account.napkon.de Open in urlscan Pro
2a01:4f8:1c17:800c:216:3eff:fefa:8445 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://account.napkon.de/
Effective URL:
https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.n...
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2024, 7:41:54 am UTC) — Scanned from DE

Summary HTTP 22 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 22 HTTP transactions. The main IP is 2a01:4f8:1c17:800c:216:3eff:fefa:8445, located in Gunzenhausen, Germany and belongs to HETZNER-AS, DE. The main domain is account.napkon.de.
TLS certificate: Issued by R3 on June 1st 2024. Valid for: 3 months.

This is the only time account.napkon.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 20	2a01:4f8:1c17... 2a01:4f8:1c17:800c:216:3eff:fefa:8445	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
22	4

20 2a01:4f8:1c17:800c:216:3eff:fefa:8445 (Gunzenhausen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

account.napkon.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	napkon.de 2 redirects account.napkon.de	11 MB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	gstatic.com fonts.gstatic.com	48 KB
22	3

	Domain	Requested by
20	account.napkon.de	2 redirects account.napkon.de
2	fonts.googleapis.com	account.napkon.de client
1	fonts.gstatic.com	fonts.googleapis.com
22	3

This site contains links to these domains. Also see Links.

Domain
napkon.de
proskive.napkon.de
cohort-explorer.napkon.de

Subject Issuer	Validity	Valid
account.napkon.de R3	`2024-06-01` - `2024-08-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.napkon.de%2Frealms%2Fusers%2Faccount%2Flogin-redirect&state=0%2Ffa5fd043-bb86-4db4-96bb-63735513e8e9&response_type=code&scope=openid
Frame ID: 519BFB73CC1210630192D3EE2755B227
Requests: 19 HTTP requests in this frame

Frame: https://account.napkon.de/auth/realms/users/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 832B3B6EBB2270F3E72F99FF131112F3
Requests: 2 HTTP requests in this frame

Frame: https://account.napkon.de/auth/realms/users/protocol/openid-connect/login-status-iframe.html
Frame ID: A846F54F6C823F2AF22FE7242311702A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung bei NAPKON Suite

Page URL History Show full URLs

https://account.napkon.de/ HTTP 303
https://account.napkon.de/realms/users/account HTTP 302
https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=htt... Page URL

Page Statistics

22
Requests

95 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

11209 kB
Transfer

11259 kB
Size

6
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://napkon.de/

Search URL Search Domain Scan URL

URL: https://napkon.de/kontakt/
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://proskive.napkon.de/
Title: Projektanträge

Search URL Search Domain Scan URL

URL: https://napkon.de/das-projekt/
Title: Ziele und Komponenten

Search URL Search Domain Scan URL

URL: https://napkon.de/ansprechpersonen/
Title: Ansprechpersonen

Search URL Search Domain Scan URL

URL: https://napkon.de/standorte/
Title: Standorte

Search URL Search Domain Scan URL

URL: https://napkon.de/rekrutierungsvorbereitung/
Title: Rekrutierungsvorbereitung

Search URL Search Domain Scan URL

URL: https://napkon.de/forschungsprojekte/
Title: Forschungsprojekte

Search URL Search Domain Scan URL

URL: https://napkon.de/uac/
Title: Use & Access Komitee

Search URL Search Domain Scan URL

URL: https://napkon.de/pat/datenschutz
Title: Daten & Datenschutz

Search URL Search Domain Scan URL

URL: https://napkon.de/pat/ansprechpersonen
Title: Ansprechpersonen

Search URL Search Domain Scan URL

URL: https://cohort-explorer.napkon.de/
Title: Cohort Explorer

Search URL Search Domain Scan URL

URL: https://napkon.de/service/
Title: NAPKON Services

Search URL Search Domain Scan URL

URL: https://napkon.de/faq/
Title: Fragen & Antworten

Search URL Search Domain Scan URL

URL: https://napkon.de/statistik
Title: Statistik

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account.napkon.de/ HTTP 303
https://account.napkon.de/realms/users/account HTTP 302
https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.napkon.de%2Frealms%2Fusers%2Faccount%2Flogin-redirect&state=0%2Ffa5fd043-bb86-4db4-96bb-63735513e8e9&response_type=code&scope=openid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request auth Show response
account.napkon.de/realms/users/protocol/openid-connect/
Redirect Chain

https://account.napkon.de/
https://account.napkon.de/realms/users/account
https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.napkon.de%2Frealms%2Fusers%2Faccount%2Flogin-redirect&state=0%2Ffa5fd043-bb8...

5 KB
3 KB

43ms
43ms

Document
text/html

2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.napkon.de%2Frealms%2Fusers%2Faccount%2Flogin-redirect&state=0%2Ffa5fd043-bb86-4db4-96bb-63735513e8e9&response_type=code&scope=openid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

381e6e7db4fae4243361a7bada5cab38140dc6f65a95bf457b099e06a672279c

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Language: de
Content-Security-Policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Wed, 31 Jul 2024 07:41:41 GMT
Referrer-Policy: no-referrer
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Wed, 31 Jul 2024 07:41:41 GMT
Location: https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.napkon.de%2Frealms%2Fusers%2Faccount%2Flogin-redirect&state=0%2Ffa5fd043-bb86-4db4-96bb-63735513e8e9&response_type=code&scope=openid
Referrer-Policy: no-referrer
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK base.css
account.napkon.de/resources/mlltv/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 33 KB
33 KB 29ms
28ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css

Requested by

Host: account.napkon.de
URL: https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.napkon.de%2Frealms%2Fusers%2Faccount%2Flogin-redirect&state=0%2Ffa5fd043-bb86-4db4-96bb-63735513e8e9&response_type=code&scope=openid

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

1702da3d70ed3971675295bcd9d85b2e118764a639a7e8b0f543749470e7eba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK app.css
account.napkon.de/resources/mlltv/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 1 MB
1 MB 108ms
40ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

55d125b22a0151fa04ad79de062fc36defe471ef682d1e80841972c566297575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK patternfly.min.css
account.napkon.de/resources/mlltv/common/keycloak/node_modules/patternfly/dist/css/ 178 KB
179 KB 111ms
28ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK patternfly-additions.min.css
account.napkon.de/resources/mlltv/common/keycloak/node_modules/patternfly/dist/css/ 220 KB
220 KB 122ms
29ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK pficon.css
account.napkon.de/resources/mlltv/common/keycloak/lib/pficon/ 577 B
986 B 123ms
27ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/common/keycloak/lib/pficon/pficon.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 577
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK patternfly.min.css
account.napkon.de/resources/mlltv/login/ansible-theme/node_modules/patternfly/dist/css/ 178 KB
179 KB 133ms
31ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/login/ansible-theme/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK patternfly-additions.min.css
account.napkon.de/resources/mlltv/login/ansible-theme/node_modules/patternfly/dist/css/ 220 KB
220 KB 136ms
32ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/login/ansible-theme/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET zocial.css
account.napkon.de/resources/mlltv/login/ansible-theme/lib/zocial/ 0
0

GET
H/1.1 200
OK login.css
account.napkon.de/resources/mlltv/login/ansible-theme/css/ 16 KB
16 KB 214ms
45ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/login/ansible-theme/css/login.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

404ea35b3b92e0818cb5417a29c66690ed06f1c6808aa0eefc55b42b45672995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK styles.css
account.napkon.de/resources/mlltv/login/ansible-theme/css/ 1 KB
1 KB 302ms
35ms Stylesheet
text/css 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/login/ansible-theme/css/styles.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

a548cbc0b2c0156443d21e1f48d6942593af02845597437e00839b5505e9ad23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Content-Type: text/css;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1028
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found script.js
account.napkon.de/resources/mlltv/login/ansible-theme/js/ 0
0 340ms
26ms Script
text/plain 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/login/ansible-theme/js/script.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK header.js Show response
account.napkon.de/resources/mlltv/login/ansible-theme/js/ 9 MB
9 MB 348ms
30ms Script
text/javascript 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/login/ansible-theme/js/header.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

095c0359637868f3bfb89bf7113c471afe5d0d1eb0b45fda66d6a2ebb1e1fa07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 31 KB
1 KB 500ms
34ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: account.napkon.de
URL: https://account.napkon.de/resources/mlltv/login/ansible-theme/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bea2fc08632328b75d0ba53a42a175b1c876727507d18a3d57ccc12e65de47f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 07:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 07:35:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 07:41:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
686 B 68ms
5ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

742b1e01583cf2196c092cee9577dbefc0dfb1848c1071ef34925ee00990fee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 07:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 07:41:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 07:41:44 GMT

GET
H/1.1 200
OK step1.html Show response
account.napkon.de/auth/realms/users/protocol/openid-connect/3p-cookies/ Frame 832B 955 B
1 KB 27ms
27ms Document
text/html 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/auth/realms/users/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: account.napkon.de
URL: https://account.napkon.de/resources/mlltv/login/ansible-theme/js/header.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-src 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Wed, 31 Jul 2024 07:41:45 GMT
P3P: CP="This is not a P3P policy!"
Referrer-Policy: no-referrer
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4f3a33abf83450fe34ed633daf91b9afe7c529dd2df2d32196d967723b7d86

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK logo.svg
account.napkon.de/resources/mlltv/login/ansible-theme/img/ 39 KB
39 KB 35ms
34ms Image
image/svg+xml 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://account.napkon.de/resources/mlltv/login/ansible-theme/img/logo.svg

Requested by

Host: account.napkon.de
URL: https://account.napkon.de/resources/mlltv/login/ansible-theme/css/styles.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

4e3e38f4a18585c4af0812f5777ee8f2455d5721b35d50632a8d694ea5466c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: no-cache
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
48 KB 236ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.napkon.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 11:51:50 GMT
x-content-type-options: nosniff
age: 71395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48336
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Jul 2025 11:51:50 GMT

GET
H/1.1 200
OK step2.html Show response
account.napkon.de/auth/realms/users/protocol/openid-connect/3p-cookies/ Frame 832B 1 KB
1 KB 66ms
26ms Document
text/html 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/auth/realms/users/protocol/openid-connect/3p-cookies/step2.html

Requested by

Host: account.napkon.de
URL: https://account.napkon.de/auth/realms/users/protocol/openid-connect/3p-cookies/step1.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-src 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Wed, 31 Jul 2024 07:41:46 GMT
P3P: CP="This is not a P3P policy!"
Referrer-Policy: no-referrer
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK login-status-iframe.html Show response
account.napkon.de/auth/realms/users/protocol/openid-connect/ Frame A846 4 KB
2 KB 33ms
32ms Document
text/html 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/auth/realms/users/protocol/openid-connect/login-status-iframe.html

Requested by

Host: account.napkon.de
URL: https://account.napkon.de/resources/mlltv/login/ansible-theme/js/header.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

47cbcc6949e5ba078838f3dbd370d606e1c4a5113f896ddce5e662086bd18958

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-src 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Wed, 31 Jul 2024 07:41:46 GMT
P3P: CP="This is not a P3P policy!"
Referrer-Policy: no-referrer
Server: openresty
Strict-Transport-Security: max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
account.napkon.de/resources/mlltv/login/ansible-theme/img/ 627 B
1 KB 29ms
29ms Other
application/octet-stream 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/resources/mlltv/login/ansible-theme/img/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Content-Type: application/octet-stream
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 627
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content init Show response
account.napkon.de/auth/realms/users/protocol/openid-connect/login-status-iframe.html/ Frame A846 0
333 B 25ms
25ms XHR
text/plain 2a01:4f8:1c17:800c:216:3eff:fefa:8445
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://account.napkon.de/auth/realms/users/protocol/openid-connect/login-status-iframe.html/init?client_id=header&origin=https%3A%2F%2Faccount.napkon.de

Requested by

Host: account.napkon.de
URL: https://account.napkon.de/auth/realms/users/protocol/openid-connect/login-status-iframe.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:1c17:800c:216:3eff:fefa:8445 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 07:41:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubdomains;
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
Server: openresty
Connection: keep-alive
X-XSS-Protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: account.napkon.de
URL: https://account.napkon.de/resources/mlltv/login/ansible-theme/lib/zocial/zocial.css

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| $cookies

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
account.napkon.de/realms/users/account/login-redirect	1969-12-31 23:59:59	Name: OAuth_Token_Request_State Value: "0/fa5fd043-bb86-4db4-96bb-63735513e8e9"
account.napkon.de/realms/users/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 8d2e9aca-4dac-4abc-98e6-c7a0bf86c442
account.napkon.de/realms/users/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 8d2e9aca-4dac-4abc-98e6-c7a0bf86c442
account.napkon.de/realms/users/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI5MDQ2MTI1OS1lZDkxLTQ4ODQtYjQxYi0zMDQwODZkNTY2NGEifQ.eyJjaWQiOiJhY2NvdW50IiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9hY2NvdW50Lm5hcGtvbi5kZS9yZWFsbXMvdXNlcnMvYWNjb3VudC9sb2dpbi1yZWRpcmVjdCIsImFjdCI6IkFVVEhFTlRJQ0FURSIsIm5vdGVzIjp7InNjb3BlIjoib3BlbmlkIiwiaXNzIjoiaHR0cHM6Ly9hY2NvdW50Lm5hcGtvbi5kZS9yZWFsbXMvdXNlcnMiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vYWNjb3VudC5uYXBrb24uZGUvcmVhbG1zL3VzZXJzL2FjY291bnQvbG9naW4tcmVkaXJlY3QiLCJzdGF0ZSI6IjAvZmE1ZmQwNDMtYmI4Ni00ZGI0LTk2YmItNjM3MzU1MTNlOGU5In19.Nn_vJALO6lWu6ezkz6K4wsaKg7s0KSTQWA02ErbIntw
account.napkon.de/	1969-12-31 23:59:59	Name: rps-header-token Value:
account.napkon.de/	1969-12-31 23:59:59	Name: rps-header-refresh-token Value:

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.napkon.de%2Frealms%2Fusers%2Faccount%2Flogin-redirect&state=0%2Ffa5fd043-bb86-4db4-96bb-63735513e8e9&response_type=code&scope=openid Message: Refused to apply style from 'https://account.napkon.de/resources/mlltv/login/ansible-theme/lib/zocial/zocial.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://account.napkon.de/resources/mlltv/login/ansible-theme/js/script.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://account.napkon.de/realms/users/protocol/openid-connect/auth?client_id=account&redirect_uri=https%3A%2F%2Faccount.napkon.de%2Frealms%2Fusers%2Faccount%2Flogin-redirect&state=0%2Ffa5fd043-bb86-4db4-96bb-63735513e8e9&response_type=code&scope=openid Message: Refused to execute script from 'https://account.napkon.de/resources/mlltv/login/ansible-theme/js/script.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.napkon.de
fonts.googleapis.com
fonts.gstatic.com
account.napkon.de
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a01:4f8:1c17:800c:216:3eff:fefa:8445
095c0359637868f3bfb89bf7113c471afe5d0d1eb0b45fda66d6a2ebb1e1fa07
1702da3d70ed3971675295bcd9d85b2e118764a639a7e8b0f543749470e7eba3
1c4f3a33abf83450fe34ed633daf91b9afe7c529dd2df2d32196d967723b7d86
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
381e6e7db4fae4243361a7bada5cab38140dc6f65a95bf457b099e06a672279c
404ea35b3b92e0818cb5417a29c66690ed06f1c6808aa0eefc55b42b45672995
47cbcc6949e5ba078838f3dbd370d606e1c4a5113f896ddce5e662086bd18958
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
4e3e38f4a18585c4af0812f5777ee8f2455d5721b35d50632a8d694ea5466c63
55d125b22a0151fa04ad79de062fc36defe471ef682d1e80841972c566297575
742b1e01583cf2196c092cee9577dbefc0dfb1848c1071ef34925ee00990fee3
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
a548cbc0b2c0156443d21e1f48d6942593af02845597437e00839b5505e9ad23
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
bea2fc08632328b75d0ba53a42a175b1c876727507d18a3d57ccc12e65de47f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

account.napkon.de Open in urlscan Pro 2a01:4f8:1c17:800c:216:3eff:fefa:8445 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

22 Requests

95 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

11209 kBTransfer

11259 kBSize

6 Cookies

15 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

6 Cookies

3 Console Messages

Security Headers

Indicators

account.napkon.de Open in urlscan Pro
2a01:4f8:1c17:800c:216:3eff:fefa:8445 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

95 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

11209 kB
Transfer

11259 kB
Size

6
Cookies

22 HTTP transactions
1 data transactions