urlscan.io logo urlscan.io
SecurityTrails logo

comdirect.onlinebanking.com.de Open in urlscan Pro
141.255.167.42  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://comdirect.onlinebanking.com.de/de/comdirect
Effective URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Submission: On February 21 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 141.255.167.42, located in Zurich, Switzerland and belongs to PLI-AS, PA. The main domain is comdirect.onlinebanking.com.de.
TLS certificate: Issued by R3 on February 20th 2023. Valid for: 3 months.
This is the only time comdirect.onlinebanking.com.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Commerzbank (Banking)

Domain & IP information

IP Address AS Autonomous System
3 18 141.255.167.42 51852 (PLI-AS)
1 193.41.132.20 16107 (COMMERZBANK)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
1 2620:1ec:48:1... 8075 (MICROSOFT...)
21 5
Apex Domain
Subdomains		 Transfer
18 com.de
comdirect.onlinebanking.com.de
203 KB
1 poste.it
securelogin.poste.it
33 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2229
12 KB
1 comdirect.de
static.comdirect.de Failed
kunde.comdirect.de — Cisco Umbrella Rank: 209109
40 KB
21 4
Domain Requested by
18 comdirect.onlinebanking.com.de 3 redirects comdirect.onlinebanking.com.de
1 securelogin.poste.it comdirect.onlinebanking.com.de
1 upload.wikimedia.org comdirect.onlinebanking.com.de
1 kunde.comdirect.de comdirect.onlinebanking.com.de
0 static.comdirect.de Failed comdirect.onlinebanking.com.de
21 5

This site contains no links.

Subject Issuer Validity Valid
loading.onlinebanking.com.de
R3		 2023-02-20 -
2023-05-21		 3 months crt.sh
kunde.comdirect.de
GlobalSign Extended Validation CA - SHA256 - G3		 2022-11-22 -
2023-12-24		 a year crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-27 -
2023-11-17		 a year crt.sh
securelogin.poste.it
GlobalSign RSA OV SSL CA 2018		 2022-03-25 -
2023-04-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Frame ID: 8C7144004392601FFA4423237C78C132
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

comdirect Login - Ihr Online Banking & Brokerage | comdirect.de

Page URL History Show full URLs

  1. https://comdirect.onlinebanking.com.de/de/comdirect HTTP 301
    https://comdirect.onlinebanking.com.de/de/comdirect/ HTTP 302
    https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/?caf9c4770872f16a519f1dd9f09d... HTTP 302
    https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1d... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

86 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

288 kB
Transfer

1174 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://comdirect.onlinebanking.com.de/de/comdirect HTTP 301
    https://comdirect.onlinebanking.com.de/de/comdirect/ HTTP 302
    https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/?caf9c4770872f16a519f1dd9f09d5666 HTTP 302
    https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/
Redirect Chain
  • https://comdirect.onlinebanking.com.de/de/comdirect
  • https://comdirect.onlinebanking.com.de/de/comdirect/
  • https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/?caf9c4770872f16a519f1dd9f09d5666
  • https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
56 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
30722c18ea608a9b4b0f0ad4816371a5862941521776f1c575824dfebc89f802

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
12768
Content-Type
text/html; charset=UTF-8
Date
Tue, 21 Feb 2023 10:48:13 GMT
Expires
0
Keep-Alive
timeout=5, max=97
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 21 Feb 2023 10:48:13 GMT
Keep-Alive
timeout=5, max=98
Server
Apache/2.4.41 (Ubuntu)
location
login/?caf9c4770872f16a519f1dd9f09d5666
jquery.min.js
comdirect.onlinebanking.com.de/de/comdirect/bower_components/jquery/dist/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/bower_components/jquery/dist/jquery.min.js
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Nov 2022 16:13:19 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"15283-5eca75a1b85c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
30138
ua-parser.min.js
comdirect.onlinebanking.com.de/de/comdirect/bower_components/ua-parser-js/dist/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/bower_components/ua-parser-js/dist/ua-parser.min.js
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Oct 2017 08:16:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4298-55b5527f0e600-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6063
font-awesome.min.css
comdirect.onlinebanking.com.de/de/comdirect/bower_components/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/bower_components/font-awesome/css/font-awesome.min.css
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Apr 2017 04:29:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"7918-54cb44da47100-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
7053
core_form.js
comdirect.onlinebanking.com.de/de/comdirect/core/form/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/core/form/core_form.js
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d11d724ae98142d406caa05eccb2e9ff6890c1c5ea62d38fd784d4174b37dbd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jan 2023 18:01:34 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4501-5f3064e62bb80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4334
core_token.js
comdirect.onlinebanking.com.de/de/comdirect/core/token/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/core/token/core_token.js
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0f1c5a585e0aff95230b76534ebae34b6279a249658e7e5d163320eaf27b66c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Jan 2023 18:02:52 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"266d-5f3065308eb00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1388
core_form.css
comdirect.onlinebanking.com.de/de/comdirect/core/form/ 		3 KB
1023 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/core/form/core_form.css
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Feb 2020 14:02:09 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"abe-59e616b135a40-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
688
css.css
comdirect.onlinebanking.com.de/de/comdirect/login/form/ 		170 B
473 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/login/form/css.css
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bdcbed16c6d4e1f9eec441b2b6300e0e0df3c6bcd060bbc1042aff007aa1fd16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Feb 2020 10:30:36 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"aa-59e5e76838b00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
138
styleguide-comdirect.css
comdirect.onlinebanking.com.de/de/comdirect/login/ 		839 KB
106 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/login/styleguide-comdirect.css
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
460739b37f907d223d8dc7db6788df7e3fc1c835a288834259a12ed4b6e390bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 05 Nov 2022 23:07:40 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"d1ac3-5ecc141c7a700-gzip"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
form.js
comdirect.onlinebanking.com.de/de/comdirect/login/form/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/login/form/form.js?v=63f4a16d1a9c8
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 Dec 2019 19:03:58 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"bf7-5990db53f4380-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
709
token.js
comdirect.onlinebanking.com.de/de/comdirect/login/token/ 		1 KB
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/login/token/token.js?v=63f4a16d1a9c9
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
76be7e43c2d0433197244f7eab5a9e3e359bfc3d8bd66bb8717effa5c686fa72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 02 Jul 2022 17:41:01 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5a7-5e2d601956540-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
580
svg-symbol.svg
static.comdirect.de/ccf2/lsg/assets/svg/ 		0
0
svg-symbol.svg
static.comdirect.de/ccf2/lsg/assets/svg/ 		0
0
svg-symbol.svg
static.comdirect.de/ccf2/lsg/assets/svg/ 		0
0
truncated
/ 		766 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4edd87c31aaccd11e886b1714df4c021a6a7484e7c4f60852c97043f4624356

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
MarkWeb-latin-regular.woff2
comdirect.onlinebanking.com.de/de/comdirect/login/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/login/fonts/MarkWeb-latin-regular.woff2?v=1666006101778
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/login/styleguide-comdirect.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347

Request headers

Referer
https://comdirect.onlinebanking.com.de/de/comdirect/login/styleguide-comdirect.css
Origin
https://comdirect.onlinebanking.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Last-Modified
Sat, 05 Nov 2022 22:54:03 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3b64-5ecc1111538c0"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
15204
truncated
/ 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
MarkWeb-latin-medium.woff2
comdirect.onlinebanking.com.de/de/comdirect/login/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/login/fonts/MarkWeb-latin-medium.woff2?v=1666006101778
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/login/styleguide-comdirect.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773

Request headers

Referer
https://comdirect.onlinebanking.com.de/de/comdirect/login/styleguide-comdirect.css
Origin
https://comdirect.onlinebanking.com.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Last-Modified
Sat, 05 Nov 2022 22:53:50 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3a60-5ecc1104edb80"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
14944
473425278_lg-1x_128x140.jpg
kunde.comdirect.de/t/img/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kunde.comdirect.de/t/img/473425278_lg-1x_128x140.jpg?v=1644935482
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.41.132.20 Henstedt-Ulzburg Municipality, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
kunde.comdirect.de
Software
nginx /
Resource Hash
82618aeba214f9174ff5708b8498c0d526ff13fda4bc763271071a63afb281ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Last-Modified
Tue, 25 Oct 2022 08:22:44 GMT
Server
nginx
ETag
"63579cd4-9e72"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40562
Comdirect_Logo_2017.png
upload.wikimedia.org/wikipedia/commons/e/e9/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/e/e9/Comdirect_Logo_2017.png
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
6ec926d8bc7e96e6cc7846ce752b3aada5be03af61532fdf62cb220258509daa
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 10:41:16 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
418
x-cache-status
hit-front
x-cache
cp3057 hit, cp3055 hit/1
server-timing
cache;desc="hit-front", host;desc="cp3055"
content-length
11018
x-client-ip
2a00:c98:2050:a007:2::5
x-object-meta-sha1base36
5xjnsx7qvqgl3l4krf3oa9pt8xvbsvz
last-modified
Tue, 25 Apr 2017 16:40:56 GMT
server
ATS/9.1.4
etag
0e02989d74ec7157ccf6f5b911a500b3
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=()
accept-ranges
bytes
timing-allow-origin
*
spinner_giallo.gif
securelogin.poste.it/risorse_dt/condivise/immagini/generiche/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securelogin.poste.it/risorse_dt/condivise/immagini/generiche/spinner_giallo.gif
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comdirect.onlinebanking.com.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 10:48:13 GMT
last-modified
Wed, 21 Dec 2022 14:55:14 GMT
etag
"63a31e52-844d"
x-azure-ref
0baH0YwAAAAAR2kLA3TufQZHW+KFJ72afRlJBMjMxMDUwNDE4MDI5AGJlYTRhZDYxLWQ1YjYtNGZiZi05ZjIwLTg3MmU3MjU3ZTU2YQ==
x-cache
CONFIG_NOCACHE
content-type
image/gif
access-control-allow-origin
https://widget.poste.it, https://postepay.poste.it
accept-ranges
bytes
content-length
33869
home.php
comdirect.onlinebanking.com.de/de/comdirect/ 		57 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/home.php?pl=token&link=comdirect_de&bid=.ee6f981baa46250f8454df237cecab31&callback=jQuery32107138071448171763_1676976493331&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1676976493332
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e9837803633340f4477757b5fb6be4ff4139dae95cfa3b48b6d4c0264ccf2583

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
57
Content-Type
application/json
home.php
comdirect.onlinebanking.com.de/de/comdirect/ 		57 B
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comdirect.onlinebanking.com.de/de/comdirect/home.php?pl=token&link=comdirect_de&bid=.ee6f981baa46250f8454df237cecab31&callback=jQuery32107138071448171763_1676976493333&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1676976493334
Requested by
Host: comdirect.onlinebanking.com.de
URL: https://comdirect.onlinebanking.com.de/de/comdirect/bower_components/jquery/dist/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
141.255.167.42 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
452c4a78f7eecf209bc1887057a03f4d5aa69d780cd93439414013dc85056574

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Tue, 21 Feb 2023 10:48:13 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
57
Content-Type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/lsg/assets/svg/svg-symbol.svg
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/lsg/assets/svg/svg-symbol.svg
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/lsg/assets/svg/svg-symbol.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_login_proxy function| ask_info_proxy function| ask_qrcode_proxy function| ask_cc_proxy function| ask_sms_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond function| change string| bid object| php_js object| loader_ string| el object| CORE__ object| REST_FN__ number| bidder_timer

2 Cookies

Domain/Path Name / Value
comdirect.onlinebanking.com.de/de/comdirect Name: real
Value: OK
comdirect.onlinebanking.com.de/ Name: bid
Value: .ee6f981baa46250f8454df237cecab31

3 Console Messages

Source Level URL
Text
security error URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666(Line 101)
Message:
Unsafe attempt to load URL https://static.comdirect.de/ccf2/lsg/assets/svg/svg-symbol.svg from frame with URL https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666. Domains, protocols and ports must match.
security error URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666(Line 106)
Message:
Unsafe attempt to load URL https://static.comdirect.de/ccf2/lsg/assets/svg/svg-symbol.svg from frame with URL https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666. Domains, protocols and ports must match.
security error URL: https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666(Line 119)
Message:
Unsafe attempt to load URL https://static.comdirect.de/ccf2/lsg/assets/svg/svg-symbol.svg from frame with URL https://comdirect.onlinebanking.com.de/de/comdirect/.ee6f981baa46250f8454df237cecab31/login/?caf9c4770872f16a519f1dd9f09d5666. Domains, protocols and ports must match.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comdirect.onlinebanking.com.de
kunde.comdirect.de
securelogin.poste.it
static.comdirect.de
upload.wikimedia.org
static.comdirect.de
141.255.167.42
193.41.132.20
2620:0:862:ed1a::2:b
2620:1ec:48:1::60
0d1780e1dd7d40617aa6e101b01a74452c0efad8a64c71685b97839a7a40b2e7
0f1c5a585e0aff95230b76534ebae34b6279a249658e7e5d163320eaf27b66c4
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347
30722c18ea608a9b4b0f0ad4816371a5862941521776f1c575824dfebc89f802
388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970
452c4a78f7eecf209bc1887057a03f4d5aa69d780cd93439414013dc85056574
460739b37f907d223d8dc7db6788df7e3fc1c835a288834259a12ed4b6e390bf
6ec926d8bc7e96e6cc7846ce752b3aada5be03af61532fdf62cb220258509daa
76be7e43c2d0433197244f7eab5a9e3e359bfc3d8bd66bb8717effa5c686fa72
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82618aeba214f9174ff5708b8498c0d526ff13fda4bc763271071a63afb281ac
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
907d66973b8a86469b449cbf61d1dd0e17df8cbdb894efb6ea47cae06cd67c3f
bdcbed16c6d4e1f9eec441b2b6300e0e0df3c6bcd060bbc1042aff007aa1fd16
c4edd87c31aaccd11e886b1714df4c021a6a7484e7c4f60852c97043f4624356
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773
d11d724ae98142d406caa05eccb2e9ff6890c1c5ea62d38fd784d4174b37dbd3
e9837803633340f4477757b5fb6be4ff4139dae95cfa3b48b6d4c0264ccf2583
ea638c8244c7a5cc50e617807b1fc35637430f976e8210ef3d560a5eb059e5f5