online.portal.bzst.de Open in urlscan Pro
80.245.159.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://db.de-banking.com/
Effective URL:
https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&...
Submission: On August 08 via automatic, source certstream-suspicious (August 8th 2023, 7:51:43 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 80.245.159.144, located in Helmstedt, Germany and belongs to ZIVIT-AS, DE. The main domain is online.portal.bzst.de.
TLS certificate: Issued by DFN-Verein Global Issuing CA on October 24th 2022. Valid for: a year.

This is the only time online.portal.bzst.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	80.245.159.144 80.245.159.144	35704 (ZIVIT-AS) (ZIVIT-AS)
13	1

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

db.de-banking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 80.245.159.144 (Helmstedt, Germany)

ASN35704 (ZIVIT-AS, DE)

online.portal.bzst.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	bzst.de online.portal.bzst.de	2 MB
1	de-banking.com 1 redirects db.de-banking.com	635 B
13	2

	Domain	Requested by
13	online.portal.bzst.de	online.portal.bzst.de
1	db.de-banking.com	1 redirects
13	2

This site contains links to these domains. Also see Links.

Domain
www.elster.de
mein-unternehmenskonto.de
id.bund.de
www.bzst.de

Subject Issuer	Validity	Valid
online.portal.bzst.de DFN-Verein Global Issuing CA	`2022-10-24` - `2023-11-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
Frame ID: D5D2671CDEFBC3BE961749786D27F2AE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung bei BOP-neu

Page URL History Show full URLs

https://db.de-banking.com/ HTTP 302
https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=op... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1774 kB
Transfer

1767 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.elster.de/eportal/start
Title: ELSTER

Search URL Search Domain Scan URL

URL: https://mein-unternehmenskonto.de/public/#Startseite
Title: Mein Unternehmenskonto

Search URL Search Domain Scan URL

URL: https://id.bund.de/de
Title: Nutzerkonto Bund

Search URL Search Domain Scan URL

URL: https://www.bzst.de/DE/Service/Portalinformation/Anmeldung_registrierung/anmeldung_node.html
Title: Bundeszentralamt für Steuern

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://db.de-banking.com/ HTTP 302
https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request auth Show response
online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/
Redirect Chain

https://db.de-banking.com/
https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.por...

8 KB
9 KB

1286ms
1082ms

Document
text/html

80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

599e70fd4695f0cb7c76456305d0efac53708e5144cae080c6b17f9f6a74e69d

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Language: de
Content-Length: 8073
Content-Security-Policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Tue, 08 Aug 2023 19:51:37 GMT
Keep-Alive: timeout=10, max=500
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f3a4b848f648ff8-FRA
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 19:51:36 GMT
location: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlHi6twwdrkBeVkiZvFyN%2FgU8Y9v%2FWetdQHVhB4NwkwbsVVEJbB7TmphuwIK%2FYwdHoGCF5jnEl6CmIdMZTaAph5NoL4UuZ1gFNyB0KUwm98%2FApa2JFaxhWjNsQx2jr4KCN4ssejtXYZIg94SRucUVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK base.css
online.portal.bzst.de/auth/resources/y36ma/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 33 KB
33 KB 49ms
49ms Stylesheet
text/css 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css

Requested by

Host: online.portal.bzst.de
URL: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

1702da3d70ed3971675295bcd9d85b2e118764a639a7e8b0f543749470e7eba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=499
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.css
online.portal.bzst.de/auth/resources/y36ma/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 1 MB
1 MB 140ms
48ms Stylesheet
text/css 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

c0561e478292f73e92b923fd0f892d742c5250f55b359dda303639a48863a7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK patternfly.min.css
online.portal.bzst.de/auth/resources/y36ma/common/keycloak/node_modules/patternfly/dist/css/ 178 KB
179 KB 451ms
356ms Stylesheet
text/css 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK patternfly-additions.min.css
online.portal.bzst.de/auth/resources/y36ma/common/keycloak/node_modules/patternfly/dist/css/ 220 KB
220 KB 152ms
53ms Stylesheet
text/css 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK pficon.css
online.portal.bzst.de/auth/resources/y36ma/common/keycloak/lib/pficon/ 577 B
956 B 529ms
430ms Stylesheet
text/css 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/common/keycloak/lib/pficon/pficon.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
Content-Length: 577
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login.css
online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/css/ 9 KB
9 KB 366ms
51ms Stylesheet
text/css 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/css/login.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

f00b2c6276df886fa77b4d93a3a52c5caf78f1cd0ca3213855b4f344d186ddf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=497
Content-Length: 8717
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tile.css
online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/css/ 8 KB
8 KB 401ms
55ms Stylesheet
text/css 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/css/tile.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

319c1086ebb869c277e96c37b2dcbccb6d51b0a68fff17d144e70931fb6d8949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=499
Content-Length: 7781
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/css/ 190 KB
191 KB 709ms
358ms Stylesheet
text/css 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/css/bootstrap.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

63b089b699b098830fef1e23c18e2413393d0715b5ce2a5f4823753ac2739e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=500
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo-bzst-white.png
online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/img/ 19 KB
19 KB 73ms
50ms Image
image/png 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/img/logo-bzst-white.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

1a6fdb77ec052432a04d68205d4f2379d06eb5f18c7ad122da88943d06e1dd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=496
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK elster-Logo.png
online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/img/ 51 KB
51 KB 349ms
314ms Image
image/png 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/img/elster-Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

1960553c909fc2e7dacc5be44095c834085e5da36c69b67c9a04ba0eabe8779f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=498
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bzst-Logo.png
online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/img/ 18 KB
18 KB 320ms
303ms Image
image/png 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/img/bzst-Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

b5e7566bfb9bfbe9193ed59d5a9325d2ecf5b81d4c60fb3b479a3a93c82981b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=495
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK nkb-Logo.png
online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/img/ 4 KB
5 KB 180ms
69ms Image
image/png 80.245.159.144
ZIVIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://online.portal.bzst.de/auth/resources/y36ma/login/post2.0-2.0.2/img/nkb-Logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.245.159.144 Helmstedt, Germany, ASN35704 (ZIVIT-AS, DE),

Reverse DNS

Software

Apache /

Resource Hash

15de5522beaff53df5c9deea68b98382e48d48a04ce0178aa67483ba18be5f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://online.portal.bzst.de/auth/realms/BOP-neu/protocol/openid-connect/auth?response_type=code&scope=openid&client_id=post&state=n1Av7f0Puy1mHr1cvXtBryoPtqw&redirect_uri=https%3A%2F%2Fonline.portal.bzst.de%2Foauth2%2Fcallback&nonce=buM4HwbMFyxDTRzebJfezPlPGLiCDQf9bpiVjq1YAf0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 19:51:38 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=10, max=499
Content-Length: 4388
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| detectIE undefined| contentWrapperElement undefined| contentCardElement undefined| localeChild

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
online.portal.bzst.de/auth/realms/BOP-neu/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: aa310c1c-312c-4d2a-ae85-1ca242bedda0.p02
online.portal.bzst.de/auth/realms/BOP-neu/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: aa310c1c-312c-4d2a-ae85-1ca242bedda0.p02
online.portal.bzst.de/auth/realms/BOP-neu/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJhNzQzZjg3Zi0xN2Y0LTQ3MjAtYTZhMS0zNGJiZTZjZjUxYmYifQ.eyJjaWQiOiJwb3N0IiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9vbmxpbmUucG9ydGFsLmJ6c3QuZGUvb2F1dGgyL2NhbGxiYWNrIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL29ubGluZS5wb3J0YWwuYnpzdC5kZS9hdXRoL3JlYWxtcy9CT1AtbmV1IiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL29ubGluZS5wb3J0YWwuYnpzdC5kZS9vYXV0aDIvY2FsbGJhY2siLCJzdGF0ZSI6Im4xQXY3ZjBQdXkxbUhyMWN2WHRCcnlvUHRxdyIsIm5vbmNlIjoiYnVNNEh3Yk1GeXhEVFJ6ZWJKZmV6UGxQR0xpQ0RRZjlicGlWanExWUFmMCJ9fQ.Rphy4gKCwYJ1kF8g9C19qGr9qOU42hNpAxuJV2LV_gg
online.portal.bzst.de/	1969-12-31 23:59:59	Name: AL_SESS-S Value: AcXQ!3vGeIbVF1YU6owoP380rTu3zzxi_HCTGaZVflvZDfB!OOqsPPvCJmv8EIN2D6SW

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

db.de-banking.com
online.portal.bzst.de
2a06:98c1:3121::3
80.245.159.144
15de5522beaff53df5c9deea68b98382e48d48a04ce0178aa67483ba18be5f27
1702da3d70ed3971675295bcd9d85b2e118764a639a7e8b0f543749470e7eba3
1960553c909fc2e7dacc5be44095c834085e5da36c69b67c9a04ba0eabe8779f
1a6fdb77ec052432a04d68205d4f2379d06eb5f18c7ad122da88943d06e1dd76
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
319c1086ebb869c277e96c37b2dcbccb6d51b0a68fff17d144e70931fb6d8949
599e70fd4695f0cb7c76456305d0efac53708e5144cae080c6b17f9f6a74e69d
63b089b699b098830fef1e23c18e2413393d0715b5ce2a5f4823753ac2739e8d
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
b5e7566bfb9bfbe9193ed59d5a9325d2ecf5b81d4c60fb3b479a3a93c82981b2
c0561e478292f73e92b923fd0f892d742c5250f55b359dda303639a48863a7a3
f00b2c6276df886fa77b4d93a3a52c5caf78f1cd0ca3213855b4f344d186ddf0

online.portal.bzst.de Open in urlscan Pro 80.245.159.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

1774 kBTransfer

1767 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

online.portal.bzst.de Open in urlscan Pro
80.245.159.144 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1774 kB
Transfer

1767 kB
Size

4
Cookies

13 HTTP transactions
0 data transactions