konto.dad.at
Open in
urlscan Pro
193.110.183.180
Public Scan
Effective URL: https://konto.dad.at/banking/login.xhtml?m=45&f=1
Submission: On August 23 via automatic, source certstream-suspicious — Scanned from AT
Summary
TLS certificate: Issued by DigiCert EV RSA CA G2 on August 7th 2023. Valid for: a year.
This is the only time konto.dad.at was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 193.110.183.180 193.110.183.180 | 24656 (ARZ) (ARZ) | |
4 | 193.110.183.241 193.110.183.241 | 24656 (ARZ) (ARZ) | |
22 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
dad.at
1 redirects
konto.dad.at |
2 MB |
4 |
arz.at
analytics.arz.at |
84 KB |
22 | 2 |
Domain | Requested by | |
---|---|---|
19 | konto.dad.at |
1 redirects
konto.dad.at
|
4 | analytics.arz.at |
konto.dad.at
|
22 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.dad.at |
Subject Issuer | Validity | Valid | |
---|---|---|---|
konto.dad.at DigiCert EV RSA CA G2 |
2023-08-07 - 2024-09-04 |
a year | crt.sh |
*.arz.at DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-11-07 - 2024-12-07 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://konto.dad.at/banking/login.xhtml?m=45&f=1
Frame ID: 15D71078C51D7EE5643109E55FD19BD2
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
-
https://konto.dad.at/
HTTP 302
https://konto.dad.at/banking/login.xhtml?m=45&f=1 Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Zugangsdaten vergessen oder gesperrt
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://konto.dad.at/
HTTP 302
https://konto.dad.at/banking/login.xhtml?m=45&f=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.xhtml
konto.dad.at/banking/ Redirect Chain
|
25 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js.xhtml
konto.dad.at/banking/javax.faces.resource/jquery/ |
85 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracekit.js.xhtml
konto.dad.at/banking/javax.faces.resource/errorhandling/ |
44 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsfFix.js.xhtml
konto.dad.at/banking/javax.faces.resource/jsf/ |
535 B 678 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsf.js.xhtml
konto.dad.at/banking/javax.faces.resource/ |
117 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
errorhandling.js.xhtml
konto.dad.at/banking/javax.faces.resource/errorhandling/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
errorhandlingJSF.js.xhtml
konto.dad.at/banking/javax.faces.resource/errorhandling/ |
850 B 840 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fixviewstate.js.xhtml
konto.dad.at/banking/javax.faces.resource/main/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eNqVWNty2zYQ_SJ7p20mD3lz7DjJjNu4kT2d6dsSXJKQQIDGRbI8_fguKEoWAUh2XojdxQFELM5eqCWu0QkrB_9JKEnaL7yx2BLMtMul-2-ZI9EHB8dKgls-BbJb2A0XQV72Up-DXDLEmyC6iyFo0b0JZ6NRSmpv1pI2JbirNMRHyT5Y3X4oTbC9aHYYzabXskFB7...
konto.dad.at/banking/javax.faces.resource/ |
2 MB 726 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
konto.dad.at/banking/resource/145d24a654a0b8de7ffa837bc948d12e200c90e4/m045/f1/css/ |
2 MB 215 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4f95e81b-e89d-4b41-8c7c-0d36fcea28c8.js
analytics.arz.at/containers/ |
217 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-background.jpg
konto.dad.at/banking/resource/145d24a654a0b8de7ffa837bc948d12e200c90e4/m045/f1/images/ |
278 KB 278 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
konto.dad.at/banking/resource/145d24a654a0b8de7ffa837bc948d12e200c90e4/m045/f1/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PT_Serif-Web-Regular.ttf
konto.dad.at/banking/resource/145d24a654a0b8de7ffa837bc948d12e200c90e4/m045/f1/fonts/ |
351 KB 351 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
login.xhtml
konto.dad.at/banking/ |
2 KB 4 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
login.xhtml
konto.dad.at/banking/ |
2 KB 4 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
login.xhtml
konto.dad.at/banking/ |
13 KB 15 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ppms.js
analytics.arz.at/ |
72 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PT_Serif-Web-Bold.ttf
konto.dad.at/banking/resource/145d24a654a0b8de7ffa837bc948d12e200c90e4/m045/f1/fonts/ |
332 KB 332 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ppms.php
analytics.arz.at/ |
43 B 313 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.png
konto.dad.at/banking/resource/1cfb4ffccbca5e394255d540568f4dfeb346f25a/m045/f1/images/ |
227 B 602 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ppms.php
analytics.arz.at/ |
43 B 313 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
223 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| TraceKit object| myfaces object| jsf string| _PFX_UTIL string| _PFX_CORE string| _PFX_XHR string| _PFX_I18N function| _MF_CLS function| _MF_SINGLTN function| _MF_OBJECT object| ErrorHandling object| ErrorHandlingJSF object| OmniFaces function| ClientStorage object| ClientStatus number| dbits number| canary boolean| j_lm function| BigInteger function| nbi function| am1 function| am2 function| am3 number| BI_FP string| BI_RM object| BI_RC number| rr number| vv function| int2char function| intAt function| bnpCopyTo function| bnpFromInt function| nbv function| bnpFromString function| bnpClamp function| bnToString function| bnNegate function| bnAbs function| bnCompareTo function| nbits function| bnBitLength function| bnpDLShiftTo function| bnpDRShiftTo function| bnpLShiftTo function| bnpRShiftTo function| bnpSubTo function| bnpMultiplyTo function| bnpSquareTo function| bnpDivRemTo function| bnMod function| Classic function| cConvert function| cRevert function| cReduce function| cMulTo function| cSqrTo function| bnpInvDigit function| Montgomery function| montConvert function| montRevert function| montReduce function| montSqrTo function| montMulTo function| bnpIsEven function| bnpExp function| bnModPowInt function| Arcfour function| ARC4init function| ARC4next function| prng_newstate number| rng_psize object| rng_pool number| rng_pptr function| rng_seed_int function| rng_seed_time number| t object| ua function| rng_get_byte function| rng_get_bytes function| SecureRandom function| parseBigInt function| linebrk function| byte2Hex function| pkcs1pad2 function| RSAKey function| RSASetPublic function| RSADoPublic function| RSAEncrypt object| UXTracker object| colors function| rgbToHex function| EBPMap function| MirroredMap object| registeredJsfAjaxCallbacks function| doOnlyOnce function| callWhenReady object| FingerprintJS object| SelectboxPlugin object| ComboSelectboxComponent object| InputTextComponent object| InputTextareaComponent object| InputEncryptComponent object| InputSecretComponent object| SubmitLoginForm function| showOverlay function| resetOverlays object| overlayUtils object| NavigationBadges object| Download object| Timeout object| FileUpload object| ImageOptimizer object| OrderDragNDrop object| AccessibilityComponent object| AccountBalanceComponent object| CategoryStatusComponent object| InputDateComponent object| DoubleClickPrevention object| InputPhoneComponent object| InputSliderComponent object| InputSearchComponent object| InputSearchGlobal object| AutoFocus object| InputSwitch object| KalenderComponent function| initTextareas object| DataTableComponent object| Auftragserfassung object| auftragserfassungSmart object| HighchartsComponent object| Bargeldschluessel object| TextManagement object| MobileBankingExtensions object| imgPreview object| VersionInfoComponent object| StandardFlyoutComponent object| StandardFlyoutStateHandling object| redirector object| ScrollableTabComponent object| htmlPrint object| horizontalScrollSlider object| SparzieleZeitleiste object| SparzieleTransfer object| VerfuegerSpecificImage object| KategorieRegeln object| KategorieAnalysis object| GlobaleSuche object| FremdkontenLoader object| FaqSuche object| SVGIcon object| Startseite object| StartseiteQL function| VanillaQR object| QrCodeGenerator object| Produktrechner object| Serviceauftraege object| ValueWithLabel object| VerticalTextOverflow object| MobileBiometrics object| ShortpinLogin function| showLoadingScreenAndRedirect function| showLoadingScreen object| Flicker object| ClipboardComponent object| PortfolioPosition object| PortfolioTableChart object| PrimeSign object| SmartLoginChallenge object| ActionTimeout object| GeraetebindungDevice function| Geraetebindung object| Totp object| MobileDevice object| ZweiFaChallenge object| SmartLoginApp object| SmartLoginBrowser object| UserAgentUtil object| MultilineEllipser function| _typeof object| Fido2 object| InstantPaymentPolling object| _paq object| PiwikAnalytics function| initPace function| Sifter object| MicroPlugin function| Selectize function| zxcvbn object| Highcharts function| _ object| Backbone object| rangy object| etch function| Cropper function| default function| jsSHA function| UAParser object| base64js object| base64url object| webauthn object| Pace object| dataLayer object| ppms function| submitValidate function| submitOTP function| noOTPData function| initError function| kooplogin function| openAppVersionWarning object| paceOptions string| SYNC_EVENT string| ONCE_PER_PAGE_VIEW_ACTION string| ONCE_PER_SESSION_ACTION string| VARIABLE_NAME string| COOKIE_PREFIX string| GLOBAL_CONFIG_NAME function| ppmsWebStorage object| sevenTag object| Piwik object| AnalyticsTracker function| piwik_log12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
konto.dad.at/banking | Name: PREF Value: m%3D45%3Af%3D01%3Al%3Dde%3As%3DSTANDARD%3Av%3D0 |
|
konto.dad.at/banking | Name: SIC Value: RGca1K_cmd13vgJ0JGfdJwo |
|
konto.dad.at/banking | Name: FLAG Value: 8129da24-0aec-4c96-a7ad-da0572907484 |
|
konto.dad.at/ | Name: ROUTEID Value: fdf7da92bde112f31f65a3a85724c6a7|482a85c039031df1e1e9dba454f91d94 |
|
konto.dad.at/ | Name: JSESSIONID Value: 0000RGca1K_cmd13vgJ0JGfdJwo:54b78d8d67 |
|
konto.dad.at/ | Name: ROUTE Value: 190513674.47873.0000 |
|
konto.dad.at/ | Name: stg_returning_visitor Value: Fri%2C%2023%20Aug%202024%2023:42:43%20GMT |
|
konto.dad.at/ | Name: stg_traffic_source_priority Value: 1 |
|
konto.dad.at/ | Name: stg_externalReferrer Value: |
|
konto.dad.at/ | Name: stg_last_interaction Value: Fri%2C%2023%20Aug%202024%2023:42:43%20GMT |
|
konto.dad.at/ | Name: _pk_id.4f95e81b-e89d-4b41-8c7c-0d36fcea28c8.5eef Value: f415ae3c4aead8c0.1724456563.1.1724456563.1724456563. |
|
konto.dad.at/ | Name: _pk_ses.4f95e81b-e89d-4b41-8c7c-0d36fcea28c8.5eef Value: * |
15 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' gap: about:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.chatvisor.com https://at.engage.teamviewer.com *.arz.at; script-src 'self' gap: cordova: fonts.googleapis.com google.com maps.gstatic.com maps.googleapis.com gateway.webid-solutions.de webid-gateway.de https://at.engage.teamviewer.com/ *.ahoyrtc.com *.threatmark.com 'unsafe-eval' *.arz.at 'nonce-533a8bcdb6ef4b808866e820e842849e'; img-src 'self' data: android-webview-video-poster: https://*.googleapis.com https://*.gstatic.com https://at.engage.teamviewer.com/ https://content.ethoca.com/ *.arz.at; media-src 'self' *.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de; object-src 'self'; font-src 'self' https://fonts.gstatic.com https://cdn.chatvisor.com data: *.arz.at; child-src 'self' blob:; frame-src 'self' gap: https://sign.prime-sign.com; frame-ancestors 'none'; manifest-src 'self'; referrer origin; report-uri https://konto.dad.at:443/banking/rest/cspreport?m=45&u=; connect-src 'self' blob: *.ahoyrtc.com wss://*.ahoyrtc.com gateway.webid-solutions.de webid-gateway.de *.threatmark.com *.engage.teamviewer.com wss://*.engage.teamviewer.com https://127.0.0.1:* *.arz.at https://*.googleapis.com https://*.gstatic.com; form-action 'self' https://angebot.derfairecredit.at https://shop.ergo-versicherung.at; block-all-mixed-content; reflected-xss block; upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.arz.at
konto.dad.at
193.110.183.180
193.110.183.241
038ba7336bd7ea14f12ad155bed51a4345cac5153275d521dec3ba04021c526e
2083296a5383139aa5fca0a793fa0b928ff556198548cbcf96d694ef0d275ad1
40e12a730119cb90e521a197b48ad1492a5b6775e5232d851778ed188e51996e
45adf8de2c92361ce4492132e1c82fe23d1635962fda9815437469e1d672a885
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559e729c20a906611c1cc59ed46bb970176f0f4fd7ac153700baaef221c076cd
56a1379062ad0bc0c227d935bde7d5595423e3044c88dc284d221d8d1cad3fff
78821b283a6acbb5e79238628062c1e0969c71a396d0f78dde30706a574d875d
963d40db9bcf4ac663073c06588f93b1ebd189105a0699ee7f6f99fc64c10198
a4951fade06ff8f09b7673aa81ffb65a8cd409e24d3289a6dc670bc4dda2557a
a7f7f25202541f71d9f5ce92dec70dd1ac7cf0609c0ae077737b33f4bc6b2511
b6d5de19d64deac1185b2de989f4b4a0beaf537662c8e2dfe1fd7d6b641fc89c
c0417ec8e7fc4afdb2c04dbc53056dca01a91f927ec83b414c060edd5772f07a
c11575e9ecfff0f558fd87d16e9941f26e0224dea19675ecbdf69e1da6114946
c41adcbdfa1815256772fda7e13c0e4552fa11df1af6d901f953c45bec170258
c9d81fd826d1bf7b61eea6706105fd6434eb2f85d46b2fbb5e65783eef90cd79
d2059036eae577d7c92679d817cf665a7953e0bc60e71406a08c3c7e60c5b321
eb27b4fd65d806da38696e9d5f08d5a603e4bdf84c07e295189736f0134aec58
ee8a435d15dca8035167872124ec0aa7df55ab276ebe21f3fdbd038d50c9fa3e
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
feadef9af56dddcc5b6778586fb9f58cce59ac964ae1989d0e7ac44d45f83413