act-cmz.com
Open in
urlscan Pro
91.215.85.79
Malicious Activity!
Public Scan
Effective URL: https://act-cmz.com/login/
Submission: On May 23 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 23rd 2024. Valid for: 3 months.
This is the only time act-cmz.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 22 | 91.215.85.79 91.215.85.79 | 200593 (PROSPERO-AS) (PROSPERO-AS) | |
1 | 34.117.186.192 34.117.186.192 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 212.149.50.15 212.149.50.15 | 16365 (COMMERZBA...) (COMMERZBANK DE-60261 Frankfurt) | |
23 | 4 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com
ipinfo.io |
ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE)
PTR: kunden.commerzbank.de
kunden.commerzbank.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
act-cmz.com
2 redirects
act-cmz.com |
199 KB |
2 |
commerzbank.de
kunden.commerzbank.de — Cisco Umbrella Rank: 304220 |
5 KB |
1 |
ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 7491 |
480 B |
23 | 3 |
Domain | Requested by | |
---|---|---|
22 | act-cmz.com |
2 redirects
act-cmz.com
|
2 | kunden.commerzbank.de | |
1 | ipinfo.io |
act-cmz.com
|
23 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
kunden.commerzbank.de |
www.commerzbank.de |
service.commerzbank.de |
cbportal.commerzbank.com |
bankenverband.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
act-cmz.com R3 |
2024-05-23 - 2024-08-21 |
3 months | crt.sh |
ipinfo.io R3 |
2024-04-19 - 2024-07-18 |
3 months | crt.sh |
kunden.commerzbank.de GlobalSign Extended Validation CA - SHA256 - G3 |
2024-01-11 - 2025-02-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://act-cmz.com/login/
Frame ID: A0991500D09B78F8303162404D468ADA
Requests: 25 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://act-cmz.com/
HTTP 307
https://act-cmz.com/ HTTP 302
https://act-cmz.com/login HTTP 301
https://act-cmz.com/login/ Page URL
Detected technologies
Nuxt.js (JavaScript Frameworks) ExpandDetected patterns
- <div [^>]*id="__nuxt"
- /_nuxt/
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Page Statistics
92 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Konzern
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Title: Profil & Einstellungen
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Privatkunden
Search URL Search Domain Scan URL
Title: Unternehmerkunden
Search URL Search Domain Scan URL
Title: Übersichten
Search URL Search Domain Scan URL
Title: Finanzübersicht (neu)
Search URL Search Domain Scan URL
Title: Termin- & offene Aufträge
Search URL Search Domain Scan URL
Title: Daueraufträge
Search URL Search Domain Scan URL
Title: Postfach
Search URL Search Domain Scan URL
Title: Konten & Karten
Search URL Search Domain Scan URL
Title: Überweisung
Search URL Search Domain Scan URL
Title: Auslandsüberweisung
Search URL Search Domain Scan URL
Title: Lastschriftrückgabe
Search URL Search Domain Scan URL
Title: Verwaltung
Search URL Search Domain Scan URL
Title: Karten verwalten
Search URL Search Domain Scan URL
Title: Kontodetails
Search URL Search Domain Scan URL
Title: TAN-Einstellungen
Search URL Search Domain Scan URL
Title: Überweisungslimit ändern
Search URL Search Domain Scan URL
Title: Großauszahlung
Search URL Search Domain Scan URL
Title: Depot
Search URL Search Domain Scan URL
Title: Depot verwalten
Search URL Search Domain Scan URL
Title: Vermögensverwaltung
Search URL Search Domain Scan URL
Title: Wertpapierumsätze
Search URL Search Domain Scan URL
Title: Order
Search URL Search Domain Scan URL
Title: Wertpapiere kaufen
Search URL Search Domain Scan URL
Title: Wertpapiere verkaufen
Search URL Search Domain Scan URL
Title: Neuemissionen
Search URL Search Domain Scan URL
Title: Kapitalmaßnahmen
Search URL Search Domain Scan URL
Title: Wertpapiersparpläne
Search URL Search Domain Scan URL
Title: Sparplan anlegen
Search URL Search Domain Scan URL
Title: WpHG
Search URL Search Domain Scan URL
Title: Anlegerprofil
Search URL Search Domain Scan URL
Title: Börse
Search URL Search Domain Scan URL
Title: Watchlist
Search URL Search Domain Scan URL
Title: Analyse
Search URL Search Domain Scan URL
Title: Service
Search URL Search Domain Scan URL
Title: Konten & Zahlungsmittel
Search URL Search Domain Scan URL
Title: Girokonten
Search URL Search Domain Scan URL
Title: Kreditkarten
Search URL Search Domain Scan URL
Title: Dispokredit
Search URL Search Domain Scan URL
Title: Digital Banking
Search URL Search Domain Scan URL
Title: Kontowechselservice
Search URL Search Domain Scan URL
Title: Sparen & Anlegen
Search URL Search Domain Scan URL
Title: Tagesgeld
Search URL Search Domain Scan URL
Title: Festgeld
Search URL Search Domain Scan URL
Title: ETF- & Fonds-Sparpläne
Search URL Search Domain Scan URL
Title: VL-Sparen
Search URL Search Domain Scan URL
Title: Sparen für Kinder
Search URL Search Domain Scan URL
Title: Depotmodelle
Search URL Search Domain Scan URL
Title: money mate
Search URL Search Domain Scan URL
Title: Wertpapierhandel
Search URL Search Domain Scan URL
Title: Depot eröffnen
Search URL Search Domain Scan URL
Title: Märkte & Analysen
Search URL Search Domain Scan URL
Title: Aktien
Search URL Search Domain Scan URL
Title: Fonds
Search URL Search Domain Scan URL
Title: ETFs
Search URL Search Domain Scan URL
Title: Aktuelle Angebote
Search URL Search Domain Scan URL
Title: Kredit & Finanzierung
Search URL Search Domain Scan URL
Title: Ratenkredit
Search URL Search Domain Scan URL
Title: Autokredit
Search URL Search Domain Scan URL
Title: Baufinanzierung
Search URL Search Domain Scan URL
Title: Modernisierungskredit
Search URL Search Domain Scan URL
Title: Anschlussfinanzierung
Search URL Search Domain Scan URL
Title: Versicherungen & Vorsorge
Search URL Search Domain Scan URL
Title: Risikolebensversicherung
Search URL Search Domain Scan URL
Title: Berufsunfähigkeitsversicherung
Search URL Search Domain Scan URL
Title: Allianz SchatzBrief
Search URL Search Domain Scan URL
Title: PrivatRente
Search URL Search Domain Scan URL
Title: RiesterRente
Search URL Search Domain Scan URL
Title: BasisRente
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Finanzübersicht
Search URL Search Domain Scan URL
Title: Umsatzübersicht
Search URL Search Domain Scan URL
Title: Zugangsdaten vergessen?
Search URL Search Domain Scan URL
Title: Zugang gesperrt?
Search URL Search Domain Scan URL
Title: Teilnehmernummer neu anfordern
Search URL Search Domain Scan URL
Title: Zur Anmeldung im Firmenkundenportal
Search URL Search Domain Scan URL
Title: Zugang digital beantragen (mit autoIDENT)
Search URL Search Domain Scan URL
Title: Hilfe zur photoTAN
Search URL Search Domain Scan URL
Title: Anleitung/Hilfe
Search URL Search Domain Scan URL
Title: Sicherheit
Search URL Search Domain Scan URL
Title: Angebliche Bank-Mitarbeiter erfragen Zugangsdaten
Search URL Search Domain Scan URL
Title: Enkeltrick 2.0: Betrüger nutzen WhatsApp (bankenverband.de)
Search URL Search Domain Scan URL
Title: Warnung vor Phishing
Search URL Search Domain Scan URL
Title: AGB
Search URL Search Domain Scan URL
Title: Rechtliche Hinweise
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Preise & Konditionen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://act-cmz.com/
HTTP 307
https://act-cmz.com/ HTTP 302
https://act-cmz.com/login HTTP 301
https://act-cmz.com/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
act-cmz.com/login/ Redirect Chain
|
1 KB 757 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
entry.d53c0111.css
act-cmz.com/_nuxt/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
entry.d6b2ebb8.js
act-cmz.com/_nuxt/ |
151 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
auth.02a7ab93.js
act-cmz.com/_nuxt/ |
0 199 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.5cc7c4e2.js
act-cmz.com/_nuxt/ |
0 154 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
data.fc8b2f38.js
act-cmz.com/_nuxt/ |
0 193 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
config.cbcfeed0.js
act-cmz.com/_nuxt/ |
0 220 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
error-404.7fc72018.css
act-cmz.com/_nuxt/ |
0 1 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
error-404.283579ec.js
act-cmz.com/_nuxt/ |
0 3 KB |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vue.f36acd1f.b80a43c2.js
act-cmz.com/_nuxt/ |
0 256 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
error-500.c5df6088.css
act-cmz.com/_nuxt/ |
0 696 B |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
error-500.5153148c.js
act-cmz.com/_nuxt/ |
0 934 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
login.e8b2b3ac.js
act-cmz.com/_nuxt/ |
24 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
axios.c24e582b.js
act-cmz.com/_nuxt/ |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
info.0d2f5efc.css
act-cmz.com/_nuxt/ |
429 KB 113 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
config.cbcfeed0.js
act-cmz.com/_nuxt/ |
239 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b6694708-8031-4126-ac8c-d9bb5c9bc4fe.json
act-cmz.com/_nuxt/builds/meta/ |
139 B 156 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
act-cmz.com/ |
1 KB 688 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
ipinfo.io/ |
262 B 480 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
create-user.php
act-cmz.com/routes/auth/auth-file/ |
44 B 73 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
changeCurentPage.php
act-cmz.com/routes/auth/auth-file/ |
50 B 71 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lupe.png
kunden.commerzbank.de/portal/media/system/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_big_svg.svg
kunden.commerzbank.de/portal/media/system/images/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 17 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| __NUXT__ object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ function| __buildAssetsURL function| __publicAssetsURL function| $fetch object| __unctx__ object| __unctx_async_handlers__ boolean| __VUE__ function| useNuxtApp function| __unhead_injection_handler__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
act-cmz.com/ | Name: PHPSESSID Value: 8072966de89d6689809ffbb3d420d339 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
act-cmz.com
ipinfo.io
kunden.commerzbank.de
212.149.50.15
34.117.186.192
91.215.85.79
0d2f5efcf09fa9e02b868fa6414fac0496a50301085ab0ff87b09772461c51cf
0dd2d248ffd5f24975fccf915bba62d6bf40ee5dabdd6d295196cf6813f1d116
27d7b2456b817c5461977533177a963c1dc8033267e708c084ccf045b6fee1b5
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
7cf8b9eb8807891b95a7555e95b47035d182ee91b9c6ec7a65e0eb4d052e4068
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
92408580f246d6afd70d2125807757667eeb705988c8f29a8fc864ada8fd85d6
a701f0e9c06f0864f523cde7ff9f6d636eb667a4bc767c9dc1d800aba1ec679e
b0dcd534353e2e04c4beea8a39d948a23f31dbd656f5c48a897b89074d1faac9
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
b73869c8156157b989a268adcb166a820ab8f72022509678220eccbd7060cd48
bc0d2621e086c3af833226947c98a923f48a84d12dfdeb3a66c052919b40406b
c51ee50bce16c071373ec842931a40a61299dc71af95b65f3748ac91444fe503
d53c01117d43aad3f545c569e5f24cd7f4ba111c1d1f53b29a2cabec3488402e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358