![](/screenshots/ef4ca506-0727-4e43-adda-9372e6a4be5a.png)
direct-zertifikat.com
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Effective URL: https://direct-zertifikat.com/
Submission: On January 19 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on January 1st 2024. Valid for: 3 months.
This is the only time direct-zertifikat.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 2606:4700:303... 2606:4700:3031::ac43:dd69 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
comdirect-sign.com
1 redirects
comdirect-sign.com |
2 KB |
1 |
direct-zertifikat.com
direct-zertifikat.com |
344 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
7 | 3 |
Domain | Requested by | |
---|---|---|
2 | comdirect-sign.com | 1 redirects |
1 | direct-zertifikat.com |
comdirect-sign.com
|
0 | mdnleldcmiljblolnjhpnblkcekpdkpa Failed |
direct-zertifikat.com
|
7 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.comdirect.de |
kunde.comdirect.de |
magazin.comdirect.de |
jobs.commerzbank.com |
community.comdirect.de |
www.facebook.com |
twitter.com |
www.youtube.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
comdirect-sign.com E1 |
2024-01-17 - 2024-04-16 |
3 months | crt.sh |
direct-zertifikat.com GTS CA 1P5 |
2024-01-01 - 2024-03-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://direct-zertifikat.com/
Frame ID: 8CD09A2CD8F2D378FB0DF7322C1BE5A8
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/ef4ca506-0727-4e43-adda-9372e6a4be5a.png)
Page Title
comdirect Login - Ihr Online Banking & Brokerage | comdirect.dePage URL History Show full URLs
-
http://comdirect-sign.com/
HTTP 301
https://comdirect-sign.com/ Page URL
- https://direct-zertifikat.com/ Page URL
Page Statistics
37 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Musterdepot
Search URL Search Domain Scan URL
Title: B2B
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Informer
Search URL Search Domain Scan URL
Title: Girokonto
Search URL Search Domain Scan URL
Title: Geldanlage
Search URL Search Domain Scan URL
Title: Depot
Search URL Search Domain Scan URL
Title: Wertpapierhandel
Search URL Search Domain Scan URL
Title: Kredite
Search URL Search Domain Scan URL
Title: Hilfe & Service
Search URL Search Domain Scan URL
Title: Zugangsdaten vergessen? Zugang gesperrt?
Search URL Search Domain Scan URL
Title: Konto eröffnen
Search URL Search Domain Scan URL
Title: Depot eröffnen
Search URL Search Domain Scan URL
Title: Kostenfreie Registrierung für "Meine comdirect" und "comdirect community"
Search URL Search Domain Scan URL
Title: comdirect Newsletter: Gutes für Ihr Geld Jeden Monat Spannendes zum Thema Finanzen – jetzt kostenlos anmelden
Search URL Search Domain Scan URL
Title: Fragen und Antworten zur Tagesgeld PLUS-Aktion
Search URL Search Domain Scan URL
Title: Bitte beachten Sie auch unsere weiteren Sicherheitshinweise
Search URL Search Domain Scan URL
Title: Karte sperren
Search URL Search Domain Scan URL
Title: Über uns
Search URL Search Domain Scan URL
Title: Presse
Search URL Search Domain Scan URL
Title: Magazin
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Apps
Search URL Search Domain Scan URL
Title: Kunden werben Kunden
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Datenschutz
Search URL Search Domain Scan URL
Title: Sicherheit
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: AGB
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://comdirect-sign.com/
HTTP 301
https://comdirect-sign.com/ Page URL
- https://direct-zertifikat.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://comdirect-sign.com/ HTTP 301
- https://comdirect-sign.com/
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
comdirect-sign.com/ Redirect Chain
|
132 B 735 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
direct-zertifikat.com/ |
1 MB 344 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
customElements.js
mdnleldcmiljblolnjhpnblkcekpdkpa/libs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
customElements.js
mdnleldcmiljblolnjhpnblkcekpdkpa/libs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
customElements.js
mdnleldcmiljblolnjhpnblkcekpdkpa/libs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
customElements.js
mdnleldcmiljblolnjhpnblkcekpdkpa/libs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
customElements.js
mdnleldcmiljblolnjhpnblkcekpdkpa/libs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
868 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
69 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
235 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mdnleldcmiljblolnjhpnblkcekpdkpa
- URL
- chrome-extension://mdnleldcmiljblolnjhpnblkcekpdkpa/libs/customElements.js
- Domain
- mdnleldcmiljblolnjhpnblkcekpdkpa
- URL
- chrome-extension://mdnleldcmiljblolnjhpnblkcekpdkpa/libs/customElements.js
- Domain
- mdnleldcmiljblolnjhpnblkcekpdkpa
- URL
- chrome-extension://mdnleldcmiljblolnjhpnblkcekpdkpa/libs/customElements.js
- Domain
- mdnleldcmiljblolnjhpnblkcekpdkpa
- URL
- chrome-extension://mdnleldcmiljblolnjhpnblkcekpdkpa/libs/customElements.js
- Domain
- mdnleldcmiljblolnjhpnblkcekpdkpa
- URL
- chrome-extension://mdnleldcmiljblolnjhpnblkcekpdkpa/libs/customElements.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 00 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff nosniff |
X-Frame-Options | SAMEORIGIN SAMEORIGIN |
X-Xss-Protection | 1; mode=block 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
comdirect-sign.com
direct-zertifikat.com
mdnleldcmiljblolnjhpnblkcekpdkpa
mdnleldcmiljblolnjhpnblkcekpdkpa
2606:4700:3031::ac43:dd69
2a06:98c1:3120::3
094fca23bebf2b5e153fed30206f18c64984233ff6782970cb27e11124160c3e
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347
388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970
9ecbcec6986ce5142305b30f9f8301b000cc9dd06f09aa598a3be665f5a4a183
a1f3315968385dcd208818a830f1cb7e95bf869bf126ef5751979781dbf86cf1
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773