cmdirect.misecure.com
Open in
urlscan Pro
81.17.30.213
Malicious Activity!
Public Scan
Submission: On May 15 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 6th 2024. Valid for: 3 months.
This is the only time cmdirect.misecure.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Commerzbank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 81.17.30.213 81.17.30.213 | 51852 (PLI-AS) (PLI-AS) | |
7 | 2 |
ASN51852 (PLI-AS, PA)
PTR: hostedby.privatelayer.com
cmdirect.misecure.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
misecure.com
cmdirect.misecure.com |
536 KB |
7 | 1 |
Domain | Requested by | |
---|---|---|
7 | cmdirect.misecure.com |
cmdirect.misecure.com
|
7 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.comdirect.de |
cmoneypage.test |
kunde.comdirect.de |
www.facebook.com |
twitter.com |
www.youtube.com |
www.instagram.com |
magazin.comdirect.de |
www.commerzbank.de |
community.comdirect.de |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cmdirect.misecure.com R3 |
2024-05-06 - 2024-08-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cmdirect.misecure.com/cmd/
Frame ID: 196F8EEED5F10D4A7E679D68D4AB7A57
Requests: 15 HTTP requests in this frame
36 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Musterdepot
Search URL Search Domain Scan URL
Title: B2B
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Persönlicher Bereich
Search URL Search Domain Scan URL
Title: Informer
Search URL Search Domain Scan URL
Title: Girokonto
Search URL Search Domain Scan URL
Title: Geldanlage
Search URL Search Domain Scan URL
Title: Depot
Search URL Search Domain Scan URL
Title: Wertpapierhandel
Search URL Search Domain Scan URL
Title: Kredite
Search URL Search Domain Scan URL
Title: Hilfe & Service
Search URL Search Domain Scan URL
Title: Zugangsdaten vergessen?Zugang gesperrt?
Search URL Search Domain Scan URL
Title: Konto eröffnen
Search URL Search Domain Scan URL
Title: Depot eröffnen
Search URL Search Domain Scan URL
Title: Kostenfreie Registrierung für "Meine comdirect" und "comdirect community"
Search URL Search Domain Scan URL
Title: Mehr erfahren
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Über uns
Search URL Search Domain Scan URL
Title: Presse
Search URL Search Domain Scan URL
Title: Magazin
Search URL Search Domain Scan URL
Title: Karriere
Search URL Search Domain Scan URL
Title: Community
Search URL Search Domain Scan URL
Title: Apps
Search URL Search Domain Scan URL
Title: Kunden werben Kunden
Search URL Search Domain Scan URL
Title: Impressum
Search URL Search Domain Scan URL
Title: Datenschutz
Search URL Search Domain Scan URL
Title: Einwilligungseinstellungen
Search URL Search Domain Scan URL
Title: Sicherheit
Search URL Search Domain Scan URL
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
Title: AGB
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
cmdirect.misecure.com/cmd/ |
2 MB 460 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cmdirect.misecure.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sendformdata.js
cmdirect.misecure.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
formpubsub.js
cmdirect.misecure.com/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
svg-symbol.svg
cmdirect.misecure.com/ccf2/lsg/assets/svg/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
675 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
475 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
829 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
235 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
215 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Alpha_2x_680x290.jpg
cmdirect.misecure.com/cmd/img/ |
74 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
cmdirect.misecure.com/ |
1 KB 727 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Commerzbank (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| savepage_ShadowLoader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cmdirect.misecure.com
81.17.30.213
1f886be715df0251d6deec38c29c1d052a17e13e60ab4cbab3c63fb2c7f82481
21434445c408f9854cbec5c56ba5badf907aa3b6ccac4fca736b1322b8f4b347
2c60033c7c90dca5208f4e93bd2dd42cf837644346d3245c659ef249d5fd0a83
388e491e4fcbdfefb0c437cf0d0f42f506ed878c8564e6b1817368fc6e49e970
51c03a7e9f0cba76c367c12557ba6c55b767bc21521b1319ac9857b0ab8f572c
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
7d5aaf6457e4b15f596dfa554494bdc781bc1d13ada085dd3ea9a1347e521ab9
851dc28fd4e3486a775c3e8e3cd3b9d2a555335699e257e5771e910f4386168c
88f151f26d7582598781390eed26f60abfb543395da97d88c168e1f73a23b2f3
cd1af2ed494662d6ac322cf1048707eac9fc53561d1c9b5e0e7074599eb65773
ee91a05b813984b2dfed0caf56cd85136e9fd59a6e5d0dbaa847fa21a946030a