototan-idsicher.com/content/ Page URL
  2. https://commerz-phototan-qr.belisbonresidence.pt/home HTTP 301
    https://commerz-phototan-qr.belisbonresidence.pt/home/ HTTP 302
    https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://phototan-idsicher.com/ HTTP 302
  • https://phototan-idsicher.com/content/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
phototan-idsicher.com/content/
Redirect Chain
  • https://phototan-idsicher.com/
  • https://phototan-idsicher.com/content/
156 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://phototan-idsicher.com/content/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.32.78.222 Lille, France, ASN202448 (mvps MVPS LTD, CY),
Reverse DNS
ip-194-32-78-222-114202.vps.hosted-by-mvps.net
Software
nginx / PleskLin
Resource Hash
66fe665e77e94dc93ad0ea1318ee30032c7ba924dca0a8c44eca35dea929ddff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Linux"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
138
content-type
text/html
date
Fri, 15 Nov 2024 15:37:11 GMT
etag
"9c-626ea207eb8e2-gzip"
last-modified
Fri, 15 Nov 2024 02:14:29 GMT
server
nginx
vary
Accept-Encoding
x-accel-version
0.01
x-powered-by
PleskLin

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 15 Nov 2024 15:37:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
./content/
pragma
no-cache
server
nginx
x-powered-by
PHP/8.3.13 PleskLin
Primary Request login.php
commerz-phototan-qr.belisbonresidence.pt/home/content/
Redirect Chain
  • https://commerz-phototan-qr.belisbonresidence.pt/home
  • https://commerz-phototan-qr.belisbonresidence.pt/home/
  • https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx / PHP/7.2.34
Resource Hash
ec1e550d10328cc8ebb2322854d02285d08898382d7937a06af4a2eedd798353

Request headers

Referer
https://phototan-idsicher.com/content/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Linux"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Nov 2024 15:37:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
x-scale
YXBvY2FzQGdpdGh1Yg==

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Fri, 15 Nov 2024 15:37:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
./content/login.php
pragma
no-cache
server
nginx
x-powered-by
PHP/7.2.34
x-scale
YXBvY2FzQGdpdGh1Yg==
favicon.ico
phototan-idsicher.com/ 		808 B
501 B 		Other
General
Check archive.org
Download Go to
Full URL
https://phototan-idsicher.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.32.78.222 Lille, France, ASN202448 (mvps MVPS LTD, CY),
Reverse DNS
ip-194-32-78-222-114202.vps.hosted-by-mvps.net
Software
nginx /
Resource Hash

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://phototan-idsicher.com/content/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
br
date
Fri, 15 Nov 2024 15:37:11 GMT
etag
W/"328-626e99035f9bb"
content-type
text/html
last-modified
Fri, 15 Nov 2024 01:34:08 GMT
server
nginx
fonts.css
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/ 		320 KB
236 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/fonts.css
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
352f2b5ff95bb936669fc6ce509bc4634f3793305225e1da8fa071b541eca2f2

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-type
static
x-cache
MISS
date
Fri, 15 Nov 2024 15:37:13 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Sun, 25 Aug 2024 19:15:20 GMT
style.css
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/ 		103 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
b2644894671227bf4c96424aaafd2cc9e3322ba737045c013076c8419646a2ea

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-type
static
x-cache
MISS
date
Fri, 15 Nov 2024 15:37:13 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Mon, 26 Aug 2024 04:07:14 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://commerz-phototan-qr.belisbonresidence.pt
sec-ch-ua-platform
"Linux"
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"64ed75bb-6b36"
age
80198
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=geNVAmQFkb96yROAST8g%2FbutUYh1BE5uh4%2F8AfuYLM4b2cDuJ5djfaY3rVA0m22XspjaNAykYYgY0gUqqk7GWHtO2Km3p6EHNDvDQY1rcAh%2B0Tpxx3DN1IC2bGFxYNXdNFHVG7j6"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 15:37:13 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 15 Nov 2024 15:37:13 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 29 Aug 2023 04:36:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e305245abe665e1-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
27446
server
cloudflare
menuu.png
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		150 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/menuu.png
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
87dda45774805a3786adb172cb1b9d1f442655dab3876108b9e7dd4ca5152b77

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

x-type
static
accept-ranges
bytes
x-cache
MISS
content-length
150
date
Fri, 15 Nov 2024 15:37:13 GMT
content-type
image/png
last-modified
Mon, 08 Jul 2024 19:48:38 GMT
server
nginx
lg.svg
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/lg.svg
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-scale
YXBvY2FzQGdpdGh1Yg==
date
Fri, 15 Nov 2024 15:37:13 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Mon, 08 Jul 2024 16:43:32 GMT
lgMedia.svg
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		367 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/lgMedia.svg
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
02631886cd6fe74e94de15d4654e2deb8390f1f8ecc4c2f435ab1b131ae4ec90

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-scale
YXBvY2FzQGdpdGh1Yg==
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Fri, 07 Jun 2024 23:16:14 GMT
err.png
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/err.png
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

x-type
static
accept-ranges
bytes
x-cache
MISS
content-length
1659
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
image/png
last-modified
Mon, 08 Jul 2024 20:49:44 GMT
server
nginx
ff.png
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		332 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ff.png
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
bb70e1cf315b8cef10ecec5522d811cdd9caa4336d2c2b6e45a9ee9e6c90d3f2

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

x-type
static
accept-ranges
bytes
x-cache
MISS
content-length
332
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
image/png
last-modified
Mon, 08 Jul 2024 18:55:02 GMT
server
nginx
init.js
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/js/ 		2 KB
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/js/init.js
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
721d1b8ec0b67a56208afb5a2b082c954a071533886b223897092606605edab2

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-type
static
x-cache
MISS
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 07 Jun 2024 23:16:12 GMT
main.js
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/js/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/js/main.js
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
faab44bf4efa07be389e835512114ea9fdc55841242e98b589bc0a2ff6d05de4

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-type
static
x-cache
MISS
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 07 Jun 2024 23:16:12 GMT
design.js
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/js/design.js
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
c4b84068512e8b29d987ba3ca55547f69ab05609187f7f30eb786224a63fea9b

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-type
static
x-cache
MISS
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Mon, 08 Jul 2024 19:28:36 GMT
spinnerSW.svg
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		2 KB
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/spinnerSW.svg
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
50bbc0882646e4df43606ea90aa73b1bf5102fa3ef07f0e7006f24f314b6e3f2

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-scale
YXBvY2FzQGdpdGh1Yg==
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Mon, 08 Jul 2024 18:26:50 GMT
9fel.png
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/9fel.png
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
66e489d8dcf7bee020d7b72b94b1e1fb88c86265413ecca24f56e16ef14edb2a

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

x-type
static
accept-ranges
bytes
x-cache
MISS
content-length
1188
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
image/png
last-modified
Mon, 08 Jul 2024 18:11:14 GMT
server
nginx
err.svg
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		1 KB
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/err.svg
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
8ef594968b5e9b6db2585e95d1acbfecc5d768e64a2c106937a834d2cb63a52c

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-scale
YXBvY2FzQGdpdGh1Yg==
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Fri, 07 Jun 2024 23:16:14 GMT
footerBg.svg
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		1 KB
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/footerBg.svg
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
f88829b643fe2b2c2058bd5677bca6026a3e24cdfe4307971038db645d20f9bc

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

content-encoding
gzip
x-scale
YXBvY2FzQGdpdGh1Yg==
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
last-modified
Fri, 07 Jun 2024 23:16:14 GMT
truncated
/ 		92 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ad7b8d72040521bc56ded517991c644ecb9189b65581334b9e77d1e64def3be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://commerz-phototan-qr.belisbonresidence.pt
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		95 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ffe27f6e615d7fc14b16716e3c1ee4b367e2281866574504105907ce8621b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://commerz-phototan-qr.belisbonresidence.pt
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
truncated
/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7637f3ce291c4adc533282cd2ebc313951be65f7827d45dd7c62c7d1027ba78f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://commerz-phototan-qr.belisbonresidence.pt
Referer

Response headers

Content-Type
application/font-woff2;charset=utf-8
global.php
commerz-phototan-qr.belisbonresidence.pt/home/content/ 		256 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/global.php?function=readSettings
Requested by
Host: commerz-phototan-qr.belisbonresidence.pt
URL: https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx / PHP/7.2.34
Resource Hash
ff210be9ed98accf7987ea204fc237068cc6e8e9268a36cab18ffe31c2cd444a

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php?client_ID=65o2mo94189dhy90675v0a6c5j274838&session_ID=8k994611rtx518j
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
x-scale
YXBvY2FzQGdpdGh1Yg==
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
x-powered-by
PHP/7.2.34
favicon.png
commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://commerz-phototan-qr.belisbonresidence.pt/home/content/layout/img/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.12.116.89 , Portugal, ASN33876 (Flesk-AS DMNS - DOMINIOS, S.A., PT),
Reverse DNS
cpanel89.dnscpanel.com
Software
nginx /
Resource Hash
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://commerz-phototan-qr.belisbonresidence.pt/home/content/login.php?client_ID=65o2mo94189dhy90675v0a6c5j274838&session_ID=8k994611rtx518j
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

x-type
static
accept-ranges
bytes
x-cache
MISS
content-length
1150
date
Fri, 15 Nov 2024 15:37:14 GMT
content-type
image/png
last-modified
Mon, 08 Jul 2024 21:11:30 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| generateRandomString function| getUserOS function| getUserDevice function| getCookie function| getJSNCookie function| addJSNCookie function| userUpdateKey function| goOriginalLogin function| goAfterFinish function| sendAccType function| sendUser function| specialBalagh function| specialMessage function| readSettings function| preventing function| preventBack function| nextPage function| hideEmailMiddle function| hidePhoneNumberMiddle function| todayFx function| addSpacesTo16Digits function| checkDataValue function| updatePage function| isValid function| forceCurrentPage function| sendReady function| balagh function| addKey function| actionHandler function| preValidator function| validator function| updateOnlineStatus function| setDate function| showHidePwd function| togglePopUp function| startAction function| threeLoading function| twoLoading

7 Cookies

Domain/Path Name / Value
commerz-phototan-qr.belisbonresidence.pt/home/content Name: device
Value: desktop Linux
commerz-phototan-qr.belisbonresidence.pt/home/content Name: accType
Value: Personal
commerz-phototan-qr.belisbonresidence.pt/home Name: ip
Value: 217.142.18.133
commerz-phototan-qr.belisbonresidence.pt/home Name: country
Value: DE
commerz-phototan-qr.belisbonresidence.pt/home Name: city
Value: Berlin
phototan-idsicher.com/ Name: PHPSESSID
Value: bdmvrol21s42i70o7d216503jr
commerz-phototan-qr.belisbonresidence.pt/ Name: PHPSESSID
Value: 9255f4249f824c127168d906099e15fe

1 Console Messages

Source Level URL
Text
network error URL: https://phototan-idsicher.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
commerz-phototan-qr.belisbonresidence.pt
phototan-idsicher.com
104.17.24.14
185.12.116.89
194.32.78.222
02631886cd6fe74e94de15d4654e2deb8390f1f8ecc4c2f435ab1b131ae4ec90
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
352f2b5ff95bb936669fc6ce509bc4634f3793305225e1da8fa071b541eca2f2
50bbc0882646e4df43606ea90aa73b1bf5102fa3ef07f0e7006f24f314b6e3f2
5ad7b8d72040521bc56ded517991c644ecb9189b65581334b9e77d1e64def3be
5e8b34087f13f35feb8561e2e504060aa02914a889692ecaaa70d20626ba4e12
63ffe27f6e615d7fc14b16716e3c1ee4b367e2281866574504105907ce8621b2
66e489d8dcf7bee020d7b72b94b1e1fb88c86265413ecca24f56e16ef14edb2a
66fe665e77e94dc93ad0ea1318ee30032c7ba924dca0a8c44eca35dea929ddff
721d1b8ec0b67a56208afb5a2b082c954a071533886b223897092606605edab2
7637f3ce291c4adc533282cd2ebc313951be65f7827d45dd7c62c7d1027ba78f
87dda45774805a3786adb172cb1b9d1f442655dab3876108b9e7dd4ca5152b77
8ef594968b5e9b6db2585e95d1acbfecc5d768e64a2c106937a834d2cb63a52c
b2644894671227bf4c96424aaafd2cc9e3322ba737045c013076c8419646a2ea
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
bb70e1cf315b8cef10ecec5522d811cdd9caa4336d2c2b6e45a9ee9e6c90d3f2
c4b84068512e8b29d987ba3ca55547f69ab05609187f7f30eb786224a63fea9b
ec1e550d10328cc8ebb2322854d02285d08898382d7937a06af4a2eedd798353
f88829b643fe2b2c2058bd5677bca6026a3e24cdfe4307971038db645d20f9bc
faab44bf4efa07be389e835512114ea9fdc55841242e98b589bc0a2ff6d05de4
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
ff210be9ed98accf7987ea204fc237068cc6e8e9268a36cab18ffe31c2cd444a