neue-agb.info
Open in
urlscan Pro
2606:4700:3031::6815:5e2e
Malicious Activity!
Public Scan
Submission: On September 26 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on September 25th 2023. Valid for: 3 months.
This is the only time neue-agb.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
26 | 2606:4700:303... 2606:4700:3031::6815:5e2e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 64.185.227.156 64.185.227.156 | 18450 (WEBNX) (WEBNX) | |
27 | 3 |
ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com
api.ipify.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
neue-agb.info
neue-agb.info |
430 KB |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2769 |
224 B |
27 | 2 |
Domain | Requested by | |
---|---|---|
26 | neue-agb.info |
neue-agb.info
|
1 | api.ipify.org |
neue-agb.info
|
27 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
neue-agb.info GTS CA 1P5 |
2023-09-25 - 2023-12-24 |
3 months | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://neue-agb.info/vorgang
Frame ID: 02D2DF568A9B09F5C451258E08EACCF8
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
Anmeldung zum Digital Banking - CommerzbankDetected technologies
three.js (JavaScript Graphics) ExpandDetected patterns
- three(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
vorgang
neue-agb.info/ |
27 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ruxitagentjs_ICA27NVfqrux_10263230321103025.js
neue-agb.info/banking/dynatrace/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
neue-agb.info/portal/media/system/38.176.28/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cms.css
neue-agb.info/portal/media/system/38.176.28/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
neue-agb.info/ |
393 KB 110 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
another.css
neue-agb.info/ |
200 KB 83 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mycss.css
neue-agb.info/ |
973 B 659 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery_1_12_4.js
neue-agb.info/portal/media/system/38.176.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery_ui_1_12_1.js
neue-agb.info/portal/media/system/38.176.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lib_head.js
neue-agb.info/portal/media/system/38.176.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lib_smartbanner.js
neue-agb.info/portal/media/system/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lupe%20(1).png
neue-agb.info/IMAGE/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_big_svg.svg
neue-agb.info/IMAGE/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot%202023-06-19%20at%2017.47.46.png
neue-agb.info/IMAGE/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot%202023-06-19%20at%2017.47.56.png
neue-agb.info/IMAGE/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Screenshot%202023-06-19%20at%2017.48.06.png
neue-agb.info/IMAGE/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lib_main.js
neue-agb.info/portal/media/system/38.176.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lib_cms.js
neue-agb.info/portal/media/system/38.176.28/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
one.js
neue-agb.info/ |
95 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
two.js
neue-agb.info/ |
248 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
three.js
neue-agb.info/ |
42 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
four.js
neue-agb.info/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
five.js
neue-agb.info/ |
288 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
24 B 224 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
neue-agb.info/portal/media/system/usercentrics/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons_woff.woff
neue-agb.info/portal/media/system/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons_ttf.ttf
neue-agb.info/portal/media/system/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| consentDataProcessors undefined| localUCSettings undefined| consent undefined| dataProcessorAvailable function| gtag object| allowedTags string| curUrl string| openAreaGuidelines string| closedAreaGuidelines string| uaID object| dataLayer object| domainParts string| mainDomain function| setCookie function| affiliateOptOut string| webtrekkEnabled boolean| userIsLoggedIn object| ccb_cif function| reloadActualLocation boolean| consentPA function| $ function| jQuery object| mrm object| cfs object| Modernizr function| yepnope object| cSmartBanner undefined| setBannerTags function| salReInitInputSpinners function| isGTMActive function| collectGTMData function| fillCID function| Class object| Tc function| _ object| jQuery112408329891473727153 object| Select2 object| usercentrics string| uscmainjs0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
neue-agb.info
2606:4700:3031::6815:5e2e
64.185.227.156
0f744ac40d6337af95953f629b5bdcf0c7e0e80c91fcd3c891f3933f72ab70cf
1723903fdc89b1a5847d06bcb47d17db5b0610acf89b02a056de1e05abdf1191
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
285d8ceb39b8859bab57ee6d926c9e70b96fa179540ba0b25cddff01c881f6c0
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
4467899b6ec48dec1dfc41d85d822c4055458f9131c1aa9face76881a70f37ff
53675c7336663bcdf571ceeebc0adbeadf8c7ffa0e3597511bae7d2b019fc52a
7aab86a30b0fc4fe4940e32088d0a6f463afde5fd39ffed10df94a3c9af782df
7e1d22283359dea0b31caf7a7a1d233ce304ce360ca3722cefcd38baf68b8eef
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
99346dc85dae68e81e73c52cf7b2e99b70372af5c09317c525bd50a914112c3e
a92d48dda82cdb58b4e28f58ece271e9428ad1a2ff7c788c5aacee8a17a42b2d
c4ab6d704fdd69766a09508f95c75edbadedf6b990d199d53534403acb6988f0
cb4e5a4a25b095758e702317af5145988042cd4a5fb43866b8cdc6ddbd2da809
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358