urlscan.io logo urlscan.io
SecurityTrails logo

www.comdirect.de Open in urlscan Pro
193.41.133.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://comdirect.de-sicherheit.co/
Effective URL: https://www.comdirect.de/
Submission: On July 25 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 26 HTTP transactions. The main IP is 193.41.133.1, located in Hamburg, Germany and belongs to COMMERZBANK, DE. The main domain is www.comdirect.de. The Cisco Umbrella rank of the primary domain is 205256.
TLS certificate: Issued by GlobalSign Extended Validation CA - S... on November 27th 2023. Valid for: a year.
This is the only time www.comdirect.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 92.255.78.210 9123 (TIMEWEB-AS)
1 3 193.41.133.1 16107 (COMMERZBANK)
5 193.41.133.18 16107 (COMMERZBANK)
26 3
Apex Domain
Subdomains		 Transfer
8 comdirect.de
comdirect.de — Cisco Umbrella Rank: 135563
www.comdirect.de — Cisco Umbrella Rank: 205256
static.comdirect.de — Cisco Umbrella Rank: 299093
231 KB
1 de-sicherheit.co
comdirect.de-sicherheit.co
238 B
26 2
Domain Requested by
5 static.comdirect.de www.comdirect.de
2 www.comdirect.de www.comdirect.de
1 comdirect.de 1 redirects
1 comdirect.de-sicherheit.co 1 redirects
26 4
Subject Issuer Validity Valid
www.comdirect.de
GlobalSign Extended Validation CA - SHA256 - G3		 2023-11-27 -
2024-12-28		 a year crt.sh
static.comdirect.de
GlobalSign Extended Validation CA - SHA256 - G3		 2023-11-27 -
2024-12-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.comdirect.de/
Frame ID: 4A2549430F310F508D343904840944FA
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

mehr verstehen, mehr vermögen. | comdirect.de

Page URL History Show full URLs

  1. https://comdirect.de-sicherheit.co/ HTTP 302
    https://comdirect.de/ HTTP 301
    https://www.comdirect.de/ Page URL

Page Statistics

26
Requests

27 %
HTTPS

0 %
IPv6

2
Domains

4
Subdomains

3
IPs

2
Countries

231 kB
Transfer

2459 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://comdirect.de-sicherheit.co/ HTTP 302
    https://comdirect.de/ HTTP 301
    https://www.comdirect.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.comdirect.de/
Redirect Chain
  • https://comdirect.de-sicherheit.co/
  • https://comdirect.de/
  • https://www.comdirect.de/
1 MB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.comdirect.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.41.133.1 Hamburg, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
www.comdirect.de
Software
nginx /
Resource Hash
a62d0cefb84d627242b190e63e1ad5cdbf31d7da117bc1c4eba8733b7ac4426c
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://www.comdirect.de https://protrader.comdirect.de https://kunde.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://community.comdirect.de/ https://eurex.comdirect.de https://chartanalyzer.comdirect.de https://chartanalyzer-test.comdirect.de ;style-src 'self' https://static.comdirect.de/ccf2/ 'unsafe-inline' ;script-src 'self' 'strict-dynamic' 'nonce-9255466c45274fc9a49ba9ea4b921921' https://static.comdirect.de/ccf2/ https://www.comdirect.de/cms/ https://www.comdirect.de/ngtx/assets/ https://www.comdirect.de/ngbrk/assets/ https://static.comdirect.de/ngtx/assets/ https://static.comdirect.de/ngbrk/assets/ 'unsafe-eval' 'unsafe-inline' ;base-uri 'self' ;form-action 'self' https://www.comdirect.de https://kunde.comdirect.de https://protrader.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://geldautomaten.comdirect.de/ https://cfd.comdirect.de/ https://community.comdirect.de/ https://wissen-stage.comdirect.de/ https://chartanalyzer.comdirect.de https://chartanalyzer-test.comdirect.de https://eurex.comdirect.de ;media-src https://www.comdirect.de https://kunde.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de ;frame-src 'self' https://www.comdirect.de https://b2b.comdirect.de https://static.comdirect.de https://kunde.comdirect.de ;frame-ancestors 'self' ;img-src data: 'self' https://www.comdirect.de https://kunde.comdirect.de https://protrader.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://charts.comdirect.de https://charts.test.comdirect.de https://daten.comdirect.de https://community.comdirect.de https://eurex.comdirect.de ;default-src 'self' ;font-src data: 'self' https://static.comdirect.de/ccf2/ ;report-uri https://www.comdirect.de/cp/csp/reports ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

cache-control
no-cache, no-store, max-age=0 no-cache, no-store, max-age=0
content-encoding
gzip
content-language
de-DE
content-security-policy
connect-src 'self' https://www.comdirect.de https://protrader.comdirect.de https://kunde.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://community.comdirect.de/ https://eurex.comdirect.de https://chartanalyzer.comdirect.de https://chartanalyzer-test.comdirect.de ;style-src 'self' https://static.comdirect.de/ccf2/ 'unsafe-inline' ;script-src 'self' 'strict-dynamic' 'nonce-9255466c45274fc9a49ba9ea4b921921' https://static.comdirect.de/ccf2/ https://www.comdirect.de/cms/ https://www.comdirect.de/ngtx/assets/ https://www.comdirect.de/ngbrk/assets/ https://static.comdirect.de/ngtx/assets/ https://static.comdirect.de/ngbrk/assets/ 'unsafe-eval' 'unsafe-inline' ;base-uri 'self' ;form-action 'self' https://www.comdirect.de https://kunde.comdirect.de https://protrader.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://geldautomaten.comdirect.de/ https://cfd.comdirect.de/ https://community.comdirect.de/ https://wissen-stage.comdirect.de/ https://chartanalyzer.comdirect.de https://chartanalyzer-test.comdirect.de https://eurex.comdirect.de ;media-src https://www.comdirect.de https://kunde.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de ;frame-src 'self' https://www.comdirect.de https://b2b.comdirect.de https://static.comdirect.de https://kunde.comdirect.de ;frame-ancestors 'self' ;img-src data: 'self' https://www.comdirect.de https://kunde.comdirect.de https://protrader.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://charts.comdirect.de https://charts.test.comdirect.de https://daten.comdirect.de https://community.comdirect.de https://eurex.comdirect.de ;default-src 'self' ;font-src data: 'self' https://static.comdirect.de/ccf2/ ;report-uri https://www.comdirect.de/cp/csp/reports ;
content-type
text/html;charset=UTF-8
date
Thu, 25 Jul 2024 08:59:22 GMT
etag
W/"66a10f65-fe06"
last-modified
Wed, 24 Jul 2024 14:27:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

content-length
0
location
https://www.comdirect.de/
server
BigIP
strict-transport-security
max-age=31536000; includeSubDomains; preload
MarkWeb-latin-regular.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-regular.woff2?v=1720758321629
Requested by
Host: www.comdirect.de
URL: https://www.comdirect.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.41.133.18 Hamburg, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software
nginx /
Resource Hash
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347

Request headers

Referer
https://www.comdirect.de/
Origin
https://www.comdirect.de
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 08:59:22 GMT
last-modified
Sun, 14 Jul 2024 22:13:56 GMT
server
nginx
etag
"66944da4-3b64"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15204
MarkWeb-latin-medium.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-medium.woff2?v=1720758321629
Requested by
Host: www.comdirect.de
URL: https://www.comdirect.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.41.133.18 Hamburg, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software
nginx /
Resource Hash
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773

Request headers

Referer
https://www.comdirect.de/
Origin
https://www.comdirect.de
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 08:59:22 GMT
last-modified
Sun, 14 Jul 2024 22:13:24 GMT
server
nginx
etag
"66944d84-3a60"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
14944
MarkWeb-latin-bold.woff2
static.comdirect.de/ccf2/lsg/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-bold.woff2?v=1720758321629
Requested by
Host: www.comdirect.de
URL: https://www.comdirect.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.41.133.18 Hamburg, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software
nginx /
Resource Hash
88f151f26d7582598781390eed26f60abfb543395da97d88c168e1f73a23b2f3

Request headers

Referer
https://www.comdirect.de/
Origin
https://www.comdirect.de
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 08:59:22 GMT
last-modified
Sun, 14 Jul 2024 22:13:24 GMT
server
nginx
etag
"66944d84-3c5c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15452
styleguide-comdirect.css
static.comdirect.de/ccf2/lsg/css/ 		681 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.comdirect.de/ccf2/lsg/css/styleguide-comdirect.css?v=1720758321629
Requested by
Host: www.comdirect.de
URL: https://www.comdirect.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.41.133.18 Hamburg, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.comdirect.de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 08:59:32 GMT
content-encoding
gzip
last-modified
Sun, 14 Jul 2024 22:13:24 GMT
server
nginx
etag
W/"66944d84-10b88f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
svg-symbol.svg
www.comdirect.de/ccf2/lsg/assets/svg/ 		48 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.comdirect.de/ccf2/lsg/assets/svg/svg-symbol.svg
Requested by
Host: www.comdirect.de
URL: https://www.comdirect.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.41.133.1 Hamburg, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
www.comdirect.de
Software
nginx /
Resource Hash

Request headers

Referer
https://www.comdirect.de/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 08:59:32 GMT
last-modified
Sun, 14 Jul 2024 22:13:56 GMT
server
nginx
etag
"66944da4-3b818"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
243736
truncated
/ 		909 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80051ed85b0802bd3493f6752b3be15cc46b27e33e51762741a722ac29f69895

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		881 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b091c7dfe1be0a01102aaa24a53600adde90e4f507d9d146045ccadc00489276

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
MarkWeb-latin-bold.woff2
www.comdirect.de/ccf2/lsg/assets/fonts/ 		0
0
comdirect-icon-font.woff2
www.comdirect.de/ccf2/lsg/assets/fonts/ 		0
0
MarkWeb-latin-regular.woff2
www.comdirect.de/ccf2/lsg/assets/fonts/ 		0
0
MarkWeb-latin-medium.woff2
www.comdirect.de/ccf2/lsg/assets/fonts/ 		0
0
allianz_big_thementeaser-sm-2x.jpg
www.comdirect.de/cms/img/ 		0
0
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cf31620a828135f162f13d15a6217d6a15825919a51cb839f25bb103d4748d3

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
consent-initial.module.js
static.comdirect.de/ccf2/modules/js/ 		0
0
cdb.kpiLogger.js
static.comdirect.de/ccf2/framework/ 		0
0
cdb.errorLogger.js
static.comdirect.de/ccf2/framework/ 		0
0
serviceWorker.init.js
static.comdirect.de/ccf2/scripts/serviceWorker/ 		0
0
TrackingLogger.js
static.comdirect.de/ccf2/scripts/tracking/ 		0
0
ECrmLogger.js
static.comdirect.de/ccf2/scripts/tracking/ 		0
0
ccf_core.module.js
static.comdirect.de/ccf2/modules/js/ 		0
0
bundle-common.js
static.comdirect.de/ccf2/lsg/js/ 		0
0
webcomponents-es2015.js
static.comdirect.de/ngtx/assets/wc/ 		505 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.comdirect.de/ngtx/assets/wc/webcomponents-es2015.js
Requested by
Host: www.comdirect.de
URL: https://www.comdirect.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.41.133.18 Hamburg, Germany, ASN16107 (COMMERZBANK, DE),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.comdirect.de/
Origin
https://www.comdirect.de
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 15_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.4 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 25 Jul 2024 08:59:32 GMT
content-encoding
gzip
last-modified
Sun, 14 Jul 2024 22:14:21 GMT
server
nginx
etag
W/"66944dbd-dbf94"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
SurferTrackingCaller.js
static.comdirect.de/ccf2/scripts/tracking/ 		0
0
jquery.cdb.config.js
static.comdirect.de/ccf2/plugins/js/ 		0
0
jquery.cdb.keepalive.js
static.comdirect.de/ccf2/plugins/js/ 		0
0
umfrage_counter.js
www.comdirect.de/cms/js/ 		0
0
jquery.s2.interhyp.js
static.comdirect.de/ccf2/plugins/js/ 		0
0
comdirect-icon-font.woff
www.comdirect.de/ccf2/lsg/assets/fonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.comdirect.de
URL
https://www.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-bold.woff2?v=1720758321629
Domain
www.comdirect.de
URL
https://www.comdirect.de/ccf2/lsg/assets/fonts/comdirect-icon-font.woff2?v=1720758321629
Domain
www.comdirect.de
URL
https://www.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-regular.woff2?v=1720758321629
Domain
www.comdirect.de
URL
https://www.comdirect.de/ccf2/lsg/assets/fonts/MarkWeb-latin-medium.woff2?v=1720758321629
Domain
www.comdirect.de
URL
https://www.comdirect.de/cms/img/allianz_big_thementeaser-sm-2x.jpg?v=1721751046
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/modules/js/consent-initial.module.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/framework/cdb.kpiLogger.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/framework/cdb.errorLogger.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/scripts/serviceWorker/serviceWorker.init.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/scripts/tracking/TrackingLogger.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/scripts/tracking/ECrmLogger.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/modules/js/ccf_core.module.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/lsg/js/bundle-common.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/scripts/tracking/SurferTrackingCaller.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/plugins/js/jquery.cdb.config.js?v=1720758321629
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/plugins/js/jquery.cdb.keepalive.js?v=1720758321629
Domain
www.comdirect.de
URL
https://www.comdirect.de/cms/js/umfrage_counter.js?v=1721838464
Domain
static.comdirect.de
URL
https://static.comdirect.de/ccf2/plugins/js/jquery.s2.interhyp.js?v=1720758321629
Domain
www.comdirect.de
URL
https://www.comdirect.de/ccf2/lsg/assets/fonts/comdirect-icon-font.woff?v=1720758321629

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getDigitalGoodsService

1 Cookies

Domain/Path Name / Value
www.comdirect.de/ Name: cookie_www_https
Value: !KUeugwNz4+c3bbbeYvioonC/9PFZ4x2ix5CESAZa/3agr/X4/AcSS5dv8u4FpzidpsxQE7GFX5Db

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https://www.comdirect.de https://protrader.comdirect.de https://kunde.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://community.comdirect.de/ https://eurex.comdirect.de https://chartanalyzer.comdirect.de https://chartanalyzer-test.comdirect.de ;style-src 'self' https://static.comdirect.de/ccf2/ 'unsafe-inline' ;script-src 'self' 'strict-dynamic' 'nonce-9255466c45274fc9a49ba9ea4b921921' https://static.comdirect.de/ccf2/ https://www.comdirect.de/cms/ https://www.comdirect.de/ngtx/assets/ https://www.comdirect.de/ngbrk/assets/ https://static.comdirect.de/ngtx/assets/ https://static.comdirect.de/ngbrk/assets/ 'unsafe-eval' 'unsafe-inline' ;base-uri 'self' ;form-action 'self' https://www.comdirect.de https://kunde.comdirect.de https://protrader.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://geldautomaten.comdirect.de/ https://cfd.comdirect.de/ https://community.comdirect.de/ https://wissen-stage.comdirect.de/ https://chartanalyzer.comdirect.de https://chartanalyzer-test.comdirect.de https://eurex.comdirect.de ;media-src https://www.comdirect.de https://kunde.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de ;frame-src 'self' https://www.comdirect.de https://b2b.comdirect.de https://static.comdirect.de https://kunde.comdirect.de ;frame-ancestors 'self' ;img-src data: 'self' https://www.comdirect.de https://kunde.comdirect.de https://protrader.comdirect.de https://b2b.comdirect.de https://nutzer.comdirect.de https://mobileapp.comdirect.de https://cfdapp.comdirect.de https://static.comdirect.de https://api.comdirect.de https://charts.comdirect.de https://charts.test.comdirect.de https://daten.comdirect.de https://community.comdirect.de https://eurex.comdirect.de ;default-src 'self' ;font-src data: 'self' https://static.comdirect.de/ccf2/ ;report-uri https://www.comdirect.de/cp/csp/reports ;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block