commerzbank.sicherheitsmedium.com Open in urlscan Pro
2606:4700:3031::ac43:c87c  Malicious Activity! Public Scan

93 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request first.php Show response commerzbank.sicherheitsmedium.com/steps/	263 KB 37 KB	750ms 641ms	Document text/html	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c75d76538f1ed3bf70876d05f7249c1b5cc81ac542d61abaf1b48eef4fd7fac Security Headers Name Value X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN SAMEORIGIN X-Xss-Protection 1; mode=block 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 89cd6ec6fb2a3a90-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 02 Jul 2024 08:58:13 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache referrer-policy same-origin same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oc1Z2YYLO2odyWcE9fp7K%2BHmvRKabfqAY9St4FzKSglV4EydXAcH9WdmVstYk4XDez3kNYXOZQ5hD7FETy29yt5gM0%2BSFFdVDFTOc93D0YHn1mrITPKV0sZpzNqLySGRzievVoR3N7U29POHEetCySTWvZ9IOb2LyO1WtQ4HqmA%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff nosniff x-frame-options SAMEORIGIN SAMEORIGIN x-permitted-cross-domain-policies master-only master-only x-xss-protection 1; mode=block 1; mode=block
GET H2	200	js Show response commerzbank.sicherheitsmedium.com/steps/style/	207 KB 207 KB	238ms 237ms	Script application/octet-stream	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/js Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ddf54acd03e43f1a01a7aa571d7528b16414fc7af6ea280ccbe211730f4e62 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 211709 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:49 GMT server cloudflare etag "66803eb1-33afd" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Myk8UuV6CTXqwJdfztPNYGd2TzD%2Bud8u1d2wvXxtEgtbkbuYUGT4hz64dyVx10fTZlJPDDPsreYMGKCP4NVbD5i0mAYnCF6AkmMG%2FiWVbS6p6XpODj1o3Bu%2BPAvB%2FnJKVTmIJeKnoImuIwlaiU2uSGylh7zuBQ%2F%2BC0g14mfgNMg%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecb1fff3a90-FRA
GET H2	200	analytics.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	49 KB 49 KB	242ms 241ms	Script application/octet-stream	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/analytics.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 50234 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:20 GMT server cloudflare etag "66803e94-c43a" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2P2tVCWp%2FlTFwwsxw50SCbNHnHVEXjS1EPkY1vANo5pnpdRnlCSzCjxYn1pknVuLoePDsvWSzOYFhgwR8dbgbHQVQDyrnEDpeyMBRzVCSMplOeDiuyRXSZHoPPrXR7yYAuoUhb0UC3aQ86%2B1J2z8gh%2F397Dgm1AXkHHppyz7jk%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecb18033a90-FRA
GET H3	200	gtm.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	361 KB 362 KB	239ms 238ms	Script application/octet-stream	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/gtm.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd45a95c65508de334953d77e9dbbb7bf674743f9cf25a92b6f45f4c57a07074 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:14 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 369756 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:05:08 GMT server cloudflare etag "66803ec4-5a45c" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QzblQLv5mAvWLUuvDvxVBl88U2iWjvZEySfy8uCIuGc3VZA4AWdN5e8yECBKsa3gMuf%2BrHvFaOIWTSaaYft5whz8U%2Fkl8E1f1Y8nSfpHfVU3UUKwSihzX0KSwwV%2FPpfe4UoceV%2B4TkO2TB4uQKDlZE0lD0Q%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecd69369751-FRA
GET H3	200	main.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	25 KB 25 KB	244ms 243ms	Script application/octet-stream	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/main.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:14 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 25294 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:16 GMT server cloudflare etag "66803e90-62ce" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1sbofIy6R4sCnj6lmZ9xTBLJigL7U7ftIyed6NZZkeDrJxtnBVxil1fJFBc%2B2EJ%2BZ9iOihNvkypLsZkdn4yXb3XB1NE6E8gk4USdBQfmPx79cDzi5OnCbSITZK1mRX6XPmgUalwF1eprcUAB49HzVZ3sYjY%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecd693f9751-FRA
GET H2	200	ruxitagentjs_ICA27NVfqrux_10259230221142207.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	222 KB 223 KB	217ms 216ms	Script application/octet-stream	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/ruxitagentjs_ICA27NVfqrux_10259230221142207.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fcac0584d499c6043e09c4550453ed5428f9f7a5181271d66df95b6e8c63b4f4 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 227439 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:53 GMT server cloudflare etag "66803eb5-3786f" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EPmiqEy2LLVZTuQkjboq9w7XOAS6pCl1ElGX9uO%2FbdZre84sP1Nfx2Ih1jP5PFw6XsC2CBRYzHBErrlsBkJvl2YSBnIZFKX1rnW16To51fkHkTWroVTNAe4HRP7JvpTEniAGXW%2BqdocpYM%2BD%2FfMMNNS7sByvMIILLhlQ82d0Vs%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecb1ff83a90-FRA
GET H2	200	main.css commerzbank.sicherheitsmedium.com/steps/style/	393 KB 110 KB	98ms 97ms	Stylesheet text/css	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/main.css Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e0770b15f1fdbb6af1330e27b64e75a023de8daae7bd867ff43f86f9e20d365 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 222603 alt-svc h3=":443"; ma=86400 last-modified Sat, 29 Jun 2024 17:05:09 GMT server cloudflare etag W/"66803ec5-62554" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vVMgHZE4RTALxf0uYNKiStEiM%2FM%2B3n6jsqleDMQ22vSh1pMdRuU3ZUlGinT2mbYDYYXILiWoFmLU3xn%2BWCziRjfHLuscx%2BSCnn7UFVSRUs0yTChfKr1jx7MNJb4I6n8%2BsXgZ8pnpZV%2FhmOAx3nBQIGVxxjWgSwD2ciLalVZpeUI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=315360000 cf-ray 89cd6ecb1fec3a90-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	cms.css commerzbank.sicherheitsmedium.com/steps/style/	200 KB 83 KB	56ms 55ms	Stylesheet text/css	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/cms.css Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 46145 alt-svc h3=":443"; ma=86400 last-modified Sat, 29 Jun 2024 17:04:48 GMT server cloudflare etag W/"66803eb0-32190" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fG5Djx7kF61%2Bil3akYPNzWckhvPTAXts7aOTDVagHMEL9iecH%2F3RMO433RXBCigigMIjZb%2FOxv7gjNXKS7fZ5WO9rSbNK9b%2BrxmrargRQmUXhO51caj8caZJ0l6okCdhRMl3tpWqzFNoXh%2BiPayoEs6%2FfFtht5%2FoAfys1gyWq%2FU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=315360000 cf-ray 89cd6ecb1ff13a90-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery_1_12_4.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	95 KB 95 KB	98ms 98ms	Script application/octet-stream	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/jquery_1_12_4.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 97163 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:28 GMT server cloudflare etag "66803e9c-17b8b" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FgBx18SF6Sqdpp2pPJ0%2F7LU%2FIHJr%2FxxZZoQUSLGXSA5UGXe7PTiIAsBi0y7JdtUPpsofxQG6kKOD1qEWm5nkbrW4R3LwnRdzcvhHoFIYiW1CLHlMy4z7xJrKXE7H1NHq9%2BUK8HYueKxrHpG7M3AhcyZi9f%2BnD61NaaTPP%2F%2B70M%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecb1ffb3a90-FRA
GET H2	200	jquery_ui_1_12_1.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	248 KB 248 KB	233ms 232ms	Script application/octet-stream	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/jquery_ui_1_12_1.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 253669 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:05:00 GMT server cloudflare etag "66803ebc-3dee5" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYeTA61hroPEnk8H0gipsZ0s5CmSfDXJDKYLjE8O%2B9jd8IZAuTQuOh25vIRLsfYDftNXREhjfHO%2B%2F%2B7Y0n%2BZNHCGfudSAiY%2Bb2%2FZe%2BZgnUXuIUaHKgXmV7BJhh54XJx56YuO5te0bv3NPCdEEbGsprhRJ4z5U89vUs3uiHt4dd0%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecb18053a90-FRA
GET H2	200	lib_head.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	42 KB 42 KB	240ms 239ms	Script application/octet-stream	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/lib_head.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 42782 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:18 GMT server cloudflare etag "66803e92-a71e" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U25%2BKckD2FwUbI1zbWRj%2BrqjmVZTvHP1AHsdRnMJhaQWEnoVyOBkgiGEfDtOZhBjGiTfGQGIUeydoixLNXAa2teCxtqiqrkaAOOCBWntCW7HN0deLeHSstz21JHiJvKUKTMK6ijnxM1F8B6%2F5VgznlXDf7E51AigqYYjJ375Wzg%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecb18073a90-FRA
GET H2	200	lib_smartbanner.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	7 KB 8 KB	178ms 178ms	Script application/octet-stream	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/lib_smartbanner.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 7646 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:12 GMT server cloudflare etag "66803e8c-1dde" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ove8hsJ6PXb8VRmXCVJrY3r8hKO55BoNZGnlucmyQsvgW5ER7GhbtEOghA%2FwhtqLs0MfArRyFj7KAOljDXtaFAdOK5oYKdMNEfHIBpIKaSgTaRkdJVj%2FEmJPNklgJK2iGHR%2BFFGWjOJtSCzlwnkl4t9PBMK7MQMGEt218oKcrMo%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecb18093a90-FRA
GET H3	200	bundle.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	1 MB 1 MB	241ms 241ms	Script application/octet-stream	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/bundle.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de9819776f1e0b50fb71b4519029bd53dd167375f0175d61ea5b761af646872f Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:14 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 1240407 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:05:20 GMT server cloudflare etag "66803ed0-12ed57" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10v6MA6DOYiZX5AM5E3hxhaoU3h5N%2FGvW%2BJieb4FTpPCKX3iF6MujL4MfesLUYFvyqF2wRKe884XAZHoZAAaacRoaNwKo8UwNV7SNoLH4ehcJtTyg9PHGbdvF9BXwGaP8hvsPtdfT9%2F4pei8r2ZkhlfwXWU%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecd69459751-FRA
GET H2	200	lupe.png commerzbank.sicherheitsmedium.com/steps/style/	1 KB 2 KB	98ms 97ms	Image image/png	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://commerzbank.sicherheitsmedium.com/steps/style/lupe.png Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT cf-cache-status HIT last-modified Sat, 29 Jun 2024 17:04:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 222593 etag W/"66803e8c-51c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRXlI1o1Iv9xSaGiYDnyrdPZ5TxuShCfIaJLPff86WVn6rlCKJOqrue7lgvA5xijZh6qN9OtrcEYKfBpLruPbJ%2BfbBH7RK1YppSSQkw05ggqzioN4i8qaioSfoIYUj4FHJ9u0exxCRRKwSVbhe5UXJ5NaUifLRfyM1AYl7JDwUk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=315360000 cf-ray 89cd6ecb180a3a90-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	logo_big_svg.svg commerzbank.sicherheitsmedium.com/steps/style/	10 KB 3 KB	60ms 59ms	Image image/svg+xml	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://commerzbank.sicherheitsmedium.com/steps/style/logo_big_svg.svg Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:14 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 222533 alt-svc h3=":443"; ma=86400 last-modified Sat, 29 Jun 2024 17:04:12 GMT server cloudflare etag W/"66803e8c-2658" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXt4zfTdDYF8nXNi%2FNt7hu3E9TuehVMASjv%2FkO5dRNhkI%2FLtbus6r7Ft2%2Bs28MbbdzLCMr7foa7PBRGjZTou8GUS7514rKOiH3GLeYYf3SF3LUeBxVYeAhWOyeq%2FQ%2BJy7EW9KRPkRCtHqKD2XfKwUWBcHJU%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=315360000 cf-ray 89cd6ecd69479751-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	neu_png.png commerzbank.sicherheitsmedium.com/steps/style/	3 KB 3 KB	98ms 97ms	Image image/png	2606:4700:3031::ac43:c87c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://commerzbank.sicherheitsmedium.com/steps/style/neu_png.png Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:c87c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd849416f7159e929aa1eb508f512883ad32bce35294be61f444be730dccf3f6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT cf-cache-status HIT last-modified Sat, 29 Jun 2024 17:04:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 222592 etag W/"66803e8d-bc1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJiDcmc2YOQqJl8o%2FTUCpH2J5N9SLGtEOrDyiN7yioB%2BOIDF9mh8io9aq6wGjpK6dF%2BYFktwbtgfIoUVD0FrsJFrKWfmR%2FGyt4bciANcTazIfizPAhqj0sOooyDklOlsAQF3Sv630nBBNUhZ4W6aetd7f4K%2FRdfpab%2FssnRHw8A%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=315360000 cf-ray 89cd6ecb58463a90-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	logo_big_svg.svg kunden.commerzbank.de/portal/media/system/images/	10 KB 3 KB	148ms 45ms	Image image/svg+xml	212.149.50.15 COMMERZBANK DE-60...
General Check archive.org Show headers Download Go to Show image Full URL https://kunden.commerzbank.de/portal/media/system/images/logo_big_svg.svg Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE), Reverse DNS kunden.commerzbank.de Software Apache / Resource Hash 2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Tue, 02 Jul 2024 08:58:13 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff Content-Encoding gzip Age 186 com-coba-cif-csrf-protection c0288d0fcf1971de8185e201bf2a93b14948c2e8eb54b9ecd7e2a424191d7b6f Connection Keep-Alive Content-Length 2841 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 07:02:28 GMT Server Apache etag "1768770567-gzip" x-frame-options DENY Vary Accept-Encoding content-language de Content-Type image/svg+xml Keep-Alive timeout=15, max=100 expires Tue, 02 Jul 2024 09:00:08 GMT
GET H3	200	lib_main.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	288 KB 289 KB	256ms 256ms	Script application/octet-stream	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/lib_main.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb4e5a4a25b095758e702317af5145988042cd4a5fb43866b8cdc6ddbd2da809 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:13 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 295015 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:05:04 GMT server cloudflare etag "66803ec0-48067" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JywUJNdc1b80CxD8vE779wzkadeo5on4gkp7g7oWYgcgkmQw3gA8vtbCxHkbInVeDZ8XdQ7SR6xNd8%2FeH9u8T84Lzf6FQgz1WO%2B7Khyc8T3D2SjwYZWPT85zq2GZCutuYpeyz%2Fgl0ge%2FN4%2B90jXy05LkLxM%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecbff639751-FRA
GET H3	200	lib_cms.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/	24 KB 25 KB	306ms 306ms	Script application/octet-stream	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/lib_cms.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:14 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 25041 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:16 GMT server cloudflare etag "66803e90-61d1" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=giM63%2FitGXUXW40uCryBd4PmcBq7nmK%2F8pyvrCTSeG%2FE8l%2BX4fbVz7HMin0IETSYoyfcq1PHuqfgk%2BTBW91E56Ow8VewWs6jSwNR9g5BTzjxICbTKjmjY1ucjOQJrpHCxuw6dQOcxYHFSVD5oox1bSGL4pk%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecce89f9751-FRA
GET DATA	200 OK	truncated /	17 KB 17 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0 Request headers Referer Origin https://commerzbank.sicherheitsmedium.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	17 KB 17 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75 Request headers Referer Origin https://commerzbank.sicherheitsmedium.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Content-Type application/x-font-woff
GET H3	200	icons_woff.woff commerzbank.sicherheitsmedium.com/steps/style/	40 KB 26 KB	86ms 86ms	Font application/font-woff	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/icons_woff.woff Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/style/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876 Request headers Referer https://commerzbank.sicherheitsmedium.com/steps/style/main.css Origin https://commerzbank.sicherheitsmedium.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:14 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 222533 alt-svc h3=":443"; ma=86400 last-modified Sat, 29 Jun 2024 17:04:18 GMT server cloudflare etag W/"66803e92-9e84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abB5BxSzT%2FoQhvY2zLaYENaCNGTIzqdanZwqT9Efo30fJM50UYA7ZlRjniwACP5ETpFspXPXnEjIdU6xcdpfD%2FxYI1IyaBya4ieUDiF634iIpjp%2B2JC4vT3CIBr0mpEiVPDAt3%2B9eP0Pzfhm9p6Trlb7oS4%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff access-control-allow-origin * cache-control max-age=315360000 cf-ray 89cd6ecd99769751-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	cdcs-iframe-index.html Show response commerzbank.sicherheitsmedium.com/steps/style/ Frame CA39	3 KB 1 KB	137ms 137ms	Document text/html	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/cdcs-iframe-index.html Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39ca3262a54d7fcaa62bde03b75816f49712c76d13e0fc053edbf4b6618e155d Security Headers Name Value X-Content-Type-Options nosniff nosniff X-Frame-Options SAMEORIGIN SAMEORIGIN X-Xss-Protection 1; mode=block 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 89cd6ecedb529751-FRA content-encoding br content-type text/html date Tue, 02 Jul 2024 08:58:14 GMT last-modified Sat, 29 Jun 2024 17:04:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk1xf8GRPyO7EaUjgYXRAcq%2BcR8ruOZ8%2Fcmh%2BOlD%2Bi6n2xmmFYrBUFH1%2BFDVRlnHT9V4vqdOe6gVFpi8%2BdFaqACpQMe%2FWBM6pRTfyRPAEvmpBTx7aSv6MgirJ%2FEt1OjP%2Fajjdm2L12DksyNwUXzS7z6eYYU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff nosniff x-frame-options SAMEORIGIN SAMEORIGIN x-permitted-cross-domain-policies master-only master-only x-xss-protection 1; mode=block 1; mode=block
GET H3	404	main.js commerzbank.sicherheitsmedium.com/portal/media/system/usercentrics/	0 0	333ms 333ms	Script text/html	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/portal/media/system/usercentrics/main.js?_c=1655798153801 Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/first.php User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:14 GMT content-encoding br cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ZDRhGjYXJSJOJX4mnBUlpBJ4dHtWtQzUYmZkdSmE5bS54tUz3bUNadtRgfz6xPRwsihOKNqRjlhgajpl58237KfEVwMHqgDbcaFJgShsTTirI8e6BwsIan3yEJQS%2BVosZTBzOTqfTgLS6V%2Be1Z9kXSOkAA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 89cd6ecedb4a9751-FRA alt-svc h3=":443"; ma=86400
GET H3	200	cdcs.js.download Show response commerzbank.sicherheitsmedium.com/steps/style/ Frame CA39	4 KB 5 KB	111ms 110ms	Script application/octet-stream	172.67.200.124 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://commerzbank.sicherheitsmedium.com/steps/style/cdcs.js.download Requested by Host: commerzbank.sicherheitsmedium.com URL: https://commerzbank.sicherheitsmedium.com/steps/style/cdcs-iframe-index.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.200.124 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 000bfe8646b40a3477c4620164e12bc76e5a232c4ba54a43a9e6ed95f88035f2 Security Headers Name Value X-Content-Type-Options nosniff, nosniff X-Frame-Options SAMEORIGIN, SAMEORIGIN X-Xss-Protection 1; mode=block, 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/steps/style/cdcs-iframe-index.html User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers date Tue, 02 Jul 2024 08:58:14 GMT x-content-type-options nosniff, nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies master-only, master-only alt-svc h3=":443"; ma=86400 content-length 4327 x-xss-protection 1; mode=block, 1; mode=block referrer-policy same-origin, same-origin last-modified Sat, 29 Jun 2024 17:04:10 GMT server cloudflare etag "66803e8a-10e7" vary Accept-Encoding x-frame-options SAMEORIGIN, SAMEORIGIN content-type application/octet-stream report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpd7Xyj7lHN8l8KFtX4BNv4dG%2FBepSp3LDjc7PuHCPr%2BA5nSu%2FW0oiZTsl%2FohIP2qBZorN2oBITD3mHk2rzMk2ppf1b%2B9WzQ7bqXutXFLXKGmXc6IEFeMaIoYDJHPkBll1kBt5mTxpaz9hYBknU%2B3oPVjyk%3D"}],"group":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 89cd6ecfccc89751-FRA
GET H/1.1	200 OK	favicon.ico kunden.commerzbank.de/portal/media/system/images/	1 KB 2 KB	44ms 44ms	Other image/x-icon	212.149.50.15 COMMERZBANK DE-60...
General Check archive.org Show headers Download Go to Full URL https://kunden.commerzbank.de/portal/media/system/images/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 212.149.50.15 , Germany, ASN16365 (COMMERZBANK DE-60261 Frankfurt, DE), Reverse DNS kunden.commerzbank.de Software Apache / Resource Hash b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://commerzbank.sicherheitsmedium.com/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36 Response headers Date Tue, 02 Jul 2024 08:58:14 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff Age 184 com-coba-cif-csrf-protection 75e6162c6cda8fbaa6e51cb5f0a479566c2ea5c2066ed3996d6a62e851bffc0c Connection Keep-Alive content-length 1150 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 06:53:37 GMT Server Apache etag "-2142574179" x-frame-options SAMEORIGIN content-language de Content-Type image/x-icon Keep-Alive timeout=15, max=99 expires Tue, 02 Jul 2024 08:50:10 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Commerzbank (Banking)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| consentDataProcessors undefined| localUCSettings undefined| consent undefined| dataProcessorAvailable function| gtag object| allowedTags string| curUrl string| openAreaGuidelines string| closedAreaGuidelines string| uaID object| dataLayer object| domainParts string| mainDomain function| setCookie function| affiliateOptOut string| webtrekkEnabled boolean| userIsLoggedIn object| ccb_cif function| reloadActualLocation boolean| consentPA object| usercentrics string| uscmainjs

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			commerzbank.sicherheitsmedium.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 56fkgb0kb40oqtuguask6e31k0

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/analytics.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/ruxitagentjs_ICA27NVfqrux_10259230221142207.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/jquery_1_12_4.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/js' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/jquery_ui_1_12_1.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/lib_head.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/lib_smartbanner.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/lib_main.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/lib_cms.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/main.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/gtm.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/style/cdcs-iframe-index.html Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/cdcs.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://commerzbank.sicherheitsmedium.com/steps/first.php Message: Refused to execute script from 'https://commerzbank.sicherheitsmedium.com/steps/style/bundle.js.download' because its MIME type ('application/octet-stream') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://commerzbank.sicherheitsmedium.com/portal/media/system/usercentrics/main.js?_c=1655798153801 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

commerzbank.sicherheitsmedium.com
kunden.commerzbank.de
172.67.200.124
212.149.50.15
2606:4700:3031::ac43:c87c
000bfe8646b40a3477c4620164e12bc76e5a232c4ba54a43a9e6ed95f88035f2
18502a76a13c8dd95fbcf1775e4b6178680fb394b229fafcef1b5eb43a821b10
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2a75c64cb8c3aeb7705e8822c14a4ad9da1713c0bd48d0258afd6d38b858b9da
39ca3262a54d7fcaa62bde03b75816f49712c76d13e0fc053edbf4b6618e155d
4b48ccbcd85f7545fccc4bdaa6828fe91d37c6ef709d4667ea58451adf888537
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
63ddf54acd03e43f1a01a7aa571d7528b16414fc7af6ea280ccbe211730f4e62
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c75d76538f1ed3bf70876d05f7249c1b5cc81ac542d61abaf1b48eef4fd7fac
88f9247ef9ead1e10ed09369827fb9a34242c5bf454713ac1831ab3c732192e0
8aa8c539b7372deed1fbab206a6fd97d0eafb1b5f687f68d9355e3ef695d11b2
8e0cac4821c935482392023f91f3c6814b9c2337ec4dabadf995b5fb95f61a75
9e0770b15f1fdbb6af1330e27b64e75a023de8daae7bd867ff43f86f9e20d365
b52db98725cfebc3ea28099617bd8ec31fe8fb5cf63d8d30d1c375fd64c19876
b57d084be329f699adf45f348903727d23c31d63235ba7502e4b5d0003f18187
bd849416f7159e929aa1eb508f512883ad32bce35294be61f444be730dccf3f6
c33a649699a0dba95a5914251da89c9a6439c07cad273e1138245c012169738b
c8e683962d559a6bd04c714014c2f11b5dec89c371c6231923cab3a1c77f20c2
cb4e5a4a25b095758e702317af5145988042cd4a5fb43866b8cdc6ddbd2da809
dd45a95c65508de334953d77e9dbbb7bf674743f9cf25a92b6f45f4c57a07074
de9819776f1e0b50fb71b4519029bd53dd167375f0175d61ea5b761af646872f
fcac0584d499c6043e09c4550453ed5428f9f7a5181271d66df95b6e8c63b4f4
ff61b5346eb152cdaa59aa8a7b5238707cac667e4d3bbea2e66862b1b1b94358