dokumente.comm.20-100-181-107.cprapid.com
Open in
urlscan Pro
20.100.181.107
Malicious Activity!
Public Scan
Submission: On January 31 via automatic, source openphish — Scanned from NO
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 30th 2023. Valid for: 3 months.
This is the only time dokumente.comm.20-100-181-107.cprapid.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 20.100.181.107 20.100.181.107 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 212.149.50.15 212.149.50.15 | 16365 (COMMERZBA...) (COMMERZBANK DE-60261 Frankfurt) | |
1 | 142.250.181.238 142.250.181.238 | 15169 (GOOGLE) (GOOGLE) | |
2 | 35.241.3.184 35.241.3.184 | 15169 (GOOGLE) (GOOGLE) | |
1 | 35.190.14.188 35.190.14.188 | 15169 (GOOGLE) (GOOGLE) | |
27 | 6 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dokumente.comm.20-100-181-107.cprapid.com |
ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE)
PTR: kunden.commerzbank.de
kunden.commerzbank.de |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com
api.usercentrics.eu |
ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com
app.usercentrics.eu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
cprapid.com
dokumente.comm.20-100-181-107.cprapid.com |
4 MB |
3 |
usercentrics.eu
api.usercentrics.eu — Cisco Umbrella Rank: 12249 app.usercentrics.eu — Cisco Umbrella Rank: 12170 |
2 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21 |
20 KB |
1 |
commerzbank.de
kunden.commerzbank.de — Cisco Umbrella Rank: 279543 |
3 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
22 | dokumente.comm.20-100-181-107.cprapid.com |
dokumente.comm.20-100-181-107.cprapid.com
|
2 | api.usercentrics.eu |
dokumente.comm.20-100-181-107.cprapid.com
|
1 | app.usercentrics.eu |
dokumente.comm.20-100-181-107.cprapid.com
|
1 | www.google-analytics.com |
dokumente.comm.20-100-181-107.cprapid.com
|
1 | kunden.commerzbank.de |
dokumente.comm.20-100-181-107.cprapid.com
|
27 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
kunden.commerzbank.de |
www.commerzbank.de |
cbportal.commerzbank.com |
www.polizei-beratung.de |
service.commerzbank.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dokumente.comm.20-100-181-107.cprapid.com cPanel, Inc. Certification Authority |
2023-01-30 - 2023-04-30 |
3 months | crt.sh |
kunden.commerzbank.de GlobalSign Extended Validation CA - SHA256 - G3 |
2022-12-21 - 2024-01-20 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-01-09 - 2023-04-03 |
3 months | crt.sh |
api.usercentrics.eu GTS CA 1D4 |
2022-12-12 - 2023-03-12 |
3 months | crt.sh |
app.usercentrics.eu GTS CA 1D4 |
2022-12-14 - 2023-03-14 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://dokumente.comm.20-100-181-107.cprapid.com/commerz/login.php?&return_url=d281e6202e3f0aa0398a573141008bf8&enrolmentID=8fb800141375a8930aa0f3e2026e182d?securessl=true
Frame ID: 16C2FEDE2AC74CAFEF5E76EBD75F2D03
Requests: 27 HTTP requests in this frame
Frame:
https://dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/cdcs-iframe-index.html
Frame ID: B252EBAE652EBAA5B5CEF2616576BD2F
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Anmeldung zum Digital Banking - CommerzbankDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
25 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Konzern
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Title: Profil & Einstellungen
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privatkunden
Search URL Search Domain Scan URL
Title: Unternehmerkunden
Search URL Search Domain Scan URL
Title: Anmelden
Search URL Search Domain Scan URL
Title: Zur Anmeldung im Firmenkundenportal
Search URL Search Domain Scan URL
Title: Zugang digital beantragen (mit autoIDENT)
Search URL Search Domain Scan URL
Title: Schadsoftware "Godfather"
Search URL Search Domain Scan URL
Title: Angebliche Bank-Mitarbeiter erfragen Zugangsdaten
Search URL Search Domain Scan URL
Title: Enkeltrick: Betrüger nutzen WhatsApp (polizei-beratung.de)
Search URL Search Domain Scan URL
Title: hier
Search URL Search Domain Scan URL
Title: photoTAN aktivieren (für angemeldete Kunden)
Search URL Search Domain Scan URL
Title: Hilfe zur photoTAN
Search URL Search Domain Scan URL
Title: Teilnehmernummer neu anfordern
Search URL Search Domain Scan URL
Title: PIN vergessen
Search URL Search Domain Scan URL
Title: Zugang gesperrt
Search URL Search Domain Scan URL
Title: Anleitung/Hilfe
Search URL Search Domain Scan URL
Title: Sicherheit
Search URL Search Domain Scan URL
Title: Preise & Konditionen
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Rechtliche Hinweise
Search URL Search Domain Scan URL
Title: Datenschutzhinweise
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
dokumente.comm.20-100-181-107.cprapid.com/commerz/ |
247 KB 247 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
dokumente.comm.20-100-181-107.cprapid.com/portal/media/system/usercentrics/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
49 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
200 KB 200 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
353 KB 353 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ruxitagentjs_ICA27NVfqrux_10253221019152312.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
221 KB 221 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
414 KB 414 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cms.css
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
200 KB 201 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_1_12_4.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
95 KB 95 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery_ui_1_12_1.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
248 KB 248 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lib_head.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
42 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lib_smartbanner.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
1 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_big_svg.svg
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
10 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_big_svg.svg
kunden.commerzbank.de//portal/media/system/images/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lib_main.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
287 KB 288 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lib_cms.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
24 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons_woff.woff
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ |
40 KB 40 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdcs-iframe-index.html
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/ Frame B252 |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cdcs.js
dokumente.comm.20-100-181-107.cprapid.com/commerz/Commerzbank1_files/cdcs-iframe-index_data/ Frame B252 |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de.json
api.usercentrics.eu/settings/undefined/latest/ |
2 B 688 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1px.png
app.usercentrics.eu/session/ |
489 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
api.usercentrics.eu/settings/undefined/latest/ |
2 B 185 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683
dokumente.comm.20-100-181-107.cprapid.com/banking/dynatrace/ |
11 KB 11 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683
dokumente.comm.20-100-181-107.cprapid.com/banking/dynatrace/ |
11 KB 11 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
rb_5a7f65a5-eb55-46f1-baff-f05ff70d4683
dokumente.comm.20-100-181-107.cprapid.com/banking/dynatrace/ |
11 KB 11 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontentvisibilityautostatechange object| dT_ object| dtrum object| dynatrace function| $ function| jQuery object| mrm object| cfs object| Modernizr function| yepnope object| cSmartBanner undefined| setBannerTags function| salReInitInputSpinners function| isGTMActive function| collectGTMData function| fillCID function| Class object| Tc function| _ object| jQuery112405520378936918451 object| Select2 function| CobaNewsList function| CobaNews object| google_tag_manager object| google_tag_data object| dataLayer string| GoogleAnalyticsObject function| ga object| usercentrics function| DataLayerHelper object| tousercentrics function| lodash object| gaplugins object| gaGlobal object| gaData8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cprapid.com/ | Name: dtCookie Value: v_4_srv_-2D87_sn_13USI3HNLB34VVI035KO360JKIKVRQA6 |
|
.cprapid.com/ | Name: rxVisitor Value: 1675127246718ME43DTOU0JULM1VT73G5RDV6S1F627HS |
|
.cprapid.com/ | Name: dtLatC Value: 62 |
|
.cprapid.com/ | Name: dtSa Value: - |
|
.cprapid.com/ | Name: _ga Value: GA1.2.737548057.1675127247 |
|
.cprapid.com/ | Name: _gid Value: GA1.2.1475178930.1675127247 |
|
.cprapid.com/ | Name: rxvt Value: 1675129047586|1675127246719 |
|
.cprapid.com/ | Name: dtPC Value: -87$527246716_186h-vQFIFKFAETHBKRSEHAPUAAFILKIJCQFMR-0e0 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.usercentrics.eu
app.usercentrics.eu
dokumente.comm.20-100-181-107.cprapid.com
kunden.commerzbank.de
www.google-analytics.com
142.250.181.238
20.100.181.107
212.149.50.15
35.190.14.188
35.241.3.184
000bfe8646b40a3477c4620164e12bc76e5a232c4ba54a43a9e6ed95f88035f2
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
145673652ea2bb03936a3c4c4cbf4fab35fdf19dc1ee3ec0e568d88ecd1a5b45
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2962ebdfb16337009985225591d06c05addd115ee034077096b49f59cdf9358a
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
3fff5e22c87a2b966f72c1435f8bbdc380f62ba6ba5d40dce6f7152e16e82bd2
4150dc54df7ec2d764435d2bd4f54b8a4b51734eb6b954e6c1e020f970cd5443
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
853e87c77695bdc3653fccd37bb91edad9054414f40fec86c4d9ea07cda1d9e5
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
982ebfea5474ce1f59dfb98b925a08b4d73bb799e3b51418f40f48c6de581157
9fee4bf06592bd7c0f4322bd310f53936e533d55a2a6141b51579773393a09b5
b326c3427d92c9ae4a6b4335f2d1bcfb154c4ed4be8be4287679c22006f9ac66
b354555f7418c5b13e865740083a58bcffa07ff1936a283e0f6dca44b9910e25
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2
dc9d1e8540c2505cbb90289ad35f86bf33da36db504d7bc5c57fd663ef8dce19
de9819776f1e0b50fb71b4519029bd53dd167375f0175d61ea5b761af646872f