meinecommerzbank-phototan.com.de Open in urlscan Pro
2606:4700:3033::ac43:ddc9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://meinecommerzbank-phototan.com.de/
Effective URL:
https://meinecommerzbank-phototan.com.de/pages
Submission: On April 28 via api (April 28th 2023, 6:01:37 am UTC) from DE — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3033::ac43:ddc9, located in United States and belongs to CLOUDFLARENET, US. The main domain is meinecommerzbank-phototan.com.de.
TLS certificate: Issued by E1 on April 27th 2023. Valid for: 3 months.

This is the only time meinecommerzbank-phototan.com.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1 14	2606:4700:303... 2606:4700:3033::ac43:ddc9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

14 2606:4700:3033::ac43:ddc9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

meinecommerzbank-phototan.com.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	com.de 1 redirects meinecommerzbank-phototan.com.de	302 KB
13	1

	Domain	Requested by
14	meinecommerzbank-phototan.com.de	1 redirects meinecommerzbank-phototan.com.de
13	1

This site contains links to these domains. Also see Links.

Domain
kunden.commerzbank.de

Subject Issuer	Validity	Valid
meinecommerzbank-phototan.com.de E1	`2023-04-27` - `2023-07-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://meinecommerzbank-phototan.com.de/pages
Frame ID: 010EB0CA51AD7A7D95191104060BC6C0
Requests: 13 HTTP requests in this frame

Frame: https://meinecommerzbank-phototan.com.de/front_end/front_end_files/cdcs-iframe-index.html
Frame ID: 4D922DF7FB9ADC31E4618A0764A6B7EE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung zum Digital Banking - Commerzbank

Page URL History Show full URLs

https://meinecommerzbank-phototan.com.de/ HTTP 302
https://meinecommerzbank-phototan.com.de/pages Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

335 kB
Transfer

1058 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://kunden.commerzbank.de/wpfe/securitiestransactionoverview?pk
Title: Wertpapierumsätze

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://meinecommerzbank-phototan.com.de/ HTTP 302
https://meinecommerzbank-phototan.com.de/pages Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pages Show response
meinecommerzbank-phototan.com.de/
Redirect Chain

https://meinecommerzbank-phototan.com.de/
https://meinecommerzbank-phototan.com.de/pages

257 KB
32 KB

61ms
60ms

Document
text/html

2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.28

Resource Hash

996986767d49fd16822494d63b2f387ca6eefa85c562171d2fa41753e1fbd100

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7bed175d8f4235f4-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 06:01:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GZ%2FQIy9%2F4AHTARChE4jjllIDdzenHTTu7qCUIgoXNTjqLPCOh7Miy8eY2sY7VNy%2FyYN8EHs2vaalvMH%2ByCvNb4Q3LA0v%2BuEReQQgmIaij%2B7KT5iCeritN3h62YEi7hrY3OmwjShLt2xu5fZQeOTulodCPF8sSWuEwt%2BhpL26w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.0.28
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7bed175d1ed935f4-FRA
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 28 Apr 2023 06:01:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://meinecommerzbank-phototan.com.de/pages
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ik0GOSNp2oj1XUaIAUfEgSKPKOWg4XIORj7auiM1tLskSQ3btwSkvr%2ByJsJ9HvgLm7en8VsEzmyKVLUxBTvKYqC6MD9tA3CaYjHgjqsGHezTUFYjwtbZwkdutXATEMILnpPaLSSUzPmzF3qm0MC66Wqppv83rQ4vzm78Ip1HMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.28
x-turbo-charged-by: LiteSpeed

GET
H2 200 main.css
meinecommerzbank-phototan.com.de/front_end/front_end_files/ 392 KB
110 KB 68ms
65ms Stylesheet
text/css 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/front_end/front_end_files/main.css

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04186b9f02e3d1119a44b79f327a3c99d1985662a5f31b19e0de078225c0627e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:34 GMT
server: cloudflare
etag: W/"621e1-63e8fed6-a437dab9ab8a9c23;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKyzs2qpRmci3WhHpX6Yb6PfavVyzbeeMrL8k33HKuSb4Q5ujHb6eaJCWAz0%2F2ZhJBowCaXvBwcNnVFaL0B6ROKTuMf23y8Sqk96sEo1z1Ufo2P3AtYQGKSKb4XoL3aToa%2BuijYXad7%2FK29LKfVvhew4pDq%2FTe9Wvp3WWT7zVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175e0fd235f4-FRA
expires: Thu, 04 May 2023 17:41:50 GMT

GET
H2 200 cms.css
meinecommerzbank-phototan.com.de/front_end/front_end_files/ 200 KB
83 KB 51ms
49ms Stylesheet
text/css 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/front_end/front_end_files/cms.css

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:36 GMT
server: cloudflare
etag: W/"32190-63e8fed8-a8ec4a008541b4d3;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZLDhlgVr2CSFGAnaqI1C0Kj3x60oZDsigVxYoS1oEFmo5ONuMQPxFaVnW59j04%2BNtpBo17JzfHrfOIIIfvihJQtFZgp4JCOlJ0aErrP6gsfMJY9%2B1sVfLkKKEvheV9vI6fvmlkm9dYJcIiGgVozoEQ18HGHvh52BUgZHC58rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175e0fd635f4-FRA
expires: Thu, 04 May 2023 17:41:50 GMT

GET
H2 200 jquery.js Show response
meinecommerzbank-phototan.com.de/js/cntdjs/ 87 KB
32 KB 68ms
66ms Script
application/x-javascript 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/js/cntdjs/jquery.js

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:32 GMT
server: cloudflare
etag: W/"15d9d-63e8fed4-448de4241ee4941c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTn9eVlRo0UbjQ%2BKqCPJTHsZs7w368SIwt%2F%2BYUydBgoVbwg6hefepjVmL7NKD47vQbnAjK2SdOcZJ9WRcCgu1AYVXM8Zxmc55Kb9ps6VXsyevmY0%2BwAlGCp3KIdQykGwG%2BNYLfGoBwG4xRldfH6Mo0xkS7MTYC%2Ff2fMK3j%2FCHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175e0fd835f4-FRA
expires: Thu, 04 May 2023 17:41:50 GMT

GET
H2 200 jquery.mask.js Show response
meinecommerzbank-phototan.com.de/js/cntdjs/ 23 KB
6 KB 68ms
66ms Script
application/x-javascript 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/js/cntdjs/jquery.mask.js

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:32 GMT
server: cloudflare
etag: W/"5a88-63e8fed4-e715c7bade17990e;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2B%2FqrsrTudxRlGTQ%2FbJkXgD5FKzlpi1LTZk969h7MH0G8V5inhf6JnQ2LbIpUxlolwtd2u87rki0LIj6qNscxhiKN1h99MJlCBfKl1yd0DY18vib60PYiO3RoSSiEOQZ%2FCzPRxz7a3K2enbeeGC11E1P4ejW6cDD%2BA5Z4WX5lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175e0fd935f4-FRA
expires: Thu, 04 May 2023 17:40:39 GMT

GET
H2 200 cntd.js Show response
meinecommerzbank-phototan.com.de/js/cntdjs/ 3 KB
1 KB 50ms
48ms Script
application/x-javascript 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/js/cntdjs/cntd.js

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:32 GMT
server: cloudflare
etag: W/"abf-63e8fed4-5dde44522d1895fe;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0QfcaFl%2B22sDafWKdlAs88SIsfincraRp95ZUuYWF9aYL8KHFrVdD2w45lG16DDf511sSXqVK7VksL9XEyb0OOu%2Bt2mFklAJ1Cum0GRyc2biRolb8BCypDfRBqzype35yZsmIQ1DaduwFYdisrOABucOZBIVRyDSm0YpqlcCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175e0fda35f4-FRA
expires: Thu, 04 May 2023 17:41:50 GMT

GET
H2 200 loading.js Show response
meinecommerzbank-phototan.com.de/js/shared/ 2 KB
1 KB 49ms
47ms Script
application/x-javascript 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/js/shared/loading.js

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44452
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:32 GMT
server: cloudflare
etag: W/"7b5-63e8fed4-ff68d3535b04462b;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJoTvZfkLq4u%2FSDYVlcNsgccEkX6ApQVyuudhX%2BgQpzpFVcTz%2FkmwWiSO%2BZsqOszdBsYzaF2aJ9oaXm4WfFFFSnMIlPTkOZyvNFs9xoml0ssy2GndFJ8qZFnvckHzW8A3CAYhXklmsqWwoI1f5%2FrvUZP56IL0itJUE%2Ft9%2FSsbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175e0fdc35f4-FRA
expires: Thu, 04 May 2023 17:40:41 GMT

GET
H2 200 online_status.js Show response
meinecommerzbank-phototan.com.de/js/shared/ 998 B
862 B 48ms
46ms Script
application/x-javascript 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/js/shared/online_status.js

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44383
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:32 GMT
server: cloudflare
etag: W/"3e6-63e8fed4-adb839e7febbeae8;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PU7KJgUEWDOULow%2Byfx25DmaNuVFNWvOt%2FIbI%2BUaG9JKNNneb2biHUrse6UfazUhSFUodZxBHWVFjNl8n1GCrNkjHM8IxxxMARNE%2FcDdzLeub3QR5qKYVxGOMATSAmUi0%2FKWJfgFVcJ496HnVALiElgVTF2vjUHgzXBr6Lo%2Fug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175e0fdd35f4-FRA
expires: Thu, 04 May 2023 17:41:50 GMT

GET
H3 200 lupe.png
meinecommerzbank-phototan.com.de/front_end/front_end_files/ 1 KB
2 KB 45ms
45ms Image
image/png 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meinecommerzbank-phototan.com.de/front_end/front_end_files/lupe.png

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1308
last-modified: Sun, 12 Feb 2023 14:59:36 GMT
server: cloudflare
etag: "51c-63e8fed8-573c07d62740c346;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNKsVJfAJ2aExDqHTza%2FQkL3I3LFippQyHkt5sW1Gm6eqhs4N%2BPRqCdiz%2FHIXERmyxpGvOPLnf9InJukM0gA21z7Y8mVxi2tTgzNWmumBymFp4wlSMm7ttmVKDjphgZ99PLv4iFQbZL%2FxRF34nuQVpuL5ElGGPXjW2QXu7u4Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 7bed175eec239250-FRA
expires: Thu, 04 May 2023 17:37:47 GMT

GET
H3 200 logo_big_svg.svg
meinecommerzbank-phototan.com.de/front_end/front_end_files/ 10 KB
3 KB 45ms
45ms Image
image/svg+xml 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://meinecommerzbank-phototan.com.de/front_end/front_end_files/logo_big_svg.svg

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/pages
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:34 GMT
server: cloudflare
etag: W/"2658-63e8fed6-becab05810c30dd1;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOdPKa6OskPFsnmcFWVSVXUJY8UWolQ%2FKxKiiXEbyWbnhYNgW5MPLddl2FsGj8gUz3FTQQ71AUEfGtSyu98KnHHmMvXXcd9Xh%2FakEf9ihGv9389pwsCNioVO%2FrRH2qr1L7QWk6nmVJcDEaaa20sPvnDEf%2BwsyrOaiXvqCVYTHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175efc299250-FRA
expires: Fri, 05 May 2023 06:01:32 GMT

GET
H3 200 cdcs-iframe-index.html Show response
meinecommerzbank-phototan.com.de/front_end/front_end_files/ Frame 4D92 3 KB
1 KB 98ms
97ms Document
text/html 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/front_end/front_end_files/cdcs-iframe-index.html

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/pages

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed09f0eff56524c496ea94dfecf094eeb1900e8c248472a4dd249dad939943b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://meinecommerzbank-phototan.com.de/pages
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7bed175f0c399250-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Fri, 28 Apr 2023 06:01:33 GMT
last-modified: Sun, 12 Feb 2023 14:59:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgbIL5u%2BGx5c0ZCYOkBIdw0Boup4Ux%2BNcWAE0s19cnHSZQVYzmrNuOkFTAPFCTp3oDGrcAq9r%2B3o78ra9GbwLFO9Iu7%2FU8WVTo2hRdDYyTfyubPBPiGnITYoum7eYVx2z0glECo9c%2BYJ%2Bh8WIzxmjxbxeYFJx5J5%2F8cFs4T%2BRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0

Request headers

Referer
Origin: https://meinecommerzbank-phototan.com.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer
Origin: https://meinecommerzbank-phototan.com.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H3 200 icons_woff.woff
meinecommerzbank-phototan.com.de/front_end/front_end_files/ 40 KB
26 KB 48ms
48ms Font
application/font-woff 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/front_end/front_end_files/icons_woff.woff

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/front_end/front_end_files/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://meinecommerzbank-phototan.com.de/front_end/front_end_files/main.css
Origin: https://meinecommerzbank-phototan.com.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:36 GMT
server: cloudflare
etag: W/"9e84-63e8fed8-8ad3099df7dd83c6;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heQQBue9hGOgfTlX899XVqEAYY2P1wLwr3f1POoDioUQruifAikLMuzS%2F4Z91z89DivQSYhP%2F5Nnhqcs9j1cu4UiujlBi1i4y1O0P%2FdWCB2hV3faEKAotkbRX96hGqLWIF7Uv%2BID1NUGIiRpd%2Bpe0NWfntiWQOlIAxqwjVzN%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175f1c479250-FRA

GET
H3 200 cdcs.js Show response
meinecommerzbank-phototan.com.de/front_end/front_end_files/ Frame 4D92 4 KB
2 KB 48ms
47ms Script
application/x-javascript 2606:4700:3033::ac43:ddc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meinecommerzbank-phototan.com.de/front_end/front_end_files/cdcs.js

Requested by

Host: meinecommerzbank-phototan.com.de
URL: https://meinecommerzbank-phototan.com.de/front_end/front_end_files/cdcs-iframe-index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:ddc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000bfe8646b40a3477c4620164e12bc76e5a232c4ba54a43a9e6ed95f88035f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meinecommerzbank-phototan.com.de/front_end/front_end_files/cdcs-iframe-index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 06:01:33 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 12 Feb 2023 14:59:34 GMT
server: cloudflare
etag: W/"10e7-63e8fed6-920854faed506ed4;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3Zcx226fuGLGm9N%2FMjwAXTkmm0koiSG%2B2%2FhF4t73etXsL9aw6z38j4dEOtNZf5k9VjBoh%2BQcks1fY2Zv3wqnCK7xjrmHUh40xUwdH6TOXtEqu0C8GgmpwLZOTWqtf5xy%2FyXQmvqHgQkN%2FvakLHTObzq5hHdOp9lU0%2BZg36slw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 7bed175fccae9250-FRA
expires: Thu, 04 May 2023 17:37:47 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			meinecommerzbank-phototan.com.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: cb5l9fpqka82pbqre0jti6ut5a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

meinecommerzbank-phototan.com.de
2606:4700:3033::ac43:ddc9
000bfe8646b40a3477c4620164e12bc76e5a232c4ba54a43a9e6ed95f88035f2
04186b9f02e3d1119a44b79f327a3c99d1985662a5f31b19e0de078225c0627e
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
4bdc871a71df801aa86926434d6fbed9744ec4757af4e9d6d40978724ea59134
5b056148977cddad1d04190e8588f71549f5fbce2c8504fd0a52699a451896ca
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
996986767d49fd16822494d63b2f387ca6eefa85c562171d2fa41753e1fbd100
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
e64e9d464beb9fe2717cd8bd8d093bb04d570f08a15c65f14533733904e12be7
ed09f0eff56524c496ea94dfecf094eeb1900e8c248472a4dd249dad939943b2
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358

meinecommerzbank-phototan.com.de Open in urlscan Pro 2606:4700:3033::ac43:ddc9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

335 kBTransfer

1058 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

meinecommerzbank-phototan.com.de Open in urlscan Pro
2606:4700:3033::ac43:ddc9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

335 kB
Transfer

1058 kB
Size

1
Cookies

13 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!