pzm.bqu.mybluehost.me Open in urlscan Pro
162.241.226.190 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pzm.bqu.mybluehost.me/comdre
Effective URL:
http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflS...
Submission: On June 04 via manual (June 4th 2024, 10:29:16 am UTC) from DE — Scanned from DE

Summary HTTP 28 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 162.241.226.190, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is pzm.bqu.mybluehost.me.

This is the only time pzm.bqu.mybluehost.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 8	162.241.226.190 162.241.226.190	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
6	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
3	193.41.133.18 193.41.133.18	16107 (COMMERZBANK) (COMMERZBANK)
2	193.41.132.20 193.41.132.20	16107 (COMMERZBANK) (COMMERZBANK)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.134.82 172.67.134.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	11

8 162.241.226.190 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5365.bluehost.com

pzm.bqu.mybluehost.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.41.133.18 (Quickborn, Germany)

ASN16107 (COMMERZBANK, DE)

static.comdirect.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.41.132.20 (Quickborn, Germany)

ASN16107 (COMMERZBANK, DE)
PTR: kunde.comdirect.de

kunde.comdirect.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f8cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.134.82 (United States)

ASN13335 (CLOUDFLARENET, US)

json.geoiplookup.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	mybluehost.me 1 redirects pzm.bqu.mybluehost.me	230 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 426	19 KB
5	comdirect.de kunde.comdirect.de — Cisco Umbrella Rank: 184215 Failed static.comdirect.de — Cisco Umbrella Rank: 179580	46 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1200	23 KB
2	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 4782	30 KB
1	geoiplookup.io json.geoiplookup.io — Cisco Umbrella Rank: 75675	877 B
1	gstatic.com www.gstatic.com	114 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	27 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1124	30 KB
28	9

	Domain	Requested by
8	pzm.bqu.mybluehost.me	1 redirects pzm.bqu.mybluehost.me
6	cdn.jsdelivr.net	pzm.bqu.mybluehost.me
3	static.comdirect.de	pzm.bqu.mybluehost.me
2	unpkg.com	1 redirects pzm.bqu.mybluehost.me
2	kunde.comdirect.de	pzm.bqu.mybluehost.me
2	ajax.aspnetcdn.com	pzm.bqu.mybluehost.me
1	json.geoiplookup.io	ajax.aspnetcdn.com
1	www.gstatic.com	pzm.bqu.mybluehost.me
1	cdnjs.cloudflare.com	pzm.bqu.mybluehost.me
1	code.jquery.com	pzm.bqu.mybluehost.me
28	10

This site contains links to these domains. Also see Links.

Domain
magazin.comdirect.de
jobs.commerzbank.com
community.comdirect.de
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-01-30` - `2025-01-30`	a year	crt.sh
static.comdirect.de GlobalSign Extended Validation CA - SHA256 - G3	`2023-11-27` - `2024-12-28`	a year	crt.sh
kunde.comdirect.de GlobalSign Extended Validation CA - SHA256 - G3	`2023-11-27` - `2024-12-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
geoiplookup.io GTS CA 1P5	`2024-04-24` - `2024-07-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Frame ID: 3184254B6E0F897FDB761F8E4500A750
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

comdirect Login - Ihr Online Banking & Brokerage | comdirect.de

Page URL History Show full URLs

http://pzm.bqu.mybluehost.me/comdre HTTP 307
https://pzm.bqu.mybluehost.me/comdre HTTP 307
http://pzm.bqu.mybluehost.me/comdre HTTP 301
http://pzm.bqu.mybluehost.me/comdre/ Page URL
http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

28
Requests

61 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

519 kB
Transfer

1896 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://magazin.comdirect.de/
Title: Magazin

Search URL Search Domain Scan URL

URL: https://jobs.commerzbank.com/index.php?ac=search_result&search_criterion_physical_location%5B%5D=551&search_criterion_physical_location%5B%5D=3
Title: Karriere

Search URL Search Domain Scan URL

URL: https://community.comdirect.de/
Title: Community

Search URL Search Domain Scan URL

URL: https://www.facebook.com/comdirect

Search URL Search Domain Scan URL

URL: https://twitter.com/comdirect

Search URL Search Domain Scan URL

URL: https://www.youtube.com/comdirect

Search URL Search Domain Scan URL

URL: https://www.instagram.com/comdirect/?hl=de

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pzm.bqu.mybluehost.me/comdre HTTP 307
https://pzm.bqu.mybluehost.me/comdre HTTP 307
http://pzm.bqu.mybluehost.me/comdre HTTP 301
http://pzm.bqu.mybluehost.me/comdre/ Page URL
http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pzm.bqu.mybluehost.me/comdre HTTP 307
https://pzm.bqu.mybluehost.me/comdre HTTP 307
http://pzm.bqu.mybluehost.me/comdre HTTP 301
http://pzm.bqu.mybluehost.me/comdre/

Request Chain 19

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@1.7.2/dist/axios.min.js

28 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
pzm.bqu.mybluehost.me/comdre/
Redirect Chain

http://pzm.bqu.mybluehost.me/comdre
https://pzm.bqu.mybluehost.me/comdre
http://pzm.bqu.mybluehost.me/comdre
http://pzm.bqu.mybluehost.me/comdre/

2 KB
1 KB

299ms
298ms

Document
text/html

162.241.226.190
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://pzm.bqu.mybluehost.me/comdre/
Protocol: HTTP/1.1
Server: 162.241.226.190 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5365.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: 6f7352a49a8f1181a380b0b131adbaacd4fb117c7b5547be29c8b01cda0b22c1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=7200
Content-Encoding: gzip
Content-Length: 987
Content-Type: text/html
Date: Tue, 04 Jun 2024 10:29:10 GMT
Expires: Tue, 04 Jun 2024 12:29:10 GMT
Last-Modified: Sun, 02 Jun 2024 22:24:48 GMT
Server: nginx/1.21.6
Vary: Accept-Encoding
X-Newfold-Cache-Level: 2
X-Proxy-Cache: MISS
X-Server-Cache: true
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

Redirect headers

Cache-Control: max-age=7200
Content-Length: 244
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 04 Jun 2024 10:29:10 GMT
Expires: Tue, 04 Jun 2024 12:29:10 GMT
Location: http://pzm.bqu.mybluehost.me/comdre/
Server: nginx/1.21.6
X-Proxy-Cache: MISS
X-Server-Cache: true
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/@alpinejs/mask@3.x.x/dist/ 2 KB
1 KB 137ms
47ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@alpinejs/mask@3.x.x/dist/cdn.min.js

Requested by

Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f7002451d78511fa76aaea453e83b29e339b93a533c238fd0de4f3be367c24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 10:29:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 32326
x-jsd-version: 3.14.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1040
x-served-by: cache-fra-etou8220107-FRA, cache-cph2320058-CPH
x-jsd-version-type: version
etag: W/"878-ku3LoIU+/WbDOm/U/U19w2jl0fE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/ 44 KB
17 KB 130ms
41ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js

Requested by

Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d988c906334fada157d7a88ef1eedcd9bdfb478df83e9b705e6468f0d6c8dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 10:29:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 16355
x-jsd-version: 3.14.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16935
x-served-by: cache-fra-eddf8230068-FRA, cache-cph2320058-CPH
x-jsd-version-type: version
etag: W/"ae74-5ENCAnQ7M1mWXZ4g4zoOt8TYT3A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
30 KB 197ms
40ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE1) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 10:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6158625
x-cache: HIT
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (frc/4CE1)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uuidv4.min.js Show response
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/ 1 KB
1 KB 129ms
40ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js

Requested by

Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 10:29:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28301
x-jsd-version: 8.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 687
x-served-by: cache-fra-etou8220065-FRA, cache-cph2320058-CPH
x-jsd-version-type: version
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK Primary Request login.html Show response
pzm.bqu.mybluehost.me/comdre/ 83 KB
24 KB 301ms
301ms Document
text/html 162.241.226.190
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/
Protocol: HTTP/1.1
Server: 162.241.226.190 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5365.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: 6633d681022fde78235a8b0e4b495b3e99b8834e9b2b38c5a3677457520a9a93

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://pzm.bqu.mybluehost.me/comdre/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=7200
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 04 Jun 2024 10:29:10 GMT
Expires: Tue, 04 Jun 2024 12:29:10 GMT
Last-Modified: Sun, 02 Jun 2024 22:24:48 GMT
Server: nginx/1.21.6
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Newfold-Cache-Level: 2
X-Proxy-Cache: MISS
X-Server-Cache: true
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET favicon_196px.png
kunde.comdirect.de/ 0
0

GET
H2 200 MarkWeb-latin-regular.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 15 KB
15 KB 237ms
108ms Font
font/woff2 193.41.133.18
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-regular.woff2?v=1694095058082
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.133.18 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software: nginx /
Resource Hash: 21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Origin: http://pzm.bqu.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 10:29:11 GMT
last-modified: Tue, 28 May 2024 22:11:00 GMT
server: nginx
etag: "66565674-3b64"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15204

GET
H2 200 MarkWeb-latin-medium.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 15 KB
15 KB 233ms
104ms Font
font/woff2 193.41.133.18
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-medium.woff2?v=1694095058082
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.133.18 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software: nginx /
Resource Hash: cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Origin: http://pzm.bqu.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 10:29:11 GMT
last-modified: Tue, 28 May 2024 22:11:01 GMT
server: nginx
etag: "66565675-3a60"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14944

GET
H2 200 MarkWeb-latin-bold.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 15 KB
15 KB 185ms
56ms Font
font/woff2 193.41.133.18
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-bold.woff2?v=1694095058082
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.133.18 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software: nginx /
Resource Hash: 88f151f26d7582598781390eed26f60abfb543395da97d88c168e1f73a23b2f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Origin: http://pzm.bqu.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 10:29:11 GMT
last-modified: Tue, 28 May 2024 22:11:01 GMT
server: nginx
etag: "66565675-3c5c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15452

GET
H/1.1 200
OK styleguide-comdirect.css
pzm.bqu.mybluehost.me/comdre/assets/ 855 KB
165 KB 440ms
245ms Stylesheet
text/css 162.241.226.190
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://pzm.bqu.mybluehost.me/comdre/assets/styleguide-comdirect.css
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Protocol: HTTP/1.1
Server: 162.241.226.190 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5365.bluehost.com
Software: Apache /
Resource Hash: d083435d32e0c97c48e05dd4f75a736b9cc5618d97c3c27072579b5139918caf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 10:29:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 02 Jun 2024 22:24:48 GMT
Server: Apache
Vary: Accept-Encoding
X-Newfold-Cache-Level: 2
Content-Type: text/css
Transfer-Encoding: chunked
Cache-Control: max-age=86400
Accept-Ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Expires: Wed, 05 Jun 2024 10:29:11 GMT

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/@alpinejs/mask@3.x.x/dist/ 2 KB
0 137ms
47ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@alpinejs/mask@3.x.x/dist/cdn.min.js

Requested by

Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f7002451d78511fa76aaea453e83b29e339b93a533c238fd0de4f3be367c24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 10:29:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 32326
x-jsd-version: 3.14.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1040
x-served-by: cache-fra-etou8220107-FRA, cache-cph2320058-CPH
x-jsd-version-type: version
etag: W/"878-ku3LoIU+/WbDOm/U/U19w2jl0fE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cdn.min.js Show response
cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/ 44 KB
0 130ms
41ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/alpinejs@3.x.x/dist/cdn.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d988c906334fada157d7a88ef1eedcd9bdfb478df83e9b705e6468f0d6c8dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 10:29:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 16355
x-jsd-version: 3.14.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16935
x-served-by: cache-fra-eddf8230068-FRA, cache-cph2320058-CPH
x-jsd-version-type: version
etag: W/"ae74-5ENCAnQ7M1mWXZ4g4zoOt8TYT3A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 comdirect_fav_1005.svg
kunde.comdirect.de/ 520 B
1 KB 165ms
66ms Other
text/plain 193.41.132.20
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.comdirect.de/comdirect_fav_1005.svg?v=1694095058082
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.132.20 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS: kunde.comdirect.de
Software: nginx /
Resource Hash: c449626c54608700314eeb287ee8621d3918a4a1d0a9245bbd45565922066866

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 04 Jun 2024 10:29:11 GMT
Last-Modified: Tue, 28 May 2024 22:11:31 GMT
Server: nginx
ETag: W/"520-1716934291306"
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 520

GET
DATA 200
OK truncated
/ 808 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c54773e4f8716a484b784d6ae8446b61799112c777df1e21afc9c3e86f2ebc09

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://pzm.bqu.mybluehost.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 130ms
48ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 10:29:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 12045516
x-cache: HIT, HIT
content-length: 30125
x-served-by: cache-lga21971-LGA, cache-cph2320052-CPH
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1717496951.357268,VS0,VE0
etag: W/"28feccc0-15283"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 37105, 16479

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
27 KB 99ms
54ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 10:29:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 477024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26909
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stfeuczcVxJxJJgKZ8n8fR7o8IhtcXZI%2BPUnd1b6CFGl6CVd95zqkWmieE1kFfHbezVDfiBm%2FTN2DAHLawBy%2BjBrBjKrWMLtObUu8CE3e7FmkUFaUVEGBuwk8TzagbUYNsvTHQbp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88e73d89bb9065d9-FRA
expires: Sun, 25 May 2025 10:29:11 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
0 197ms
40ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE1) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 10:29:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6158625
x-cache: HIT
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (frc/4CE1)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.7.0/ 386 KB
114 KB 131ms
44ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423767983a6400d05704c2dc21b33d91e6526705a27c84adc142f30f44f02f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 14:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115677
x-xss-protection: 0
last-modified: Thu, 30 Nov 2017 21:30:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Jun 2025 14:16:25 GMT

GET
H2 200 uuidv4.min.js Show response
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/ 1 KB
0 129ms
40ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 04 Jun 2024 10:29:10 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28301
x-jsd-version: 8.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 687
x-served-by: cache-fra-etou8220065-FRA, cache-cph2320058-CPH
x-jsd-version-type: version
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

axios.min.js Show response
unpkg.com/axios@1.7.2/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@1.7.2/dist/axios.min.js

51 KB
23 KB

90ms
89ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@1.7.2/dist/axios.min.js

Requested by

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://pzm.bqu.mybluehost.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 04 Jun 2024 10:29:11 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1186101
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HYE1JEAWYGE0W5JSQJMPZN6T-fra
server: cloudflare
etag: "cc17-STt0F4pjQp//KqsIGzocpz02IIU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 88e73d8c9e4b5d50-FRA

Redirect headers

date: Tue, 04 Jun 2024 10:29:11 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HZHC5F0KX0DZZFY5KP5Z0190-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 587
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /axios@1.7.2/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 88e73d8bece25d50-FRA

GET
H/1.1 200
OK allformdata.js Show response
pzm.bqu.mybluehost.me/comdre/assets/js/ 3 KB
2 KB 242ms
240ms Script
application/javascript 162.241.226.190
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://pzm.bqu.mybluehost.me/comdre/assets/js/allformdata.js
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Protocol: HTTP/1.1
Server: 162.241.226.190 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5365.bluehost.com
Software: Apache /
Resource Hash: f412e5a467b9ca41eb4e11d5df5046ccecbaa41b0523c20b6a640476d16892d5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 10:29:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jun 2024 00:00:36 GMT
Server: Apache
Vary: Accept-Encoding
X-Newfold-Cache-Level: 2
Upgrade: h2,h2c
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: Upgrade
Accept-Ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 1376
Expires: Wed, 05 Jun 2024 10:29:11 GMT

GET
H/1.1 200
OK MarkWeb-latin-regular.woff2
pzm.bqu.mybluehost.me/comdre/assets/ 15 KB
15 KB 210ms
210ms Font
font/woff2 162.241.226.190
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://pzm.bqu.mybluehost.me/comdre/assets/MarkWeb-latin-regular.woff2?v=1694095058082
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/assets/styleguide-comdirect.css
Protocol: HTTP/1.1
Server: 162.241.226.190 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5365.bluehost.com
Software: Apache /
Resource Hash: 21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347

Request headers

Referer: http://pzm.bqu.mybluehost.me/comdre/assets/styleguide-comdirect.css
Origin: http://pzm.bqu.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 10:29:12 GMT
Last-Modified: Sun, 02 Jun 2024 22:24:48 GMT
Server: Apache
X-Newfold-Cache-Level: 2
Content-Type: font/woff2
Cache-Control: max-age=86400
Accept-Ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 15204
Expires: Wed, 05 Jun 2024 10:29:12 GMT

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://pzm.bqu.mybluehost.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H/1.1 200
OK MarkWeb-latin-medium.woff2
pzm.bqu.mybluehost.me/comdre/assets/ 15 KB
15 KB 211ms
211ms Font
font/woff2 162.241.226.190
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://pzm.bqu.mybluehost.me/comdre/assets/MarkWeb-latin-medium.woff2?v=1694095058082
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/assets/styleguide-comdirect.css
Protocol: HTTP/1.1
Server: 162.241.226.190 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5365.bluehost.com
Software: Apache /
Resource Hash: cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773

Request headers

Referer: http://pzm.bqu.mybluehost.me/comdre/assets/styleguide-comdirect.css
Origin: http://pzm.bqu.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 10:29:12 GMT
Last-Modified: Sun, 02 Jun 2024 22:24:48 GMT
Server: Apache
X-Newfold-Cache-Level: 2
Upgrade: h2,h2c
Content-Type: font/woff2
Cache-Control: max-age=86400
Connection: Upgrade
Accept-Ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 14944
Expires: Wed, 05 Jun 2024 10:29:12 GMT

GET
H/1.1 200
OK Trading_special_sigma-lang_lg-1x.jpg
pzm.bqu.mybluehost.me/comdre/assets/ 8 KB
8 KB 205ms
205ms Image
image/jpeg 162.241.226.190
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pzm.bqu.mybluehost.me/comdre/assets/Trading_special_sigma-lang_lg-1x.jpg
Requested by: Host: pzm.bqu.mybluehost.me
URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
Protocol: HTTP/1.1
Server: 162.241.226.190 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5365.bluehost.com
Software: Apache /
Resource Hash: 6fdca4199bd6e48e8b52d4e48df50a2c1aa94dcbe721e81eec42920e85916294

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 10:29:12 GMT
Last-Modified: Sun, 02 Jun 2024 22:24:48 GMT
Server: Apache
X-Newfold-Cache-Level: 2
Content-Type: image/jpeg
Cache-Control: max-age=86400
Accept-Ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Length: 7916
Expires: Wed, 05 Jun 2024 10:29:12 GMT

GET
H3 200 / Show response
json.geoiplookup.io/ 584 B
877 B 292ms
230ms Script
application/javascript 172.67.134.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://json.geoiplookup.io/?callback=jQuery33107114914017665332_1717496952565&_=1717496952566

Requested by

Host: ajax.aspnetcdn.com
URL: https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.134.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Octolus

Resource Hash

7c9b541137fde449ded629eb08c7237a13ed3807ef774ac0d085909592195c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 10:29:12 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Octolus
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 10000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k49CeBK2pcknO2Mb%2BdP0zMLRupf6PX7Ig8Xur3zjMLOQ1IMKYWNaFFEh%2F4KrrpDcy%2FH%2FFwlZFzdneWTX06hQ4eYaPjUynyIpqsWSkNQdC84rdqT%2F2HMdRKYz4luQNhSPY9DTc613"}],"group":"cf-nel","max_age":604800}
x-ratelimit-limit: 10000
cf-ray: 88e73d921ff5366e-FRA

GET favicon_196px.png
kunde.comdirect.de/ 0
0

GET
H/1.1 200 comdirect_fav_1005.svg
kunde.comdirect.de/ 520 B
0 0ms
0ms Other
text/plain 193.41.132.20
COMMERZBANK

General

Check archive.org

Show headers Download Go to

Full URL: https://kunde.comdirect.de/comdirect_fav_1005.svg?v=1694095058082
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.41.132.20 Quickborn, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS: kunde.comdirect.de
Software: nginx /
Resource Hash: c449626c54608700314eeb287ee8621d3918a4a1d0a9245bbd45565922066866

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: http://pzm.bqu.mybluehost.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 04 Jun 2024 10:29:11 GMT
Last-Modified: Tue, 28 May 2024 22:11:31 GMT
Server: nginx
Accept-Ranges: bytes
ETag: W/"520-1716934291306"
Content-Length: 520
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET favicon_196px.png
kunde.comdirect.de/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kunde.comdirect.de
URL: https://kunde.comdirect.de/favicon_196px.png?v=1694095058082

Domain: kunde.comdirect.de
URL: https://kunde.comdirect.de/favicon_196px.png?v=1694095058082

Domain: kunde.comdirect.de
URL: https://kunde.comdirect.de/favicon_196px.png?v=1694095058082

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02 Message: The resource https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-bold.woff2?v=1694095058082 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02 Message: The resource https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-regular.woff2?v=1694095058082 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://pzm.bqu.mybluehost.me/comdre/login.html?token=LmUqClS6ZF5o9IqhQBTrM2hsP2hLVCetDbH3BxQuMs1xTMZk9Ro1JuUs1uzTbVpoQ7J1iflSfqtXgInsLBB1Ctqs5XURw4Trpd&auth=61e8c4b7-5cd3-46a3-8c30-29b445f79a02 Message: The resource https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-medium.woff2?v=1694095058082 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
json.geoiplookup.io
kunde.comdirect.de
pzm.bqu.mybluehost.me
static.comdirect.de
unpkg.com
www.gstatic.com
kunde.comdirect.de
104.17.25.14
152.199.19.160
162.241.226.190
172.67.134.82
193.41.132.20
193.41.133.18
2606:4700::6811:f8cb
2a00:1450:4001:811::2003
2a04:4e42:200::649
2a04:4e42::485
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347
2f7002451d78511fa76aaea453e83b29e339b93a533c238fd0de4f3be367c24f
388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970
3d988c906334fada157d7a88ef1eedcd9bdfb478df83e9b705e6468f0d6c8dd2
423767983a6400d05704c2dc21b33d91e6526705a27c84adc142f30f44f02f0f
4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc
6633d681022fde78235a8b0e4b495b3e99b8834e9b2b38c5a3677457520a9a93
6f7352a49a8f1181a380b0b131adbaacd4fb117c7b5547be29c8b01cda0b22c1
6fdca4199bd6e48e8b52d4e48df50a2c1aa94dcbe721e81eec42920e85916294
7c9b541137fde449ded629eb08c7237a13ed3807ef774ac0d085909592195c12
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88f151f26d7582598781390eed26f60abfb543395da97d88c168e1f73a23b2f3
8ad11c4cb079bba93156727270f510292eedcc0716c6f21725074a59ec8b9b96
c449626c54608700314eeb287ee8621d3918a4a1d0a9245bbd45565922066866
c54773e4f8716a484b784d6ae8446b61799112c777df1e21afc9c3e86f2ebc09
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773
d083435d32e0c97c48e05dd4f75a736b9cc5618d97c3c27072579b5139918caf
f412e5a467b9ca41eb4e11d5df5046ccecbaa41b0523c20b6a640476d16892d5

pzm.bqu.mybluehost.me Open in urlscan Pro 162.241.226.190 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

61 %HTTPS

40 %IPv6

9 Domains

10 Subdomains

11 IPs

3 Countries

519 kBTransfer

1896 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

pzm.bqu.mybluehost.me Open in urlscan Pro
162.241.226.190 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

61 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

519 kB
Transfer

1896 kB
Size

0
Cookies

28 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!