urlscan.io logo urlscan.io
SecurityTrails logo

169.239.129.24 Open in urlscan Pro
169.239.129.24  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://169.239.129.24/gevs.php
Submission: On August 09 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 3 domains to perform 25 HTTP transactions. The main IP is 169.239.129.24, located in Cape Town, South Africa and belongs to ZAPPIE-HOST-AS Zappie Host, US. The main domain is 169.239.129.24.
This is the only time 169.239.129.24 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
2 169.239.129.24 61138 (ZAPPIE-HO...)
7 21 212.149.50.15 16365 (COMMERZBA...)
7 212.149.50.185 16365 (COMMERZBA...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2600:1901:0:5... 15169 (GOOGLE)
25 6
2    169.239.129.24 (Cape Town, South Africa)

ASN61138 (ZAPPIE-HOST-AS Zappie Host, US)
PTR: rns.za.zappiehost.com
169.239.129.24
21    212.149.50.15 (Friedrichsdorf, Germany)

ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE)
PTR: kunden.commerzbank.de
kunden.commerzbank.de
7    212.149.50.185 (Friedrichsdorf, Germany)

ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE)
PTR: commerzbank.de
www.commerzbank.de
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
app.usercentrics.eu
Apex Domain
Subdomains		 Transfer
28 commerzbank.de
kunden.commerzbank.de
www.commerzbank.de
862 KB
1 usercentrics.eu
app.usercentrics.eu
1001 B
1 jquery.com
code.jquery.com
30 KB
25 3
Domain Requested by
21 kunden.commerzbank.de 7 redirects 169.239.129.24
kunden.commerzbank.de
7 www.commerzbank.de 169.239.129.24
1 app.usercentrics.eu 169.239.129.24
1 code.jquery.com 169.239.129.24
25 4

This site contains links to these domains. Also see Links.

Domain
kunden.commerzbank.de
Subject Issuer Validity Valid
kunden.commerzbank.de
GlobalSign Extended Validation CA - SHA256 - G3		 2019-10-18 -
2021-12-11		 2 years crt.sh
www.commerzbank.de
GlobalSign Extended Validation CA - SHA256 - G3		 2021-06-24 -
2022-07-26		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
app.usercentrics.eu
GTS CA 1D4		 2021-06-29 -
2021-09-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://169.239.129.24/gevs.php
Frame ID: 01272C7AA357998D581A72AD58C37B39
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

92 %
HTTPS

40 %
IPv6

3
Domains

4
Subdomains

6
IPs

4
Countries

1008 kB
Transfer

4338 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js HTTP 302
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js
Request Chain 6
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js HTTP 302
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js
Request Chain 7
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js HTTP 302
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js
Request Chain 8
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js HTTP 302
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js
Request Chain 9
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js HTTP 302
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js
Request Chain 17
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif HTTP 302
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif
Request Chain 18
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js HTTP 302
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gevs.php
169.239.129.24/ 		924 KB
101 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Server
169.239.129.24 Cape Town, South Africa, ASN61138 (ZAPPIE-HOST-AS Zappie Host, US),
Reverse DNS
rns.za.zappiehost.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2375460190ddae08b9e208cff57d5ea5718cdd883d2eea7755b5938693a62bfc

Request headers

Host
169.239.129.24
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
main.css
kunden.commerzbank.de/portal/media/system/28.108.14/css/ 		392 KB
118 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/css/main.css
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
fcd7f43571a3e771e82bc358592f75c110c7de5312427e66c2cca83bcc35dd1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 16 Mar 2021 06:08:43 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"-298947109-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
text/css; charset=UTF-8
Keep-Alive
timeout=15, max=100
Expires
Mon, 09 Aug 2021 01:24:48 GMT
cms.css
kunden.commerzbank.de/portal/media/system/28.108.14/css/ 		187 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/css/cms.css
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
4c8015061e805dd49d4fec0d7d0aa5dd0482e2409ccd822d5c780355dcb773ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 16 Mar 2021 06:08:43 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"-376521972-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
text/css; charset=UTF-8
Keep-Alive
timeout=15, max=100
Expires
Mon, 09 Aug 2021 01:24:48 GMT
header_login.css
kunden.commerzbank.de/portal/media/system/28.108.14/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/css/header_login.css
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
4721430fe5f62198e3cd7f2bb6a430da5d25bf0a652400e0cbf7cb433ea7a8e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
707
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 29 Jul 2021 19:46:34 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"1627910412-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
text/css; charset=UTF-8
Keep-Alive
timeout=15, max=100
Expires
Mon, 09 Aug 2021 01:24:48 GMT
openforms.css
kunden.commerzbank.de/portal/media/system/28.108.14/css/ 		319 KB
101 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/css/openforms.css
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
9ecb88ed1282f213c047989695bb71e588f248cae63747d52ddf75cf4b8310af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 02 Jul 2021 09:06:54 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"1719271691-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
text/css; charset=UTF-8
Keep-Alive
timeout=15, max=100
Expires
Mon, 09 Aug 2021 01:24:48 GMT
jquery-1.12.4.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/
Redirect Chain
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js
95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.185 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
commerzbank.de
Software
Apache /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
33760
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Mar 2021 15:26:40 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript
Keep-Alive
timeout=15, max=100
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Server
Apache
Content-Language
de-DE
Location
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/cif/jquery-1.12.4.js
Connection
Keep-Alive
Content-Type
application/javascript
Keep-Alive
timeout=15, max=100
Content-Length
0
bundle.js
169.239.129.24/portal/media/system/usercentrics/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://169.239.129.24/portal/media/system/usercentrics/bundle.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Server
169.239.129.24 Cape Town, South Africa, ASN61138 (ZAPPIE-HOST-AS Zappie Host, US),
Reverse DNS
rns.za.zappiehost.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
169.239.129.24
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://169.239.129.24/gevs.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://169.239.129.24/gevs.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
CMPageContext.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/
Redirect Chain
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js
14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.185 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
commerzbank.de
Software
Apache /
Resource Hash
33ff907babe4f24d2012e6600c440518edaec135a92d37a8536eb68c77923538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
3431
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Mar 2021 15:26:40 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript
Keep-Alive
timeout=15, max=100
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Server
Apache
Content-Language
de-DE
Location
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/CMJars.framework/WebServerResources/js/CMPageContext.js
Connection
Keep-Alive
Content-Type
application/javascript
Keep-Alive
timeout=15, max=100
Content-Length
0
prototype.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/
Redirect Chain
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js
195 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.185 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
commerzbank.de
Software
Apache /
Resource Hash
46bc7c7b853bf69ab0b165153453f7c1e84bf6982fe8adb6245088a5f3de8360
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Mar 2021 15:26:40 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript
Keep-Alive
timeout=15, max=100
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Server
Apache
Content-Language
de-DE
Location
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/prototype.js
Connection
Keep-Alive
Content-Type
application/javascript
Keep-Alive
timeout=15, max=99
Content-Length
0
effects.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/
Redirect Chain
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js
38 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.185 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
commerzbank.de
Software
Apache /
Resource Hash
055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
8726
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Mar 2021 15:26:40 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript
Keep-Alive
timeout=15, max=100
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Server
Apache
Content-Language
de-DE
Location
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/effects.js
Connection
Keep-Alive
Content-Type
application/javascript
Keep-Alive
timeout=15, max=99
Content-Length
0
wonder.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/
Redirect Chain
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js
39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.185 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
commerzbank.de
Software
Apache /
Resource Hash
fe0449d150041929d642a4536e8b52478bf98c8b8a74362ea14ff8d1f8b6a126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
8929
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Mar 2021 15:26:40 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript
Keep-Alive
timeout=15, max=100
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Server
Apache
Content-Language
de-DE
Location
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/Ajax.framework/WebServerResources/wonder.js
Connection
Keep-Alive
Content-Type
application/javascript
Keep-Alive
timeout=15, max=99
Content-Length
0
jquery_ui_1_12_1.js
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/js/jquery_ui_1_12_1.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 16 Mar 2021 05:58:03 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"-733515625-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=15, max=99
Expires
Mon, 09 Aug 2021 01:24:48 GMT
lib_head.js
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_head.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
11887
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 16 Mar 2021 06:08:43 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"960253245-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=15, max=98
Expires
Mon, 09 Aug 2021 01:24:48 GMT
lib_smartbanner.js
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_smartbanner.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
1596
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 16 Mar 2021 06:08:43 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"-523120297-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=15, max=99
Expires
Mon, 09 Aug 2021 01:24:48 GMT
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 01:19:48 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1628471988.dop237.fr8.t,1628471988.cds277.fr8.hc,1628471988.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
bundle.js
kunden.commerzbank.de/portal/media/system/usercentrics/ 		1 MB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/usercentrics/bundle.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
ddece96a5c790b15f879850be8891710f85e7c69ade2873a83beb735533138aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 15 Jun 2021 10:55:13 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"-123850380-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=15, max=98
Expires
Mon, 09 Aug 2021 01:24:48 GMT
1px.png
app.usercentrics.eu/session/ 		489 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=undefined
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 01:05:26 GMT
content-encoding
gzip
age
863
x-guploader-uploadid
ADPycdugI7MZTQEhR1qL-y-Xj32LGNzhiowe-8PkUkDBzUw1s4BOcgwUrymgIcJQAGfLm1gd1BWfDUoN2uGKF5RuwdnRvHNm2w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
strict-transport-security
max-age=7776000
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
x-goog-generation
1588928773413784
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
content-type
image/png
expires
Mon, 09 Aug 2021 01:35:26 GMT
logo_big_svg.svg
kunden.commerzbank.de/portal/media/system/images/ 		17 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/logo_big_svg.svg
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
d28263b118f646cc7c098e5b8c09f994fe27585f541a90f02423b9246621c0d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
5884
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 16 Mar 2021 05:58:00 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"-868304489-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
image/svg+xml
Keep-Alive
timeout=15, max=99
Expires
Mon, 09 Aug 2021 01:24:49 GMT
spacer.gif
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/
Redirect Chain
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif
67 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.185 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
commerzbank.de
Software
Apache /
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 22 Mar 2021 15:26:40 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Connection
Keep-Alive
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
Keep-Alive
timeout=15, max=99
Content-Length
67
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Server
Apache
Content-Language
de-DE
Location
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Frameworks/SAWO5Tools.framework/WebServerResources/spacer.gif
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=15, max=97
Content-Length
0
lib_FormCenter.js
www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/
Redirect Chain
  • https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js
  • https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.185 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
commerzbank.de
Software
Apache /
Resource Hash
70764231df32376c9e53b08d2dcf6debf7b9d718f4c8eb7da1083202dd6a5b60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
3022
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Mar 2021 15:26:40 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript
Keep-Alive
timeout=15, max=99
Expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Server
Apache
Content-Language
de-DE
Location
https://www.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js
Connection
Keep-Alive
Content-Type
application/javascript
Keep-Alive
timeout=15, max=97
Content-Length
0
lib_main.js
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 		287 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_main.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
38bf15974cad8c39b9bf8bf6c91e2ddd8f4f36589537aec5b9936f31464fcfb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 16 Mar 2021 05:58:07 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"-213466583-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=15, max=98
Expires
Mon, 09 Aug 2021 01:24:49 GMT
lib_cms.js
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_cms.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
6982
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 28 Jun 2021 08:24:20 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"572504425-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=15, max=97
Expires
Mon, 09 Aug 2021 01:24:49 GMT
lib_header_login.js
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_header_login.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
ad800e49187fb5ab9613f9af42936fbbf439a500e759a05d547afd80fe451b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
673
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 29 Jul 2021 19:46:34 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"1627881651-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=15, max=98
Expires
Mon, 09 Aug 2021 01:24:49 GMT
html5shiv-printshiv.js
kunden.commerzbank.de/portal/media/system/28.108.14/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kunden.commerzbank.de/portal/media/system/28.108.14/js/html5shiv-printshiv.js
Requested by
Host: 169.239.129.24
URL: http://169.239.129.24/gevs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
4f38b7e2bbb7305b0684410e23cad5ce32e9fad7c929870883f8a82d8845c502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://169.239.129.24/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
2404
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 29 Jul 2021 19:46:34 GMT
Server
Apache
X-Frame-Options
DENY
ETag
"1628056671-gzip"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Content-Type
application/javascript;charset=UTF-8
Keep-Alive
timeout=15, max=98
Expires
Mon, 09 Aug 2021 01:24:49 GMT
bg_metanav_gif.gif
kunden.commerzbank.de/portal/media/system/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunden.commerzbank.de/portal/media/system/images/bg_metanav_gif.gif
Requested by
Host: kunden.commerzbank.de
URL: https://kunden.commerzbank.de/portal/media/system/28.108.14/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.149.50.15 Friedrichsdorf, Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE),
Reverse DNS
kunden.commerzbank.de
Software
Apache /
Resource Hash
ae247f0ee2d331e7f89a54b2d683589de735b83bda69b00b29bf728e1cc31e75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kunden.commerzbank.de/portal/media/system/28.108.14/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 01:19:49 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Tue, 16 Mar 2021 05:58:00 GMT
Server
Apache
ETag
"941815795"
X-Frame-Options
DENY
Content-Language
de-DE
Cache-Control
no-cache="set-cookie, set-cookie2"
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=15, max=97
Content-Length
1124
X-XSS-Protection
1; mode=block
Expires
Mon, 09 Aug 2021 01:24:49 GMT
truncated
/ 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Origin
http://169.239.129.24
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery boolean| __disableDappDetectionInsertion object| CMJSContext object| Prototype function| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ undefined| Sizzle function| Selector object| Effect function| $wi object| AjaxOnDemand object| AOD object| AjaxUtils object| AjaxInPlace object| AIP object| AjaxModalContainer object| AMC object| AjaxOptions object| AjaxUpdateContainer object| AUC object| AjaxUpdateLink object| AUL object| AjaxSubmitButton object| ASB function| AjaxObserveDelayer object| AjaxDraggable object| ADG function| AjaxDroppable function| ADP object| AjaxHighlight object| AH function| AjaxPeriodicUpdater object| AjaxHintedText object| Hoverable object| AjaxBusy object| AjaxModalDialog object| AMD object| AjaxFlexibleUpload object| AFU function| AjaxUploadClient function| AUP object| WonderRemoteLogging object| WonderJSON object| mrm object| cfs object| Modernizr function| yepnope object| cSmartBanner undefined| setBannerTags function| _ object| usercentrics function| DataLayerHelper boolean| history_api object| PreventFormContinue function| elem780541UCIdUpdate function| submitelem780541UCId function| beforeSubmitelem780541UCId function| elem780552UCIdUpdate function| submitelem780552UCId function| beforeSubmitelem780552UCId function| of_set_focus_to_first_element undefined| originalFn function| salReInitInputSpinners function| isGTMActive function| collectGTMData function| fillCID object| Tc object| html5

0 Cookies

3 Console Messages

Source Level URL
Text
console-api warning URL: https://code.jquery.com/jquery-3.5.1.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'extend' of undefined TypeError: Cannot read property 'extend' of undefined at HTMLDocument.registerSalScrollbar (https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js:15:43) at e (https://code.jquery.com/jquery-3.5.1.min.js:2:30005) at t (https://code.jquery.com/jquery-3.5.1.min.js:2:30307) undefined
console-api warning URL: https://code.jquery.com/jquery-3.5.1.min.js(Line 2)
Message:
jQuery.Deferred exception: Cannot read property 'extend' of undefined TypeError: Cannot read property 'extend' of undefined at HTMLDocument.registerSalPlate (https://kunden.commerzbank.de/prozess/Resources/WebObjects/ProzessCenter.woa/Contents/WebServerResources/js/lib_FormCenter.js:76:36) at e (https://code.jquery.com/jquery-3.5.1.min.js:2:30005) at t (https://code.jquery.com/jquery-3.5.1.min.js:2:30307) undefined
console-api warning URL: https://code.jquery.com/jquery-3.5.1.min.js(Line 2)
Message:
jQuery.Deferred exception: $(...).placeholder is not a function TypeError: $(...).placeholder is not a function at HTMLDocument.<anonymous> (https://kunden.commerzbank.de/portal/media/system/28.108.14/js/lib_header_login.js:2:500) at e (https://code.jquery.com/jquery-3.5.1.min.js:2:30005) at t (https://code.jquery.com/jquery-3.5.1.min.js:2:30307) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.usercentrics.eu
code.jquery.com
kunden.commerzbank.de
www.commerzbank.de
169.239.129.24
2001:4de0:ac18::1:a:3b
212.149.50.15
212.149.50.185
2600:1901:0:5987::
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
2375460190ddae08b9e208cff57d5ea5718cdd883d2eea7755b5938693a62bfc
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
33ff907babe4f24d2012e6600c440518edaec135a92d37a8536eb68c77923538
38bf15974cad8c39b9bf8bf6c91e2ddd8f4f36589537aec5b9936f31464fcfb6
46bc7c7b853bf69ab0b165153453f7c1e84bf6982fe8adb6245088a5f3de8360
4721430fe5f62198e3cd7f2bb6a430da5d25bf0a652400e0cbf7cb433ea7a8e5
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
4c8015061e805dd49d4fec0d7d0aa5dd0482e2409ccd822d5c780355dcb773ec
4f38b7e2bbb7305b0684410e23cad5ce32e9fad7c929870883f8a82d8845c502
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
70764231df32376c9e53b08d2dcf6debf7b9d718f4c8eb7da1083202dd6a5b60
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
9ecb88ed1282f213c047989695bb71e588f248cae63747d52ddf75cf4b8310af
ad800e49187fb5ab9613f9af42936fbbf439a500e759a05d547afd80fe451b21
ae247f0ee2d331e7f89a54b2d683589de735b83bda69b00b29bf728e1cc31e75
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2
d28263b118f646cc7c098e5b8c09f994fe27585f541a90f02423b9246621c0d2
ddece96a5c790b15f879850be8891710f85e7c69ade2873a83beb735533138aa
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fcd7f43571a3e771e82bc358592f75c110c7de5312427e66c2cca83bcc35dd1b
fe0449d150041929d642a4536e8b52478bf98c8b8a74362ea14ff8d1f8b6a126