urlscan.io logo urlscan.io
SecurityTrails logo

identifikationsdienste.meindienst.net Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://urlshortener.vibrantmultimedia.com/WRUxC
Effective URL: https://identifikationsdienste.meindienst.net/cd/Vorgang
Submission: On September 18 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is identifikationsdienste.meindienst.net.
TLS certificate: Issued by GTS CA 1P5 on September 13th 2023. Valid for: 3 months.
This is the only time identifikationsdienste.meindienst.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:4780:1:7... 47583 (AS-HOSTINGER)
1 1 51.222.207.122 16276 (OVH)
1 10 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2
Apex Domain
Subdomains		 Transfer
10 meindienst.net
identifikationsdienste.meindienst.net
232 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
28 KB
1 z-link.bio
a.z-link.bio
884 B
1 vibrantmultimedia.com
urlshortener.vibrantmultimedia.com
610 B
10 4
Domain Requested by
10 identifikationsdienste.meindienst.net 1 redirects identifikationsdienste.meindienst.net
1 cdnjs.cloudflare.com identifikationsdienste.meindienst.net
1 a.z-link.bio 1 redirects
1 urlshortener.vibrantmultimedia.com 1 redirects
10 4

This site contains no links.

Subject Issuer Validity Valid
meindienst.net
GTS CA 1P5		 2023-09-13 -
2023-12-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://identifikationsdienste.meindienst.net/cd/Vorgang
Frame ID: 192C1966DF19E11020932FCF40EB09FE
Requests: 8 HTTP requests in this frame

Frame: https://identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Frame ID: 91A79767A9B7DD96544400F3BB296852
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

comdirect - Wir aktualisieren unsere AGBs!

Page URL History Show full URLs

  1. http://urlshortener.vibrantmultimedia.com/WRUxC HTTP 301
    https://a.z-link.bio/hflrq HTTP 301
    https://identifikationsdienste.meindienst.net/cd/Vorgang Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

90 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

259 kB
Transfer

1483 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://urlshortener.vibrantmultimedia.com/WRUxC HTTP 301
    https://a.z-link.bio/hflrq HTTP 301
    https://identifikationsdienste.meindienst.net/cd/Vorgang Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Vorgang
identifikationsdienste.meindienst.net/cd/
Redirect Chain
  • http://urlshortener.vibrantmultimedia.com/WRUxC
  • https://a.z-link.bio/hflrq
  • https://identifikationsdienste.meindienst.net/cd/Vorgang
40 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cd/Vorgang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb8c1401c89f962e6bbab4d5bf0debc3773b7fe72cb9e73e064164d5b54641b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
808a36a2df90994b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 14:17:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VbeQ45W7mi4XK3h6tWEOp0Dh%2BzBNwRojzKRS6vygPlFSIzXRG%2BvLGSqE3uOGEnhDEmEjyba6y%2FMSMTPwVX3PHsyaTh1guD6kSdySEz1xnMHZNmmakS6l3iORjVgQQaHmLbB9737HlwtC%2FFmRH18auIOytCAluej7qZczLf6HgexKeq4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
must-revalidate, no-cache, no-store, private
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 14:17:36 GMT
location
https://identifikationsdienste.meindienst.net/cd/Vorgang
server
nginx/1.22.1
x-powered-by
PHP/8.1.21
MarkWeb-latin-regular.woff2
identifikationsdienste.meindienst.net/cd/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cd/assets/fonts/MarkWeb-latin-regular.woff2?v=1673609518560
Requested by
Host: identifikationsdienste.meindienst.net
URL: https://identifikationsdienste.meindienst.net/cd/Vorgang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347

Request headers

Referer
https://identifikationsdienste.meindienst.net/cd/Vorgang
Origin
https://identifikationsdienste.meindienst.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 14:17:36 GMT
cf-cache-status
HIT
last-modified
Thu, 10 Aug 2023 20:33:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4590
etag
"3b64-60297819aff80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tc2zeRgHYoU9DXQEvBfCSoQfcifE8zeVu7rr%2FomSn0ZKngwHlmMGcEzIwj6w1ML3JzYCxsu4Er4fEN2jpFamKZul24yxuK%2BR6JOJYlBiV3tu2lfTP1TpHkY6%2Fq1VNA7XAyHsT3KfXu86I%2F%2BCvGV0p7uG6ta18t8VrwpOhKzXvwqj89Nw"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
808a36a52aba994b-FRA
alt-svc
h3=":443"; ma=86400
content-length
15204
MarkWeb-latin-medium.woff2
identifikationsdienste.meindienst.net/cd/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cd/assets/fonts/MarkWeb-latin-medium.woff2?v=1673609518560
Requested by
Host: identifikationsdienste.meindienst.net
URL: https://identifikationsdienste.meindienst.net/cd/Vorgang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773

Request headers

Referer
https://identifikationsdienste.meindienst.net/cd/Vorgang
Origin
https://identifikationsdienste.meindienst.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 14:17:36 GMT
cf-cache-status
HIT
last-modified
Thu, 10 Aug 2023 20:33:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4590
etag
"3a60-60297817c7b00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hmb0Drs535CAR7o4hlcQoDTx2Ytkx5GuaPYthWZLiwC54tDHTcNlKMHkeXpB43MYPmlu%2Fu4gKauUPosEKhWRgrcKDoWjG2aNQJT1580WD%2Bz3QsjPZoK3Oj%2BrGkV0M%2BnI8GTZwNDu3GdeipUs2OF1IuKUqtjJ3EMd2fS%2FZl3lsDJyCP0%2F"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
808a36a52abf994b-FRA
alt-svc
h3=":443"; ma=86400
content-length
14944
MarkWeb-latin-bold.woff2
identifikationsdienste.meindienst.net/cd/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cd/assets/fonts/MarkWeb-latin-bold.woff2?v=1673609518560
Requested by
Host: identifikationsdienste.meindienst.net
URL: https://identifikationsdienste.meindienst.net/cd/Vorgang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f151f26d7582598781390eed26f60abfb543395da97d88c168e1f73a23b2f3

Request headers

Referer
https://identifikationsdienste.meindienst.net/cd/Vorgang
Origin
https://identifikationsdienste.meindienst.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 14:17:36 GMT
cf-cache-status
HIT
last-modified
Thu, 10 Aug 2023 20:33:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4590
etag
"3c5c-60297819aff80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMeOCQM4VGSW57oUnyeKRnFy%2FRBCPQEwi3NzmtC5sr6NTlMg4jk6B4LrUR9svQM%2BATzwAoby8eSOeRyOSZuYfQ60ND2tXwJS%2BjXCBAsm3ILaL5BrU%2FyMNXy5qDm0%2FATuCrscxIMFYL2nwBrTJBIFK3aOlp4pjx8tTe8cMIFhf9m79hsJ"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
808a36a52ac0994b-FRA
alt-svc
h3=":443"; ma=86400
content-length
15452
styleguide-comdirect.css
identifikationsdienste.meindienst.net/cd/assets/css/ 		1 MB
116 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cd/assets/css/styleguide-comdirect.css?v=1673609518560
Requested by
Host: identifikationsdienste.meindienst.net
URL: https://identifikationsdienste.meindienst.net/cd/Vorgang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d7d47140cbe5632390dde0ea2f5352369f1fa31f066b986aef83f8cd44727c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identifikationsdienste.meindienst.net/cd/Vorgang
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 14:17:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Aug 2023 20:33:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4590
etag
W/"10b4e7-60297817c7b00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7VpH4RVZ21385a%2B7%2BEa6EwcKSZ0KXC1PzxQFaBTqMsOaTCZgxPrDKgxb7rAGlDoTtLuFs7rsOB3Kfrf2%2FnzvIct%2B1%2B4lETTQLROfzjHXTI5gWFnHJF%2BOPpVx4sK6N8Fbf7FQjbvSpdFknfmMd6kzGI2uozMhBszQZzNcdG%2FWqB5vDehi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
808a36a52abd994b-FRA
alt-svc
h3=":443"; ma=86400
forms.css
identifikationsdienste.meindienst.net/cd/assets/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cd/assets/css/forms.css
Requested by
Host: identifikationsdienste.meindienst.net
URL: https://identifikationsdienste.meindienst.net/cd/Vorgang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a68ac341c0429d1021a01c05e413a59c57b2fa629aa32215d20c51d9340433c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identifikationsdienste.meindienst.net/cd/Vorgang
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 14:17:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Aug 2023 20:33:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4590
etag
W/"38ee-60297817c7b00-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXNSOiSaufiUrIzfuIOmvF3ZSe8fczMSpeNw9nYtcQgCyiWxRhaARhKSIF6r%2BLknmjj6PEhpNkKgGMXrXsE6FmL3lzK9T21Zyq4kKnVjbBP7Q3XewxkQzNF3jFdnlLff9XvVwUwUOiCFzqvhF546JkCeP9AxA9GwSk0MIe8yG40THiv2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
808a36a52abe994b-FRA
alt-svc
h3=":443"; ma=86400
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: identifikationsdienste.meindienst.net
URL: https://identifikationsdienste.meindienst.net/cd/Vorgang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://identifikationsdienste.meindienst.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 14:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10770024
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28112
last-modified
Wed, 21 Dec 2022 00:05:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63a24ddb-6dd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXh7U%2BeHp7dO0rcjn%2Bhr71d0rclnDMvmR3yB4x%2Fe5BBuWhvlDwNg%2B8VqnOlqCrUmHklCp9YMXhbDcUgtLJf0AnYlnLAl4UcBqeeapuzDiKjVneP2%2FXIpN%2FFySchljj29tXWrSPg6e7vZTuqjIjuwf1AH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
808a36a55b3e9078-FRA
expires
Sat, 07 Sep 2024 14:17:36 GMT
svg-symbol.svg
identifikationsdienste.meindienst.net/cd/assets/fonts/ 		220 KB
52 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cd/assets/fonts/svg-symbol.svg
Requested by
Host: identifikationsdienste.meindienst.net
URL: https://identifikationsdienste.meindienst.net/cd/Vorgang
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92678f37c302748b47f4b34dfb341d184f21f5c74a0db3b19d072151325baf27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://identifikationsdienste.meindienst.net/cd/Vorgang
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 14:17:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Aug 2023 20:33:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4589
etag
W/"37064-60297817c7b00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjXDFVkbftAO7lQ%2Bz7vDvryjHVoRzDEV5Eqc%2FBiDXbhoEAtT23EhXDaJhE5ddrpt9l3nLM0lDfhfYeCMbmRK6cHHaNM%2Bt8OFIWnufH0NPYUhak9ISZEnx8cgFevpq7ShzmhTbekfxP4kMv4mvMmhdHg8OmhfvOta5mA0r%2BA9wFapZVNg"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
808a36a52ac1994b-FRA
alt-svc
h3=":443"; ma=86400
main.js
identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/ Frame 91A7
Redirect Chain
  • https://identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c398a70a8102dc05d8ca8068acc4f52e1526dd2e66b26b9e092f2742cab62b55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 14:17:36 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNYZb6aMXQs8a%2BSiVnR8m0klNQkOBwaavhtk7cHL2QQniiDyE0%2FAF0fn2OjChxQ7jbZmwWN1PfYzf6ZgYTLwPixM%2B2KcaRf%2FptpnJTkeP6JFrjt2MYLjKptq3GKySzyMLdqS6WOLRN3DF5jSfCkWPItgDRSm0uiR7RGvi11HgWODjg7K"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
808a36a62f6d377b-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 18 Sep 2023 14:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2F5jijsVocXRbz4WGHIVAX4KV5M8RJbS%2BmOxmmJw7cMYcvJjLiXP1th6JrfxgEixKuw4%2FAmbux8HUkkrqnV%2BPxlm8Meu2A4GxWtgV6dBJVVdzImnJgrFrlPMb3ZSyW0zEhEfXkdyJxhrNTY82gbaGYUEJKy0J%2F9n6Z6G9FDdmyFl9p%2Bb"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
808a36a60f33377b-FRA
alt-svc
h3=":443"; ma=86400
808a36a2df90994b
identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 91A7 		0
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/h/b/jsd/r/808a36a2df90994b
Requested by
Host: identifikationsdienste.meindienst.net
URL: https://identifikationsdienste.meindienst.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Sep 2023 14:17:37 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BzHdX%2FeFmDoLWyc0t25Tv65HunpxvmP1Uf5%2BcJZqlbFsxlLtLdU5E1wRJ1BymNjyJYO3riUpL0OPyFbkfAGz9qfHdsspsLgBlewvNGFifjVegIfDFKhjdVjh6krsdPWaCcdCASa0C58Eg1aoGXv0LHkbRREC8wh82om%2F2VoX2F4Sox1"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
808a36a6e8a7377b-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| $ function| jQuery number| timeLeft number| setTimer function| c number| dots function| type function| formatCardNumber number| timer

6 Cookies

Domain/Path Name / Value
urlshortener.vibrantmultimedia.com/ Name: PHPSESSID
Value: f15c5885a0753d90f55fde827e6fcc1a
urlshortener.vibrantmultimedia.com/ Name: short_WRUxC
Value: 1
a.z-link.bio/ Name: XSRF-TOKEN
Value: eyJpdiI6Imw1MlJWaEZpS01PdlBtKzA0VDZtK2c9PSIsInZhbHVlIjoiMzhvSWM2ZUdZeGZuMFhvTWQraG1LL0pCcHRDKzNuc0xvZERaTEIzTWs0bzdTc3Arc0lKMjBZKzFvM20zbHlSamdOYW1lS01nMWIrOVg0QTNJV2NuRC83UHN6YTJFMVFONU5sVlg0QWdMWXNNYjdoMDZ3TW1oQjlLVTh2bjdLLzciLCJtYWMiOiJkODlhMGM5NGJhZmVjOTA2MThhOGIwZDViZGYwMjRkMzliMTdmY2QxNzIxOTU3NjMyOWVjOTY1OGVlNDA3OTQwIiwidGFnIjoiIn0%3D
a.z-link.bio/ Name: phpshort_session
Value: eyJpdiI6IlRwTzdrTE9Gdjg2QlNVejM5QTREQ3c9PSIsInZhbHVlIjoiWVBTMm5YVERnZzUwbVMyMWlQTFBKSFdkYytWNW9SRXpQV0gwM3NGbTYxY0w5VGdGa0JUZDB3NktMdlc4WWlBdWN2YVhYTjhuVmxTYjBXTFZacTVtUHFpU1hxZWFQNVoySVZsM1o2aE9VMFFmNkhRSDEvNCtNN1NPcWV3WlV6VXciLCJtYWMiOiIzYzY3ZWI2MWJkNDljNDBjNmJkY2IwYWYzNWM2NjhkZGE4MzgyZDYzOTY1M2E3ZThkNjJlMzk0ZmU2ODRiYTkzIiwidGFnIjoiIn0%3D
identifikationsdienste.meindienst.net/ Name: PHPSESSID
Value: nfusoveaq01e7r2qh7dslpas05
.meindienst.net/ Name: cf_clearance
Value: 4rUqe6HzBVHwGjXPrVVSm8fweJ_y2GcvFEF5JwclHME-1695046657-0-1-708fd541.1aa531d8.ca31d8c7-0.2.1695046657