urlscan.io logo urlscan.io
SecurityTrails logo

login.bsw-hoert-zu.de Open in urlscan Pro
2a03:4000:4a:1:98c6:6cff:fe35:41d0  Public Scan

Go To Rescan Add Verdict Report
URL: https://login.bsw-hoert-zu.de/
Submission: On December 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2a03:4000:4a:1:98c6:6cff:fe35:41d0, located in Nuremberg, Germany and belongs to netcup-AS netcup GmbH, DE. The main domain is login.bsw-hoert-zu.de.
TLS certificate: Issued by E5 on December 14th 2024. Valid for: 3 months.
This is the only time login.bsw-hoert-zu.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a03:4000:4a:... 197540 (netcup-AS...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
9 4
Domain Requested by
3 login.bsw-hoert-zu.de login.bsw-hoert-zu.de
2 www.gstatic.com login.bsw-hoert-zu.de
1 fonts.gstatic.com login.bsw-hoert-zu.de
9 3

This site contains no links.

Subject Issuer Validity Valid
login.bsw-hoert-zu.de
E5		 2024-12-14 -
2025-03-14		 3 months crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://login.bsw-hoert-zu.de/
Frame ID: C0A7964BBE66A92871D0EC7D3A258F2A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BSW hört zu. ADMIN

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

9
Requests

67 %
HTTPS

67 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

1621 kB
Transfer

8257 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
login.bsw-hoert-zu.de/ 		1 KB
864 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.bsw-hoert-zu.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a03:4000:4a:1:98c6:6cff:fe35:41d0 Nuremberg, Germany, ASN197540 (netcup-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e5c7539e6d1ffa75b6d97c7a0fc3559852c309fa5f85859bda203e80d1cbf23f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sat, 14 Dec 2024 16:22:10 GMT
etag
W/"675bbb8e-4ed"
last-modified
Fri, 13 Dec 2024 04:43:58 GMT
server
nginx/1.22.1
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
flutter_bootstrap.js
login.bsw-hoert-zu.de/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.bsw-hoert-zu.de/flutter_bootstrap.js
Requested by
Host: login.bsw-hoert-zu.de
URL: https://login.bsw-hoert-zu.de/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a03:4000:4a:1:98c6:6cff:fe35:41d0 Nuremberg, Germany, ASN197540 (netcup-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
d9e941f8fbe01c492c29c1382769f90e8dcecae1845fc20329fec20ef65ccd72
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.bsw-hoert-zu.de/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
etag
W/"675bbb8e-1fa5"
access-control-allow-origin
*
date
Sat, 14 Dec 2024 16:22:10 GMT
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 04:43:58 GMT
server
nginx/1.22.1
vary
Accept-Encoding
favicon.png
login.bsw-hoert-zu.de/ 		917 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.bsw-hoert-zu.de/favicon.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
2a03:4000:4a:1:98c6:6cff:fe35:41d0 Nuremberg, Germany, ASN197540 (netcup-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
7ab2525f4b86b65d3e4c70358a17e5a1aaf6f437f99cbcc046dad73d59bb9015
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.bsw-hoert-zu.de/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
etag
"66c611a9-395"
accept-ranges
bytes
access-control-allow-origin
*
content-length
917
date
Sat, 14 Dec 2024 16:22:10 GMT
content-type
image/png
last-modified
Wed, 21 Aug 2024 16:11:21 GMT
server
nginx/1.22.1
canvaskit.wasm
www.gstatic.com/flutter-canvaskit/a18df97ca57a249df5d8d68cd0820600223ce262/chromium/ 		5 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/flutter-canvaskit/a18df97ca57a249df5d8d68cd0820600223ce262/chromium/canvaskit.wasm
Requested by
Host: login.bsw-hoert-zu.de
URL: https://login.bsw-hoert-zu.de/flutter_bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
049b65b245d78b02b3e89d8bd6713fb9a2dfcbf773c6299a1004c6c3c8285739
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.bsw-hoert-zu.de/

Response headers

content-encoding
br
age
18169
report-to
{"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
x-content-type-options
nosniff
expires
Sun, 14 Dec 2025 11:19:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Dec 2024 11:19:22 GMT
last-modified
Wed, 13 Nov 2024 01:58:59 GMT
content-type
application/wasm
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="flutter-team"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
accept-ranges
bytes
access-control-allow-origin
*
content-length
1535542
x-xss-protection
0
server
sffe
canvaskit.js
www.gstatic.com/flutter-canvaskit/a18df97ca57a249df5d8d68cd0820600223ce262/chromium/ 		91 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/flutter-canvaskit/a18df97ca57a249df5d8d68cd0820600223ce262/chromium/canvaskit.js
Requested by
Host: login.bsw-hoert-zu.de
URL: https://login.bsw-hoert-zu.de/flutter_bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e94ebbd86ee9ebeef6ece4b9c60def9cdbb024bec21ddedb9f877e0c90e5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.bsw-hoert-zu.de
Referer
https://login.bsw-hoert-zu.de/

Response headers

content-encoding
br
age
430248
report-to
{"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 16:51:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 16:51:23 GMT
last-modified
Wed, 13 Nov 2024 01:58:38 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="flutter-team"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
accept-ranges
bytes
access-control-allow-origin
*
content-length
26011
x-xss-protection
0
server
sffe
main.dart.js
login.bsw-hoert-zu.de/ 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.bsw-hoert-zu.de/main.dart.js
Requested by
Host: login.bsw-hoert-zu.de
URL: https://login.bsw-hoert-zu.de/flutter_bootstrap.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
80bb44ef046477cb59d016db7982bb2f3c975ede7ff386170ac947e8279fd7e7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.bsw-hoert-zu.de/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
etag
W/"675bbba1-2ab0b5"
access-control-allow-origin
*
date
Sat, 14 Dec 2024 16:22:10 GMT
content-type
application/javascript
last-modified
Fri, 13 Dec 2024 04:44:17 GMT
server
nginx/1.22.1
vary
Accept-Encoding
FontManifest.json
login.bsw-hoert-zu.de/assets/ 		82 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.bsw-hoert-zu.de/assets/FontManifest.json
Requested by
Host: login.bsw-hoert-zu.de
URL: https://login.bsw-hoert-zu.de/main.dart.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
28b1eb2b3d2e1ad60b8c8b0f9100b1ccbf492f7fa97f5bebb51ea97e73926e7d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.bsw-hoert-zu.de/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
etag
W/"675bbba3-52"
access-control-allow-origin
*
date
Sat, 14 Dec 2024 16:22:10 GMT
content-type
application/json
last-modified
Fri, 13 Dec 2024 04:44:19 GMT
server
nginx/1.22.1
vary
Accept-Encoding
MaterialIcons-Regular.otf
login.bsw-hoert-zu.de/assets/fonts/ 		9 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.bsw-hoert-zu.de/assets/fonts/MaterialIcons-Regular.otf
Requested by
Host: login.bsw-hoert-zu.de
URL: https://login.bsw-hoert-zu.de/main.dart.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
71bc178ad48c7b9c80e8a0a5234fcc28c88f7eaefce2023941d02cd33dc7e713
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.bsw-hoert-zu.de/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
etag
"675bbba4-25d8"
accept-ranges
bytes
access-control-allow-origin
*
content-length
9688
date
Sat, 14 Dec 2024 16:22:11 GMT
content-type
application/octet-stream
last-modified
Fri, 13 Dec 2024 04:44:20 GMT
server
nginx/1.22.1
KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
fonts.gstatic.com/s/roboto/v20/ 		167 KB
89 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
Requested by
Host: login.bsw-hoert-zu.de
URL: https://login.bsw-hoert-zu.de/main.dart.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://login.bsw-hoert-zu.de/

Response headers

content-encoding
gzip
age
429315
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 17:06:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 17:06:56 GMT
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
91230
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _flutter object| flutterCanvasKitLoaded object| flutterCanvasKit

0 Cookies

2 Console Messages

Source Level URL
Text
rendering warning URL: https://login.bsw-hoert-zu.de/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000771364080000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://login.bsw-hoert-zu.de/
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A060771364080000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload