urlscan.io logo urlscan.io
SecurityTrails logo

uploadportal.bbr-partner.de Open in urlscan Pro
2a01:238:20a:202:1092::  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://uploadportal.bbr-partner.de/
Effective URL: https://uploadportal.bbr-partner.de/
Submission: On February 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2a01:238:20a:202:1092::, located in Germany and belongs to STRATO STRATO AG, DE. The main domain is uploadportal.bbr-partner.de.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on February 3rd 2023. Valid for: a year.
This is the only time uploadportal.bbr-partner.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a01:238:20a:... 6724 (STRATO ST...)
1 2a00:1450:400... 15169 (GOOGLE)
14 185.41.105.247 201709 (HANDS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 7
2    2a01:238:20a:202:1092:: (Germany)

ASN6724 (STRATO STRATO AG, DE)
uploadportal.bbr-partner.de
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
14    185.41.105.247 (Germany)

ASN201709 (HANDS, DE)
PTR: exchange.buchhalter.pro
app.buchhalter.pro
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
14 buchhalter.pro
app.buchhalter.pro
238 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2316
41 KB
2 bbr-partner.de
uploadportal.bbr-partner.de
747 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 339
8 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195
6 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
31 KB
20 6
Domain Requested by
14 app.buchhalter.pro uploadportal.bbr-partner.de
ajax.googleapis.com
2 stackpath.bootstrapcdn.com ajax.googleapis.com
2 uploadportal.bbr-partner.de 1 redirects
1 cdn.jsdelivr.net ajax.googleapis.com
1 cdnjs.cloudflare.com ajax.googleapis.com
1 ajax.googleapis.com uploadportal.bbr-partner.de
20 6

This site contains no links.

Subject Issuer Validity Valid
*.bbr-partner.de
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-03 -
2024-02-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
buchhalter.pro
R3		 2023-01-13 -
2023-04-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://uploadportal.bbr-partner.de/
Frame ID: F83743AED382236566DB2C0F3A695F3A
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://uploadportal.bbr-partner.de/ HTTP 301
    https://uploadportal.bbr-partner.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

20
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

325 kB
Transfer

613 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uploadportal.bbr-partner.de/ HTTP 301
    https://uploadportal.bbr-partner.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uploadportal.bbr-partner.de/
Redirect Chain
  • http://uploadportal.bbr-partner.de/
  • https://uploadportal.bbr-partner.de/
349 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://uploadportal.bbr-partner.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:238:20a:202:1092:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software
Apache/2.4.55 (Unix) /
Resource Hash
5cf2a6e3a7fb074f18099a78e3cae3a88b1d36533f2d06d41dd5a9d5b5bb2a75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
349
content-type
text/html
date
Fri, 24 Feb 2023 18:01:01 GMT
etag
"15d-5f3c870523dc0"
last-modified
Fri, 03 Feb 2023 09:38:07 GMT
server
Apache/2.4.55 (Unix)

Redirect headers

Connection
Keep-Alive
Content-Length
244
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 24 Feb 2023 18:01:01 GMT
Keep-Alive
timeout=3, max=100
Location
https://uploadportal.bbr-partner.de/
Server
Apache/2.4.55 (Unix)
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: uploadportal.bbr-partner.de
URL: https://uploadportal.bbr-partner.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 11:17:34 GMT
api.js
app.buchhalter.pro/ 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.buchhalter.pro/api.js
Requested by
Host: uploadportal.bbr-partner.de
URL: https://uploadportal.bbr-partner.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx /
Resource Hash
cae3089d1eb7e13c851e3545e989a7a2f45841a78a13b55a87f8c5f95e9e2957
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
last-modified
Tue, 21 Feb 2023 17:37:55 GMT
server
nginx
etag
"63f50173-765a"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
30298
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1797932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whsKdo7flTtkVtsJNILM7zX%2BAk0AoWqBaPvq0Z6S66OwrmBYeeDZ6Hz9bx2rrv9b0DYCUsN4J%2Fp0mMnf4lkI55bFUCFWBC9a8DX99ooplU70wgXhaeZM55YOzmftVDGYtl%2BH4gzHmjR11v9lQWkNNn%2Be"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79ea1aad487e9a1e-FRA
expires
Wed, 14 Feb 2024 18:01:02 GMT
get_accountant_data
app.buchhalter.pro/api/v1/sessions/ 		221 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.buchhalter.pro/api/v1/sessions/get_accountant_data
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx / Phusion Passenger(R) 6.0.13
Resource Hash
d739f252921c43f044e80c7c1479b5dbf3594591ac34b606e485e21e17afe9e8
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://uploadportal.bbr-partner.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.13
status
200 OK
x-xss-protection
1; mode=block
x-request-id
e1dc05d9-0eb9-4762-aa66-b294e5ff57da
x-runtime
0.016980
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"d739f252921c43f044e80c7c1479b5db"
x-download-options
noopen
vary
Origin
access-control-max-age
7200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uploadportal.bbr-partner.de
access-control-allow-methods
GET, POST, OPTIONS
cache-control
max-age=0, private, must-revalidate
x-frame-options
SAMEORIGIN
get_api_view_snippets
app.buchhalter.pro/api/v1/snippets/ 		18 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.buchhalter.pro/api/v1/snippets/get_api_view_snippets
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx / Phusion Passenger(R) 6.0.13
Resource Hash
f683edda9bf7f8006a489f04c5650e4926e7b647176bb757a105e93fca911109
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://uploadportal.bbr-partner.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.13
status
200 OK
x-xss-protection
1; mode=block
x-request-id
1a47614f-2516-4029-ad70-db7922ac480f
x-runtime
0.050367
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"f683edda9bf7f8006a489f04c5650e49"
x-download-options
noopen
vary
Origin
access-control-max-age
7200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uploadportal.bbr-partner.de
access-control-allow-methods
GET, POST, OPTIONS
cache-control
max-age=0, private, must-revalidate
x-frame-options
SAMEORIGIN
styles.css
app.buchhalter.pro/bhpro_api/assets/css/ 		16 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.buchhalter.pro/bhpro_api/assets/css/styles.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx /
Resource Hash
74dcb76e1e4dc8374238b1b9a4909161da8d6c04c2c51ddeba31d1493391c84c
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
last-modified
Tue, 21 Feb 2023 17:37:55 GMT
server
nginx
etag
"63f50173-40b4"
content-type
text/css
accept-ranges
bytes
content-length
16564
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 		156 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uploadportal.bbr-partner.de/
Origin
https://uploadportal.bbr-partner.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
cdn-cachedat
01/04/2023 11:35:44
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"7cc40c199d128af6b01e74a28c5900b0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c267d820a46cffcd0e629bd0c7135dab
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
79ea1ab08f209ba1-FRA
cdn-requestpullsuccess
True
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
206843
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230104-FRA, cache-yyz4525-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eq07UomhLab2CL55beNEWaiMpnDq3%2FN%2Fo6fdGQr7wWW40oW8dHMW%2BoobDUMRQK54pZHfyRmB517BpTikIuhGiARiDr3XM6mgSt4gVvxpyuk4Z8Zfw%2B1NUgzUhvTegKY9DHolFiS5KcogHeLBDFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
79ea1ab06fdbbb41-FRA
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 617, 617
age
2040640
cdn-cachedat
2021-08-02 20:41:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fb30ac8ee0a783b135d5ac14a4ec479a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
79ea1ab08d7c3a4f-FRA
cdn-requestpullsuccess
True
get_accountant_logo
app.buchhalter.pro/api/v1/sessions/ 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.buchhalter.pro/api/v1/sessions/get_accountant_logo
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx / Phusion Passenger(R) 6.0.13
Resource Hash
e1499e73c3386c8ec290a583362c0381414e7fd75514b6828a82dab99bb25c5c
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://uploadportal.bbr-partner.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.13
status
200 OK
x-xss-protection
1; mode=block
x-request-id
e38b9a18-a639-492f-a2c6-4d146d12f381
x-runtime
0.016433
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"e1499e73c3386c8ec290a583362c0381"
x-download-options
noopen
vary
Origin
access-control-max-age
7200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uploadportal.bbr-partner.de
access-control-allow-methods
GET, POST, OPTIONS
cache-control
max-age=0, private, must-revalidate
x-frame-options
SAMEORIGIN
get_accountant_logo
app.buchhalter.pro/api/v1/sessions/ 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.buchhalter.pro/api/v1/sessions/get_accountant_logo
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx / Phusion Passenger(R) 6.0.13
Resource Hash
e1499e73c3386c8ec290a583362c0381414e7fd75514b6828a82dab99bb25c5c
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://uploadportal.bbr-partner.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.13
status
200 OK
x-xss-protection
1; mode=block
x-request-id
94735aec-9f9f-4540-9da2-092590883c34
x-runtime
0.032278
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"e1499e73c3386c8ec290a583362c0381"
x-download-options
noopen
vary
Origin
access-control-max-age
7200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uploadportal.bbr-partner.de
access-control-allow-methods
GET, POST, OPTIONS
cache-control
max-age=0, private, must-revalidate
x-frame-options
SAMEORIGIN
get_accountant_logo
app.buchhalter.pro/api/v1/sessions/ 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.buchhalter.pro/api/v1/sessions/get_accountant_logo
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx / Phusion Passenger(R) 6.0.13
Resource Hash
e1499e73c3386c8ec290a583362c0381414e7fd75514b6828a82dab99bb25c5c
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://uploadportal.bbr-partner.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.13
status
200 OK
x-xss-protection
1; mode=block
x-request-id
8b7f4f7b-de36-4998-83e5-bebdd4fe38ad
x-runtime
0.092582
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"e1499e73c3386c8ec290a583362c0381"
x-download-options
noopen
vary
Origin
access-control-max-age
7200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uploadportal.bbr-partner.de
access-control-allow-methods
GET, POST, OPTIONS
cache-control
max-age=0, private, must-revalidate
x-frame-options
SAMEORIGIN
get_accountant_logo
app.buchhalter.pro/api/v1/sessions/ 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.buchhalter.pro/api/v1/sessions/get_accountant_logo
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx / Phusion Passenger(R) 6.0.13
Resource Hash
e1499e73c3386c8ec290a583362c0381414e7fd75514b6828a82dab99bb25c5c
Security Headers
Name Value
Strict-Transport-Security max-age=0;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://uploadportal.bbr-partner.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger(R) 6.0.13
status
200 OK
x-xss-protection
1; mode=block
x-request-id
2fb46432-cbc0-4f5b-b3fd-7971e4d00bb0
x-runtime
0.079768
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"e1499e73c3386c8ec290a583362c0381"
x-download-options
noopen
vary
Origin
access-control-max-age
7200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uploadportal.bbr-partner.de
access-control-allow-methods
GET, POST, OPTIONS
cache-control
max-age=0, private, must-revalidate
x-frame-options
SAMEORIGIN
upload_gray.svg
app.buchhalter.pro/bhpro_api/assets/icons/ 		422 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buchhalter.pro/bhpro_api/assets/icons/upload_gray.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx /
Resource Hash
95cf8340481679384b5476c885bfc74b42683b14c27f53b13dcacf851873f2cc
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
last-modified
Tue, 21 Feb 2023 17:37:55 GMT
server
nginx
etag
"63f50173-1a6"
content-type
image/svg+xml
accept-ranges
bytes
content-length
422
documents.svg
app.buchhalter.pro/bhpro_api/assets/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buchhalter.pro/bhpro_api/assets/icons/documents.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx /
Resource Hash
d4ccef2e8b9b41b6a892307a626509c55bdcf6d514652151592dcbde25bcc456
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
last-modified
Tue, 21 Feb 2023 17:37:55 GMT
server
nginx
etag
"63f50173-6f7"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1783
light_bulp.svg
app.buchhalter.pro/bhpro_api/assets/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buchhalter.pro/bhpro_api/assets/icons/light_bulp.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx /
Resource Hash
86b22732268ae78b493f498a73d6dd48d14680b5d2dd8e40ae67559ce7ca8054
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
last-modified
Tue, 21 Feb 2023 17:37:55 GMT
server
nginx
etag
"63f50173-914"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2324
documents_scan.svg
app.buchhalter.pro/bhpro_api/assets/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buchhalter.pro/bhpro_api/assets/icons/documents_scan.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx /
Resource Hash
b60318ce269cec08a96b8b9ab23781c7212d64441c1a068fe614abe690d73074
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
last-modified
Tue, 21 Feb 2023 17:37:55 GMT
server
nginx
etag
"63f50173-829"
content-type
image/svg+xml
accept-ranges
bytes
content-length
2089
documents_upload.svg
app.buchhalter.pro/bhpro_api/assets/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buchhalter.pro/bhpro_api/assets/icons/documents_upload.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx /
Resource Hash
a3882318012703ee32d8627651c8239a5d2949b94231137a66a29ba8d9228265
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
last-modified
Tue, 21 Feb 2023 17:37:55 GMT
server
nginx
etag
"63f50173-4fd"
content-type
image/svg+xml
accept-ranges
bytes
content-length
1277
arrow_back_white.svg
app.buchhalter.pro/bhpro_api/assets/icons/ 		550 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.buchhalter.pro/bhpro_api/assets/icons/arrow_back_white.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.41.105.247 , Germany, ASN201709 (HANDS, DE),
Reverse DNS
exchange.buchhalter.pro
Software
nginx /
Resource Hash
77e1938d2a1d65ef49c5c0ea1debe2e58f651397ada0c69ed6e6e6c8c98b383b
Security Headers
Name Value
Strict-Transport-Security max-age=0;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://uploadportal.bbr-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 24 Feb 2023 18:01:02 GMT
strict-transport-security
max-age=0;
last-modified
Tue, 21 Feb 2023 17:37:55 GMT
server
nginx
etag
"63f50173-226"
content-type
image/svg+xml
accept-ranges
bytes
content-length
550
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5b5ba47f98bbc53573d0cbc7d36080d72b0480f4641a58dadac6e33c372025f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| notification string| bhpro_host object| allowed_mime_types object| allowed_mime_type_endings function| Popper object| bootstrap

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.buchhalter.pro
cdn.jsdelivr.net
cdnjs.cloudflare.com
stackpath.bootstrapcdn.com
uploadportal.bbr-partner.de
185.41.105.247
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:800::200a
2a01:238:20a:202:1092::
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5cf2a6e3a7fb074f18099a78e3cae3a88b1d36533f2d06d41dd5a9d5b5bb2a75
74dcb76e1e4dc8374238b1b9a4909161da8d6c04c2c51ddeba31d1493391c84c
77e1938d2a1d65ef49c5c0ea1debe2e58f651397ada0c69ed6e6e6c8c98b383b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
86b22732268ae78b493f498a73d6dd48d14680b5d2dd8e40ae67559ce7ca8054
95cf8340481679384b5476c885bfc74b42683b14c27f53b13dcacf851873f2cc
a3882318012703ee32d8627651c8239a5d2949b94231137a66a29ba8d9228265
b5b5ba47f98bbc53573d0cbc7d36080d72b0480f4641a58dadac6e33c372025f
b60318ce269cec08a96b8b9ab23781c7212d64441c1a068fe614abe690d73074
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
cae3089d1eb7e13c851e3545e989a7a2f45841a78a13b55a87f8c5f95e9e2957
d4ccef2e8b9b41b6a892307a626509c55bdcf6d514652151592dcbde25bcc456
d739f252921c43f044e80c7c1479b5dbf3594591ac34b606e485e21e17afe9e8
e1499e73c3386c8ec290a583362c0381414e7fd75514b6828a82dab99bb25c5c
f683edda9bf7f8006a489f04c5650e4926e7b647176bb757a105e93fca911109