comdiirect-photiotanscon.s-host.net Open in urlscan Pro
91.219.60.108 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://comdiirect-photiotanscon.s-host.net/
Effective URL:
https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA6...
Submission: On September 02 via manual (September 2nd 2024, 2:08:59 pm UTC) from DE — Scanned from DE

Summary HTTP 28 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 28 HTTP transactions. The main IP is 91.219.60.108, located in Kyiv, Ukraine and belongs to NETH-AS, UA. The main domain is comdiirect-photiotanscon.s-host.net.
TLS certificate: Issued by R11 on August 30th 2024. Valid for: 3 months.

This is the only time comdiirect-photiotanscon.s-host.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 9	91.219.60.108 91.219.60.108	202302 (NETH-AS) (NETH-AS)
6	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
3	193.41.133.18 193.41.133.18	16107 (COMMERZBANK) (COMMERZBANK)
2	193.41.132.20 193.41.132.20	16107 (COMMERZBANK) (COMMERZBANK)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1 2	104.17.247.203 104.17.247.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.134.82 172.67.134.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	11

9 91.219.60.108 (Kyiv, Ukraine) 2 redirects

ASN202302 (NETH-AS, UA)
PTR: s233.s-host.com.ua

comdiirect-photiotanscon.s-host.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.41.133.18 (Quickborn, Germany)

ASN16107 (COMMERZBANK, DE)

static.comdirect.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.41.132.20 (Quickborn, Germany)

ASN16107 (COMMERZBANK, DE)
PTR: kunde.comdirect.de

kunde.comdirect.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.247.203 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.134.82 (United States)

ASN13335 (CLOUDFLARENET, US)

json.geoiplookup.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	s-host.net 2 redirects comdiirect-photiotanscon.s-host.net	982 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	18 KB
5	comdirect.de kunde.comdirect.de — Cisco Umbrella Rank: 285387 Failed static.comdirect.de — Cisco Umbrella Rank: 310130	46 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1314	24 KB
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 5661	30 KB
1	geoiplookup.io json.geoiplookup.io — Cisco Umbrella Rank: 87808	954 B
1	gstatic.com www.gstatic.com	114 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	27 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	30 KB
28	9

	Domain	Requested by
9	comdiirect-photiotanscon.s-host.net	2 redirects comdiirect-photiotanscon.s-host.net
6	cdn.jsdelivr.net	comdiirect-photiotanscon.s-host.net
3	static.comdirect.de	comdiirect-photiotanscon.s-host.net
2	unpkg.com	1 redirects comdiirect-photiotanscon.s-host.net
2	kunde.comdirect.de	comdiirect-photiotanscon.s-host.net
2	ajax.aspnetcdn.com	comdiirect-photiotanscon.s-host.net
1	json.geoiplookup.io	ajax.aspnetcdn.com
1	www.gstatic.com	comdiirect-photiotanscon.s-host.net
1	cdnjs.cloudflare.com	comdiirect-photiotanscon.s-host.net
1	code.jquery.com	comdiirect-photiotanscon.s-host.net
28	10

This site contains links to these domains. Also see Links.

Domain
magazin.comdirect.de
jobs.commerzbank.com
community.comdirect.de
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.comdiirect-photiotanscon.s-host.net R11	`2024-08-30` - `2024-11-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
static.comdirect.de GlobalSign Extended Validation CA - SHA256 - G3	`2023-11-27` - `2024-12-28`	a year	crt.sh
kunde.comdirect.de GlobalSign Extended Validation CA - SHA256 - G3	`2023-11-27` - `2024-12-28`	a year	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
geoiplookup.io WE1	`2024-08-20` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Frame ID: D28DE6CAF9E4E784D803974F844C43AB
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

comdirect Login - Ihr Online Banking & Brokerage | comdirect.de

Page URL History Show full URLs

https://comdiirect-photiotanscon.s-host.net/ HTTP 302
https://comdiirect-photiotanscon.s-host.net/includes HTTP 301
https://comdiirect-photiotanscon.s-host.net/includes/ Page URL
https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GP... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

28
Requests

86 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

11
IPs

4
Countries

1270 kB
Transfer

1898 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://magazin.comdirect.de/
Title: Magazin

Search URL Search Domain Scan URL

URL: https://jobs.commerzbank.com/index.php?ac=search_result&search_criterion_physical_location%5B%5D=551&search_criterion_physical_location%5B%5D=3
Title: Karriere

Search URL Search Domain Scan URL

URL: https://community.comdirect.de/
Title: Community

Search URL Search Domain Scan URL

URL: https://www.facebook.com/comdirect

Search URL Search Domain Scan URL

URL: https://twitter.com/comdirect

Search URL Search Domain Scan URL

URL: https://www.youtube.com/comdirect

Search URL Search Domain Scan URL

URL: https://www.instagram.com/comdirect/?hl=de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://comdiirect-photiotanscon.s-host.net/ HTTP 302
https://comdiirect-photiotanscon.s-host.net/includes HTTP 301
https://comdiirect-photiotanscon.s-host.net/includes/ Page URL
https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://comdiirect-photiotanscon.s-host.net/ HTTP 302
https://comdiirect-photiotanscon.s-host.net/includes HTTP 301
https://comdiirect-photiotanscon.s-host.net/includes/

Request Chain 19

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@1.7.7/dist/axios.min.js

28 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
comdiirect-photiotanscon.s-host.net/includes/
Redirect Chain

https://comdiirect-photiotanscon.s-host.net/
https://comdiirect-photiotanscon.s-host.net/includes
https://comdiirect-photiotanscon.s-host.net/includes/

2 KB
2 KB

120ms
119ms

Document
text/html

91.219.60.108
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://comdiirect-photiotanscon.s-host.net/includes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.219.60.108 Kyiv, Ukraine, ASN202302 (NETH-AS, UA),
Reverse DNS: s233.s-host.com.ua
Software: Apache /
Resource Hash: 6f7352a49a8f1181a380b0b131adbaacd4fb117c7b5547be29c8b01cda0b22c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ranges: bytes
content-length: 2171
content-type: text/html
date: Mon, 02 Sep 2024 14:08:51 GMT
last-modified: Thu, 21 Sep 2023 01:14:30 GMT
server: Apache

Redirect headers

content-length: 261
content-type: text/html; charset=iso-8859-1
date: Mon, 02 Sep 2024 14:08:51 GMT
location: https://comdiirect-photiotanscon.s-host.net/includes/
server: Apache

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/@alpinejs/mask@3.x.x/dist/ 2 KB
1 KB 607ms
109ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@alpinejs/mask@3.x.x/dist/cdn.min.js

Requested by

Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f7002451d78511fa76aaea453e83b29e339b93a533c238fd0de4f3be367c24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 14:08:52 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2895
x-jsd-version: 3.14.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1040
x-served-by: cache-fra-etou8220107-FRA, cache-muc13920-MUC
x-jsd-version-type: version
etag: W/"878-ku3LoIU+/WbDOm/U/U19w2jl0fE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/ 44 KB
16 KB 586ms
88ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js

Requested by

Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

358d9afbb1ab5befa2f48061a30776e5bcd7707f410a606ba985f98bc3b1c034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 14:08:52 GMT
x-content-type-options: nosniff
content-encoding: br
age: 19906
x-jsd-version: 3.14.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15674
x-served-by: cache-fra-eddf8230068-FRA, cache-muc13920-MUC
x-jsd-version-type: version
etag: W/"ae73-fuiCb+eWgx0z9GRcxLGUK6suxFo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
30 KB 440ms
91ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48FC) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14031406
x-cache: HIT
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ama/48FC)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uuidv4.min.js Show response
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/ 1 KB
807 B 622ms
125ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js

Requested by

Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Sep 2024 14:08:52 GMT
x-content-type-options: nosniff
content-encoding: br
age: 29169
x-jsd-version: 8.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 687
x-served-by: cache-fra-etou8220065-FRA, cache-muc13920-MUC
x-jsd-version-type: version
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Primary Request login.html Show response
comdiirect-photiotanscon.s-host.net/includes/ 83 KB
83 KB 355ms
355ms Document
text/html 91.219.60.108
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.219.60.108 Kyiv, Ukraine, ASN202302 (NETH-AS, UA),
Reverse DNS: s233.s-host.com.ua
Software: Apache /
Resource Hash: 6633d681022fde78235a8b0e4b495b3e99b8834e9b2b38c5a3677457520a9a93

Request headers

Referer: https://comdiirect-photiotanscon.s-host.net/includes/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ranges: bytes
content-length: 84739
content-type: text/html
date: Mon, 02 Sep 2024 14:08:52 GMT
last-modified: Thu, 21 Sep 2023 01:23:56 GMT
server: Apache

GET favicon_196px.png
kunde.comdirect.de/ 0
0

GET
H2 200 MarkWeb-latin-regular.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 15 KB
15 KB 553ms
383ms Font
font/woff2 193.41.133.18
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-regular.woff2?v=1694095058082
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.133.18 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software: nginx /
Resource Hash: 21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
Origin: https://comdiirect-photiotanscon.s-host.net
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:53 GMT
last-modified: Sun, 18 Aug 2024 22:15:27 GMT
server: nginx
etag: "66c2727f-3b64"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15204

GET
H2 200 MarkWeb-latin-medium.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 15 KB
15 KB 325ms
156ms Font
font/woff2 193.41.133.18
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-medium.woff2?v=1694095058082
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.133.18 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software: nginx /
Resource Hash: cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
Origin: https://comdiirect-photiotanscon.s-host.net
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:53 GMT
last-modified: Sun, 18 Aug 2024 22:15:26 GMT
server: nginx
etag: "66c2727e-3a60"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14944

GET
H2 200 MarkWeb-latin-bold.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 15 KB
15 KB 564ms
395ms Font
font/woff2 193.41.133.18
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-bold.woff2?v=1694095058082
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.133.18 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software: nginx /
Resource Hash: 88f151f26d7582598781390eed26f60abfb543395da97d88c168e1f73a23b2f3

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
Origin: https://comdiirect-photiotanscon.s-host.net
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:53 GMT
last-modified: Sun, 18 Aug 2024 22:15:44 GMT
server: nginx
etag: "66c27290-3c5c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15452

GET
H2 200 styleguide-comdirect.css
comdiirect-photiotanscon.s-host.net/includes/assets/ 855 KB
855 KB 100ms
99ms Stylesheet
text/css 91.219.60.108
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://comdiirect-photiotanscon.s-host.net/includes/assets/styleguide-comdirect.css
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.219.60.108 Kyiv, Ukraine, ASN202302 (NETH-AS, UA),
Reverse DNS: s233.s-host.com.ua
Software: Apache /
Resource Hash: d083435d32e0c97c48e05dd4f75a736b9cc5618d97c3c27072579b5139918caf

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
last-modified: Tue, 19 Sep 2023 18:51:30 GMT
server: Apache
accept-ranges: bytes
content-length: 875455
content-type: text/css

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/@alpinejs/mask@3.x.x/dist/ 2 KB
0 0ms
0ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@alpinejs/mask@3.x.x/dist/cdn.min.js

Requested by

Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f7002451d78511fa76aaea453e83b29e339b93a533c238fd0de4f3be367c24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2895
x-jsd-version: 3.14.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1040
x-served-by: cache-fra-etou8220107-FRA, cache-muc13920-MUC
x-jsd-version-type: version
etag: W/"878-ku3LoIU+/WbDOm/U/U19w2jl0fE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/ 44 KB
0 0ms
0ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

358d9afbb1ab5befa2f48061a30776e5bcd7707f410a606ba985f98bc3b1c034

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19906
x-jsd-version: 3.14.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15674
x-served-by: cache-fra-eddf8230068-FRA, cache-muc13920-MUC
x-jsd-version-type: version
etag: W/"ae73-fuiCb+eWgx0z9GRcxLGUK6suxFo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 comdirect_fav_1005.svg
kunde.comdirect.de/ 520 B
1 KB 133ms
125ms Other
text/plain 193.41.132.20
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.comdirect.de/comdirect_fav_1005.svg?v=1694095058082
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.132.20 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS: kunde.comdirect.de
Software: nginx /
Resource Hash: c449626c54608700314eeb287ee8621d3918a4a1d0a9245bbd45565922066866

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

Date: Mon, 02 Sep 2024 14:08:53 GMT
Last-Modified: Tue, 20 Aug 2024 22:16:49 GMT
Server: nginx
ETag: W/"520-1724192209378"
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 520

GET
DATA 200
OK truncated
/ 808 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c54773e4f8716a484b784d6ae8446b61799112c777df1e21afc9c3e86f2ebc09

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 702ms
83ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2873625
x-cache: HIT, HIT
content-length: 30125
x-served-by: cache-lga21971-LGA, cache-fra-etou8220130-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1725286134.938088,VS0,VE0
etag: W/"28feccc0-15283"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 18, 273122

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
27 KB 717ms
93ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1015750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26909
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJqoO3Q72Jw0yV%2BCaVQfH8TVkbWYVXkamrJpU1eENB%2BEc%2BK3M3NEA45vJWbpINd9zLLurN75Axths1zmvREdSef1jmp2te0gVcUsREKtavolYqD7m4jzfXbZrTHFOC5hJlyvk8aH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bce1324bf4365c5-FRA
expires: Sat, 23 Aug 2025 14:08:54 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
0 1ms
1ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48FC) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14031406
x-cache: HIT
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ama/48FC)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.7.0/ 386 KB
114 KB 708ms
86ms Script
text/javascript 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

423767983a6400d05704c2dc21b33d91e6526705a27c84adc142f30f44f02f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Sat, 31 Aug 2024 05:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115677
x-xss-protection: 0
last-modified: Thu, 30 Nov 2017 21:30:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Aug 2025 05:13:48 GMT

GET
H2 200 uuidv4.min.js Show response
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/ 1 KB
0 1ms
1ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29169
x-jsd-version: 8.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 687
x-served-by: cache-fra-etou8220065-FRA, cache-muc13920-MUC
x-jsd-version-type: version
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

axios.min.js Show response
unpkg.com/axios@1.7.7/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@1.7.7/dist/axios.min.js

53 KB
24 KB

70ms
69ms

Script
application/javascript

104.17.247.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@1.7.7/dist/axios.min.js

Requested by

Protocol

Server

104.17.247.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5b2b26071bb59f466683356df11b5392614cf6966586917990c65d48af0dcb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://comdiirect-photiotanscon.s-host.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 02 Sep 2024 14:08:54 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 144194
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J6N7HY63FQ1JMBYVRYXK0J0K-ams
server: cloudflare
etag: "d383-UevtiR1Ub6VyiQ12MPIw3BrQgvI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8bce13265dd37266-HAM

Redirect headers

date: Mon, 02 Sep 2024 14:08:54 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J6SGPC0HG8BCN3MM3KNMF2HD-ams
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 394
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /axios@1.7.7/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8bce13258c627266-HAM

GET
H2 200 allformdata.js Show response
comdiirect-photiotanscon.s-host.net/includes/assets/js/ 3 KB
3 KB 147ms
146ms Script
text/javascript 91.219.60.108
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://comdiirect-photiotanscon.s-host.net/includes/assets/js/allformdata.js
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.219.60.108 Kyiv, Ukraine, ASN202302 (NETH-AS, UA),
Reverse DNS: s233.s-host.com.ua
Software: Apache /
Resource Hash: 7d5c61eabe7c53b01d5255a677eb863e776581ceb7a96548d11ae888cb1d4694

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
last-modified: Wed, 28 Aug 2024 21:40:06 GMT
server: Apache
accept-ranges: bytes
content-length: 3343
content-type: text/javascript

GET
H2 200 MarkWeb-latin-regular.woff2
comdiirect-photiotanscon.s-host.net/includes/assets/ 15 KB
15 KB 167ms
166ms Font
font/woff2 91.219.60.108
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://comdiirect-photiotanscon.s-host.net/includes/assets/MarkWeb-latin-regular.woff2?v=1694095058082
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/assets/styleguide-comdirect.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.219.60.108 Kyiv, Ukraine, ASN202302 (NETH-AS, UA),
Reverse DNS: s233.s-host.com.ua
Software: Apache /
Resource Hash: 21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/includes/assets/styleguide-comdirect.css
Origin: https://comdiirect-photiotanscon.s-host.net
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
last-modified: Tue, 19 Sep 2023 18:48:28 GMT
server: Apache
accept-ranges: bytes
content-length: 15204
content-type: font/woff2

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 MarkWeb-latin-medium.woff2
comdiirect-photiotanscon.s-host.net/includes/assets/ 15 KB
15 KB 156ms
155ms Font
font/woff2 91.219.60.108
NETH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://comdiirect-photiotanscon.s-host.net/includes/assets/MarkWeb-latin-medium.woff2?v=1694095058082
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/assets/styleguide-comdirect.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.219.60.108 Kyiv, Ukraine, ASN202302 (NETH-AS, UA),
Reverse DNS: s233.s-host.com.ua
Software: Apache /
Resource Hash: cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/includes/assets/styleguide-comdirect.css
Origin: https://comdiirect-photiotanscon.s-host.net
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
last-modified: Tue, 19 Sep 2023 18:48:52 GMT
server: Apache
accept-ranges: bytes
content-length: 14944
content-type: font/woff2

GET
H2 200 Trading_special_sigma-lang_lg-1x.jpg
comdiirect-photiotanscon.s-host.net/includes/assets/ 8 KB
8 KB 143ms
143ms Image
image/jpeg 91.219.60.108
NETH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comdiirect-photiotanscon.s-host.net/includes/assets/Trading_special_sigma-lang_lg-1x.jpg
Requested by: Host: comdiirect-photiotanscon.s-host.net
URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.219.60.108 Kyiv, Ukraine, ASN202302 (NETH-AS, UA),
Reverse DNS: s233.s-host.com.ua
Software: Apache /
Resource Hash: 6fdca4199bd6e48e8b52d4e48df50a2c1aa94dcbe721e81eec42920e85916294

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:52 GMT
last-modified: Tue, 19 Sep 2023 18:02:24 GMT
server: Apache
accept-ranges: bytes
content-length: 7916
content-type: image/jpeg

GET
H2 200 / Show response
json.geoiplookup.io/ 578 B
954 B 655ms
132ms Script
application/javascript 172.67.134.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://json.geoiplookup.io/?callback=jQuery331016042107261367988_1725286134594&_=1725286134595

Requested by

Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.134.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Octolus

Resource Hash

05117d1463d56dbf893c91769438927d1b90347a1b42f2e105adf76f21b0c5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

date: Mon, 02 Sep 2024 14:08:55 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Octolus
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 10000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K592M2%2FSOEuf7H%2BYOpnWnJsi9Mqztgz26JggRJv4iNGmdBUb006Pwoyu8pkfnP3hzhot2InRlbdR3jLvdAPlAlZqTqEFiDfrLFeHEcVS%2FZnXuLZ6r84KZ6%2BxVRJPj%2FHIYVSq%2Fp%2F%2B"}],"group":"cf-nel","max_age":604800}
x-ratelimit-limit: 10000
cf-ray: 8bce132a6d674d82-FRA

GET favicon_196px.png
kunde.comdirect.de/ 0
0

GET
H/1.1 200 comdirect_fav_1005.svg
kunde.comdirect.de/ 520 B
0 0ms
0ms Other
text/plain 193.41.132.20
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.comdirect.de/comdirect_fav_1005.svg?v=1694095058082
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.132.20 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS: kunde.comdirect.de
Software: nginx /
Resource Hash: c449626c54608700314eeb287ee8621d3918a4a1d0a9245bbd45565922066866

Request headers

sec-ch-ua: "Chromium";v="128", "Not;A=Brand";v="24", "Google Chrome";v="128"
Referer: https://comdiirect-photiotanscon.s-host.net/
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
sec-ch-ua-platform: "Linux"

Response headers

Date: Mon, 02 Sep 2024 14:08:53 GMT
Last-Modified: Tue, 20 Aug 2024 22:16:49 GMT
Server: nginx
Accept-Ranges: bytes
ETag: W/"520-1724192209378"
Content-Length: 520
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET favicon_196px.png
kunde.comdirect.de/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kunde.comdirect.de
URL: https://kunde.comdirect.de/favicon_196px.png?v=1694095058082

Domain: kunde.comdirect.de
URL: https://kunde.comdirect.de/favicon_196px.png?v=1694095058082

Domain: kunde.comdirect.de
URL: https://kunde.comdirect.de/favicon_196px.png?v=1694095058082

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			comdiirect-photiotanscon.s-host.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: ae0adeb3b5f96796a5958be7742ae49f

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5 Message: The resource https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-bold.woff2?v=1694095058082 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5 Message: The resource https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-regular.woff2?v=1694095058082 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://comdiirect-photiotanscon.s-host.net/includes/login.html?token=KBytTSDBJCahb2uXiGIq2c7V5y4TQHIcXI3xMTkL8vIraM09GPgEFvolhnHMiag5gRPRA66KXQZZU3CuF1V3MaLybbUKGFlLhb&auth=0199f27f-f284-44c7-ba3b-3114a4365bf5 Message: The resource https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-medium.woff2?v=1694095058082 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
comdiirect-photiotanscon.s-host.net
json.geoiplookup.io
kunde.comdirect.de
static.comdirect.de
unpkg.com
www.gstatic.com
kunde.comdirect.de
104.17.24.14
104.17.247.203
142.250.185.227
151.101.129.229
151.101.66.137
152.199.19.160
172.67.134.82
193.41.132.20
193.41.133.18
91.219.60.108
05117d1463d56dbf893c91769438927d1b90347a1b42f2e105adf76f21b0c5cd
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347
2f7002451d78511fa76aaea453e83b29e339b93a533c238fd0de4f3be367c24f
358d9afbb1ab5befa2f48061a30776e5bcd7707f410a606ba985f98bc3b1c034
388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970
423767983a6400d05704c2dc21b33d91e6526705a27c84adc142f30f44f02f0f
4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc
6633d681022fde78235a8b0e4b495b3e99b8834e9b2b38c5a3677457520a9a93
6f7352a49a8f1181a380b0b131adbaacd4fb117c7b5547be29c8b01cda0b22c1
6fdca4199bd6e48e8b52d4e48df50a2c1aa94dcbe721e81eec42920e85916294
7d5c61eabe7c53b01d5255a677eb863e776581ceb7a96548d11ae888cb1d4694
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88f151f26d7582598781390eed26f60abfb543395da97d88c168e1f73a23b2f3
c449626c54608700314eeb287ee8621d3918a4a1d0a9245bbd45565922066866
c54773e4f8716a484b784d6ae8446b61799112c777df1e21afc9c3e86f2ebc09
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773
d083435d32e0c97c48e05dd4f75a736b9cc5618d97c3c27072579b5139918caf
f5b2b26071bb59f466683356df11b5392614cf6966586917990c65d48af0dcb9

comdiirect-photiotanscon.s-host.net Open in urlscan Pro 91.219.60.108 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

86 %HTTPS

0 %IPv6

9 Domains

10 Subdomains

11 IPs

4 Countries

1270 kBTransfer

1898 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

comdiirect-photiotanscon.s-host.net Open in urlscan Pro
91.219.60.108 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

86 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

11
IPs

4
Countries

1270 kB
Transfer

1898 kB
Size

1
Cookies

28 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!