178.215.236.55 Open in urlscan Pro
178.215.236.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://178.215.236.55/Vorgang
Submission: On May 10 via manual (May 10th 2024, 4:57:33 am UTC) from DE — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 13 HTTP transactions. The main IP is 178.215.236.55, located in Ashburn, United States and belongs to STELLARGROUPSAS, FR. The main domain is 178.215.236.55.

This is the only time 178.215.236.55 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
12	178.215.236.55 178.215.236.55	214961 (STELLARGR...) (STELLARGROUPSAS)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	3

12 178.215.236.55 (Ashburn, United States)

ASN214961 (STELLARGROUPSAS, FR)

178.215.236.55	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	28 KB
13	1

	Domain	Requested by
1	cdnjs.cloudflare.com	178.215.236.55
13	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://178.215.236.55/Vorgang
Frame ID: 11FDF53ACF318626218911666874436A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sie müssen sich verifizieren! - Commerzbank

Page URL History Show full URLs

http://178.215.236.55/Vorgang HTTP 307
https://178.215.236.55/Vorgang HTTP 307
http://178.215.236.55/Vorgang Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

8 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

3
IPs

2
Countries

481 kB
Transfer

1555 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://178.215.236.55/Vorgang HTTP 307
https://178.215.236.55/Vorgang HTTP 307
http://178.215.236.55/Vorgang Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Vorgang Show response
178.215.236.55/
Redirect Chain

http://178.215.236.55/Vorgang
https://178.215.236.55/Vorgang
http://178.215.236.55/Vorgang

247 KB
32 KB

95ms
94ms

Document
text/html

178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: fa067beb0e362aef487059d3b92f3b8210d710b5efdf6033a39fb4c765c87a97

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 31941
Content-Type: text/html; charset=UTF-8
Date: Fri, 10 May 2024 04:57:28 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.59 (Debian)
Vary: Accept-Encoding

Redirect headers

Location: http://178.215.236.55/Vorgang
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK main.css
178.215.236.55/assets/css/ 457 KB
123 KB 107ms
52ms Stylesheet
text/css 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/css/main.css
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 1aae7916a668849f1357527d2a090f58b3c336816ff372b8e897252a2f984a6c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:46 GMT
Server: Apache/2.4.59 (Debian)
ETag: "7228e-6092237903680-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK cms.css
178.215.236.55/assets/css/ 217 KB
89 KB 110ms
56ms Stylesheet
text/css 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/css/cms.css
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 1f3e9d14381727674b626dc4f2d08a227c1f7e9dc4456f80b07f4249dfbfe1f4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:44 GMT
Server: Apache/2.4.59 (Debian)
ETag: "36423-609223771b200-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK coba_forms.css
178.215.236.55/assets/css/ 15 KB
3 KB 106ms
51ms Stylesheet
text/css 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/css/coba_forms.css
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 1cd527744935621b2e76befb535b69b6519ca70bb6bac90c3f10d6d36de5937d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:44 GMT
Server: Apache/2.4.59 (Debian)
ETag: "3a58-609223771b200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2235

GET
H/1.1 200
OK gridz.css
178.215.236.55/assets/css/ 52 KB
7 KB 108ms
54ms Stylesheet
text/css 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/css/gridz.css
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 22e293166017618b14342bd640677f88274154a0fed8393cb056a16056348de4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:44 GMT
Server: Apache/2.4.59 (Debian)
ETag: "ce4b-609223771b200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6757

GET
H/1.1 200
OK jQuery_3_5_1.js Show response
178.215.236.55/assets/js/ 99 KB
34 KB 120ms
65ms Script
text/javascript 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/js/jQuery_3_5_1.js
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 984051d349eb480a2a06db83c69e1b52926cc8807ba5ceaaf2b81b20acf6ef12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:42 GMT
Server: Apache/2.4.59 (Debian)
ETag: "18a97-6092237532d80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 34563

GET
H/1.1 200
OK jquery_ui_1_12_1.js Show response
178.215.236.55/assets/js/ 248 KB
67 KB 116ms
61ms Script
text/javascript 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/js/jquery_ui_1_12_1.js
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:42 GMT
Server: Apache/2.4.59 (Debian)
ETag: "3dee5-6092237532d80-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK lib_head.js Show response
178.215.236.55/assets/js/ 42 KB
12 KB 168ms
60ms Script
text/javascript 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/js/lib_head.js
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:42 GMT
Server: Apache/2.4.59 (Debian)
ETag: "a71e-6092237532d80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11887

GET
H/1.1 200
OK lib_smartbanner.js Show response
178.215.236.55/assets/js/ 7 KB
2 KB 162ms
53ms Script
text/javascript 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/js/lib_smartbanner.js
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: 4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2023 02:33:42 GMT
Server: Apache/2.4.59 (Debian)
ETag: "1dde-6092237532d80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1596

GET
H/1.1 200
OK logo_big_svg.svg
178.215.236.55/assets/images/ 10 KB
10 KB 48ms
48ms Image
image/svg+xml 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://178.215.236.55/assets/images/logo_big_svg.svg
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: baa3b2feb93166da64f97249b2d768696b6dd643b2d46f81c84278680ec4edb0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:29 GMT
Last-Modified: Thu, 02 Nov 2023 02:33:48 GMT
Server: Apache/2.4.59 (Debian)
ETag: "2675-6092237aebb00"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9845

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 88 KB
28 KB 89ms
46ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: 178.215.236.55
URL: http://178.215.236.55/Vorgang

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: http://178.215.236.55
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 04:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 104857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28112
last-modified: Wed, 21 Dec 2022 00:05:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63a24ddb-6dd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9KapHBAmOqm7nzKjvtf9u2E04Ue%2Bnpc2Qo2wiPVrNKOL%2FS%2Fs9JpnhcwCN4R%2FoC%2FuSQseL34PYM2EL2MNyJFZxgXS2GB7ijEvjtfQn6ieuLwW6kz%2FZKfkirV%2BwcsaEJNm8ZruvFP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88175943dadb2c2f-FRA
expires: Wed, 30 Apr 2025 04:57:28 GMT

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75

Request headers

Referer: http://178.215.236.55/
Origin: http://178.215.236.55
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK icons_woff.woff
178.215.236.55/assets/fonts/ 40 KB
40 KB 48ms
48ms Font
font/woff 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/fonts/icons_woff.woff
Requested by: Host: 178.215.236.55
URL: http://178.215.236.55/assets/css/main.css
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876

Request headers

Referer: http://178.215.236.55/assets/css/main.css
Origin: http://178.215.236.55
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:29 GMT
Last-Modified: Thu, 02 Nov 2023 02:33:46 GMT
Server: Apache/2.4.59 (Debian)
ETag: "9e84-6092237903680"
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 40580

GET
DATA 200
OK truncated
/ 17 KB
17 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0

Request headers

Referer: http://178.215.236.55/
Origin: http://178.215.236.55
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H/1.1 200
OK favicon.ico
178.215.236.55/assets/images/ 1 KB
1 KB 48ms
48ms Other
image/vnd.microsoft.icon 178.215.236.55
STELLARGROUPSAS

General

Check archive.org

Show headers Download Go to

Full URL: http://178.215.236.55/assets/images/favicon.ico
Protocol: HTTP/1.1
Server: 178.215.236.55 Ashburn, United States, ASN214961 (STELLARGROUPSAS, FR),
Reverse DNS
Software: Apache/2.4.59 (Debian) /
Resource Hash: b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://178.215.236.55/Vorgang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Fri, 10 May 2024 04:57:29 GMT
Last-Modified: Thu, 02 Nov 2023 02:33:48 GMT
Server: Apache/2.4.59 (Debian)
ETag: "47e-6092237aebb00"
Content-Type: image/vnd.microsoft.icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1150

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			178.215.236.55/	1969-12-31 23:59:59	Name: PHPSESSID Value: cr5k87663v5b8dof5rcss8t0ji

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: http://178.215.236.55/Vorgang Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
104.17.24.14
178.215.236.55
1aae7916a668849f1357527d2a090f58b3c336816ff372b8e897252a2f984a6c
1cd527744935621b2e76befb535b69b6519ca70bb6bac90c3f10d6d36de5937d
1f3e9d14381727674b626dc4f2d08a227c1f7e9dc4456f80b07f4249dfbfe1f4
22e293166017618b14342bd640677f88274154a0fed8393cb056a16056348de4
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
984051d349eb480a2a06db83c69e1b52926cc8807ba5ceaaf2b81b20acf6ef12
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
baa3b2feb93166da64f97249b2d768696b6dd643b2d46f81c84278680ec4edb0
fa067beb0e362aef487059d3b92f3b8210d710b5efdf6033a39fb4c765c87a97

178.215.236.55 Open in urlscan Pro 178.215.236.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

8 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

3 IPs

2 Countries

481 kBTransfer

1555 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

178.215.236.55 Open in urlscan Pro
178.215.236.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

8 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

3
IPs

2
Countries

481 kB
Transfer

1555 kB
Size

1
Cookies

13 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!