178.215.236.55 Open in urlscan Pro
178.215.236.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://178.215.236.55/Vorgang
Submission: On May 13 via manual (May 13th 2024, 9:16:02 am UTC) from DE — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 14 HTTP transactions. The main IP is 178.215.236.55, located in Ashburn, United States and belongs to STELLARGROUPSAS, FR. The main domain is 178.215.236.55.

This is the only time 178.215.236.55 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
13	178.215.236.55 178.215.236.55	214961 (STELLARGR...) (STELLARGROUPSAS)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3

13 178.215.236.55 (Ashburn, United States)

ASN214961 (STELLARGROUPSAS, FR)

178.215.236.55	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	28 KB
14	1

	Domain	Requested by
1	cdnjs.cloudflare.com	178.215.236.55
14	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://178.215.236.55/Vorgang
Frame ID: 46A1F0AA77E1CFBF719B828FD1C245AF
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sie müssen sich verifizieren! - Commerzbank

Page URL History Show full URLs

http://178.215.236.55/Vorgang HTTP 307
https://178.215.236.55/Vorgang HTTP 307
http://178.215.236.55/Vorgang Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

7 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

3
IPs

2
Countries

569 kB
Transfer

1612 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://178.215.236.55/Vorgang HTTP 307
https://178.215.236.55/Vorgang HTTP 307
http://178.215.236.55/Vorgang Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Vorgang Show response
178.215.236.55/
Redirect Chain

http://178.215.236.55/Vorgang
https://178.215.236.55/Vorgang
http://178.215.236.55/Vorgang

247 KB
32 KB

69ms
69ms

Document
text/html

178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 14746ac58e18e7f2fed93d80d1cb2a0384115ea4abad09131370bc27f0d462e9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 31974
Content-Type: text/html; charset=UTF-8
Date: Mon, 13 May 2024 09:15:58 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.59 (Debian)
Vary: Accept-Encoding

Redirect headers

Location: http://178.215.236.55/Vorgang
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK main.css
178.215.236.55/assets/css/ 457 KB
123 KB 110ms
62ms Stylesheet
text/css 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/css/main.css
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 1aae7916a668849f1357527d2a090f58b3c336816ff372b8e897252a2f984a6c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:46 GMT
Server: Apache/2.4.59 (Debian)
ETag: "7228e-6092237903680-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK cms.css
178.215.236.55/assets/css/ 217 KB
89 KB 102ms
53ms Stylesheet
text/css 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/css/cms.css
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 1f3e9d14381727674b626dc4f2d08a227c1f7e9dc4456f80b07f4249dfbfe1f4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:44 GMT
Server: Apache/2.4.59 (Debian)
ETag: "36423-609223771b200-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK coba_forms.css
178.215.236.55/assets/css/ 15 KB
3 KB 112ms
59ms Stylesheet
text/css 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/css/coba_forms.css
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 1cd527744935621b2e76befb535b69b6519ca70bb6bac90c3f10d6d36de5937d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:44 GMT
Server: Apache/2.4.59 (Debian)
ETag: "3a58-609223771b200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2235

GET
H/1.1 200
OK grids.css
178.215.236.55/assets/css/ 15 KB
2 KB 111ms
58ms Stylesheet
text/css 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/css/grids.css
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: f0801175d380906f294d784c43ee071a90b1543195480916dd0faa99d6f718d7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:44 GMT
Server: Apache/2.4.59 (Debian)
ETag: "3d22-609223771b200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1283

GET
H/1.1 200
OK jQuery_3_5_1.js Show response
178.215.236.55/assets/js/ 99 KB
34 KB 120ms
65ms Script
text/javascript 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/js/jQuery_3_5_1.js
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 984051d349eb480a2a06db83c69e1b52926cc8807ba5ceaaf2b81b20acf6ef12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:42 GMT
Server: Apache/2.4.59 (Debian)
ETag: "18a97-6092237532d80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 34563

GET
H/1.1 200
OK jquery_ui_1_12_1.js Show response
178.215.236.55/assets/js/ 248 KB
67 KB 130ms
76ms Script
text/javascript 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/js/jquery_ui_1_12_1.js
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:42 GMT
Server: Apache/2.4.59 (Debian)
ETag: "3dee5-6092237532d80-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK lib_head.js Show response
178.215.236.55/assets/js/ 42 KB
12 KB 168ms
55ms Script
text/javascript 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/js/lib_head.js
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:42 GMT
Server: Apache/2.4.59 (Debian)
ETag: "a71e-6092237532d80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11887

GET
H/1.1 200
OK lib_smartbanner.js Show response
178.215.236.55/assets/js/ 7 KB
2 KB 167ms
53ms Script
text/javascript 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/js/lib_smartbanner.js
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:42 GMT
Server: Apache/2.4.59 (Debian)
ETag: "1dde-6092237532d80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1596

GET
H/1.1 200
OK logo_big_svg.svg
178.215.236.55/assets/images/ 10 KB
10 KB 50ms
50ms Image
image/svg+xml 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://178.215.236.55/assets/images/logo_big_svg.svg
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: baa3b2feb93166da64f97249b2d768696b6dd643b2d46f81c84278680ec4edb0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Last-Modified: Thu, 02 Nov 2023 02:33:48 GMT
Server: Apache/2.4.59 (Debian)
ETag: "2675-6092237aebb00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9845

GET
H/1.1 200
OK mobile_logo.png
178.215.236.55/assets/images/ 93 KB
93 KB 50ms
50ms Image
image/png 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://178.215.236.55/assets/images/mobile_logo.png
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 5984bad91d2db65a82458f293a0e7f9e79dedca653e64660f5edd9f1e45916d9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Last-Modified: Thu, 02 Nov 2023 02:33:48 GMT
Server: Apache/2.4.59 (Debian)
ETag: "17267-6092237aebb00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 94823

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 88 KB
28 KB 128ms
82ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://178.215.236.55
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Mon, 13 May 2024 09:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 379567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28112
last-modified: Wed, 21 Dec 2022 00:05:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63a24ddb-6dd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJnRNMUuqAg1C8QWCeTlftXEw%2FYqsJXVbgA9%2FgRG%2FezgZHZmcdVYpFoVaZ9hI34Mw9sHjWLTCPGrit7XIe%2Fayc8tPce9sBIgfB2X470Rt9992Fgvyt8%2FwEzjXytSEH8ftutrLn%2Bm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88318c0adfc4bbe5-FRA
expires: Sat, 03 May 2025 09:15:58 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer: http://178.215.236.55/
Origin: http://178.215.236.55
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK icons_woff.woff
178.215.236.55/assets/fonts/ 40 KB
40 KB 53ms
52ms Font
font/woff 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/fonts/icons_woff.woff
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/assets/css/main.css
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876

Request headers

Referer: http://178.215.236.55/assets/css/main.css
Origin: http://178.215.236.55
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:58 GMT
Last-Modified: Thu, 02 Nov 2023 02:33:46 GMT
Server: Apache/2.4.59 (Debian)
ETag: "9e84-6092237903680"
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 40580

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0

Request headers

Referer: http://178.215.236.55/
Origin: http://178.215.236.55
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK favicon.ico
178.215.236.55/assets/images/ 1 KB
1 KB 50ms
50ms Other
image/vnd.microsoft.icon 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/images/favicon.ico
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Mon, 13 May 2024 09:15:59 GMT
Last-Modified: Thu, 02 Nov 2023 02:33:48 GMT
Server: Apache/2.4.59 (Debian)
ETag: "47e-6092237aebb00"
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1150

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			178.215.236.55/	1969-12-31 23:59:59	Name: PHPSESSID Value: b4deq26e8htf2fb0tcinfva83g

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: http://178.215.236.55/Vorgang Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
104.17.24.14
178.215.236.55
14746ac58e18e7f2fed93d80d1cb2a0384115ea4abad09131370bc27f0d462e9
1aae7916a668849f1357527d2a090f58b3c336816ff372b8e897252a2f984a6c
1cd527744935621b2e76befb535b69b6519ca70bb6bac90c3f10d6d36de5937d
1f3e9d14381727674b626dc4f2d08a227c1f7e9dc4456f80b07f4249dfbfe1f4
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
5984bad91d2db65a82458f293a0e7f9e79dedca653e64660f5edd9f1e45916d9
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
984051d349eb480a2a06db83c69e1b52926cc8807ba5ceaaf2b81b20acf6ef12
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
baa3b2feb93166da64f97249b2d768696b6dd643b2d46f81c84278680ec4edb0
f0801175d380906f294d784c43ee071a90b1543195480916dd0faa99d6f718d7

178.215.236.55 Open in urlscan Pro 178.215.236.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

7 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

3 IPs

2 Countries

569 kBTransfer

1612 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

178.215.236.55 Open in urlscan Pro
178.215.236.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

7 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

3
IPs

2
Countries

569 kB
Transfer

1612 kB
Size

1
Cookies

14 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!