urlscan.io logo urlscan.io
SecurityTrails logo

frontend.mobilesales.postbank.de Open in urlscan Pro
178.15.161.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mobilesales.postbank.de/
Effective URL: https://frontend.mobilesales.postbank.de/login
Submission: On August 17 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 178.15.161.41, located in Mannheim, Germany and belongs to VODANET International IP-Backbone of Vodafone, DE. The main domain is frontend.mobilesales.postbank.de.
TLS certificate: Issued by DigiCert EV RSA CA G2 on June 16th 2021. Valid for: a year.
This is the only time frontend.mobilesales.postbank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 178.15.161.40 3209 (VODANET I...)
2 8 178.15.161.41 3209 (VODANET I...)
6 1
Apex Domain
Subdomains		 Transfer
9 postbank.de
mobilesales.postbank.de
frontend.mobilesales.postbank.de
361 KB
6 1
Domain Requested by
8 frontend.mobilesales.postbank.de 2 redirects frontend.mobilesales.postbank.de
1 mobilesales.postbank.de 1 redirects
6 2

This site contains no links.

Subject Issuer Validity Valid
frontend.mobilesales.postbank.de
DigiCert EV RSA CA G2		 2021-06-16 -
2022-06-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://frontend.mobilesales.postbank.de/login
Frame ID: 234869778AEBE02361056E06846F020C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://mobilesales.postbank.de/ HTTP 307
    https://frontend.mobilesales.postbank.de/ HTTP 302
    https://frontend.mobilesales.postbank.de/tip HTTP 302
    https://frontend.mobilesales.postbank.de/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
  • html /<link[^>]+href="[^>]*bootstrap-table(?:\.min)?\.css/i
  • script /bootstrap-table(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+href="[^>]*bootstrap-table(?:\.min)?\.css/i
  • script /bootstrap-table(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /moment(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link[^>]+href="[^>]*bootstrap-table(?:\.min)?\.css/i
  • script /bootstrap-table(?:\.min)?\.js/i

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

360 kB
Transfer

910 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mobilesales.postbank.de/ HTTP 307
    https://frontend.mobilesales.postbank.de/ HTTP 302
    https://frontend.mobilesales.postbank.de/tip HTTP 302
    https://frontend.mobilesales.postbank.de/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
frontend.mobilesales.postbank.de/
Redirect Chain
  • https://mobilesales.postbank.de/
  • https://frontend.mobilesales.postbank.de/
  • https://frontend.mobilesales.postbank.de/tip
  • https://frontend.mobilesales.postbank.de/login
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frontend.mobilesales.postbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.15.161.41 Mannheim, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
Software
Apache / PHP/7.4.22
Resource Hash
906b304ba460c8d5ab007c7e95dfdeff9e8b484bbddc9ae18efb024f8de55665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
frontend.mobilesales.postbank.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=ukgosgcv4t0pv7rvqmv72dmtfv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 22:25:23 GMT
Server
Apache
X-Powered-By
PHP/7.4.22
Cache-Control
no-cache
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; IncludeSubDomains; preload
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2150
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 17 Aug 2021 22:25:23 GMT
Server
Apache
X-Powered-By
PHP/7.4.22
Cache-Control
no-cache
Set-Cookie
PHPSESSID=ukgosgcv4t0pv7rvqmv72dmtfv; expires=Wed, 18-Aug-2021 06:25:23 GMT; Max-Age=28800; path=/; secure
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=31536000; IncludeSubDomains; preload
Location
https://frontend.mobilesales.postbank.de/login
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
9efc53d7b5bd2c25d7d389428426e626
frontend.mobilesales.postbank.de/cache/js/ 		305 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend.mobilesales.postbank.de/cache/js/9efc53d7b5bd2c25d7d389428426e626
Requested by
Host: frontend.mobilesales.postbank.de
URL: https://frontend.mobilesales.postbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.15.161.41 Mannheim, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
Software
Apache / PHP/7.4.22
Resource Hash
41ef1c1568442a85c32ff0695bd4f37ae6ef90a7e6f3e4cbad75e191f4b911cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
frontend.mobilesales.postbank.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://frontend.mobilesales.postbank.de/login
Cookie
PHPSESSID=ukgosgcv4t0pv7rvqmv72dmtfv
Connection
keep-alive
Referer
https://frontend.mobilesales.postbank.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
cache
Date
Tue, 17 Aug 2021 22:25:24 GMT
Content-Encoding
gzip
Server
Apache
X-Frame-Options
sameorigin
X-Powered-By
PHP/7.4.22
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; IncludeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
X-XSS-Protection
1; mode=block
Expires
Sun, 22 Aug 2021 22:25:24 GMT
5de4672393be7332012ce6f3713d4a2d
frontend.mobilesales.postbank.de/cache/css/ 		594 KB
257 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://frontend.mobilesales.postbank.de/cache/css/5de4672393be7332012ce6f3713d4a2d
Requested by
Host: frontend.mobilesales.postbank.de
URL: https://frontend.mobilesales.postbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.15.161.41 Mannheim, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
Software
Apache / PHP/7.4.22
Resource Hash
38f0e897ca9a5f4e763088059f3888358110271746cb63c73936133a342388fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
frontend.mobilesales.postbank.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://frontend.mobilesales.postbank.de/login
Cookie
PHPSESSID=ukgosgcv4t0pv7rvqmv72dmtfv
Connection
keep-alive
Referer
https://frontend.mobilesales.postbank.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
cache
Date
Tue, 17 Aug 2021 22:25:24 GMT
Content-Encoding
gzip
Server
Apache
X-Frame-Options
sameorigin
X-Powered-By
PHP/7.4.22
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; IncludeSubDomains; preload
Content-Type
text/css;charset=UTF-8
Cache-Control
max-age=432000
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
X-XSS-Protection
1; mode=block
Expires
Sun, 22 Aug 2021 22:25:24 GMT
login.js
frontend.mobilesales.postbank.de/js/web/ 		415 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://frontend.mobilesales.postbank.de/js/web/login.js?v=b6bs260973
Requested by
Host: frontend.mobilesales.postbank.de
URL: https://frontend.mobilesales.postbank.de/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.15.161.41 Mannheim, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
Software
Apache /
Resource Hash
39ca292cb76351ec3e2d3d8fff89f3b2a44d214d24e576b38482cf5d50d05bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
frontend.mobilesales.postbank.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://frontend.mobilesales.postbank.de/login
Cookie
PHPSESSID=ukgosgcv4t0pv7rvqmv72dmtfv
Connection
keep-alive
Referer
https://frontend.mobilesales.postbank.de/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 22:25:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Aug 2019 04:08:49 GMT
Server
Apache
X-Frame-Options
sameorigin
ETag
"19f-590acd8c70344-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; IncludeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
280
X-XSS-Protection
1; mode=block
background_content.png
frontend.mobilesales.postbank.de/pics/css/ 		383 B
786 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frontend.mobilesales.postbank.de/pics/css/background_content.png
Requested by
Host: frontend.mobilesales.postbank.de
URL: https://frontend.mobilesales.postbank.de/cache/css/5de4672393be7332012ce6f3713d4a2d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.15.161.41 Mannheim, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
Software
Apache /
Resource Hash
e942a63cd8b97b8498b34317a00fdc1954faf92b78360f9e956450657036c66a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
frontend.mobilesales.postbank.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://frontend.mobilesales.postbank.de/cache/css/5de4672393be7332012ce6f3713d4a2d
Cookie
PHPSESSID=ukgosgcv4t0pv7rvqmv72dmtfv
Connection
keep-alive
Referer
https://frontend.mobilesales.postbank.de/cache/css/5de4672393be7332012ce6f3713d4a2d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 22:25:24 GMT
Last-Modified
Fri, 30 Jan 2015 08:54:47 GMT
Server
Apache
ETag
"17f-50ddac1bb397b"
X-Frame-Options
sameorigin
Content-Type
image/png
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; IncludeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
383
X-XSS-Protection
1; mode=block
pb_logo.svg
frontend.mobilesales.postbank.de/pics/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://frontend.mobilesales.postbank.de/pics/pb_logo.svg
Requested by
Host: frontend.mobilesales.postbank.de
URL: https://frontend.mobilesales.postbank.de/cache/css/5de4672393be7332012ce6f3713d4a2d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.15.161.41 Mannheim, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
Software
Apache /
Resource Hash
847f06092a1bca14adbb03874a3f64127f666e6ddec44daf39d8016533639f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
frontend.mobilesales.postbank.de
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://frontend.mobilesales.postbank.de/cache/css/5de4672393be7332012ce6f3713d4a2d
Cookie
PHPSESSID=ukgosgcv4t0pv7rvqmv72dmtfv
Connection
keep-alive
Referer
https://frontend.mobilesales.postbank.de/cache/css/5de4672393be7332012ce6f3713d4a2d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 22:25:24 GMT
Last-Modified
Sun, 16 Dec 2018 20:30:20 GMT
Server
Apache
ETag
"8e4-57d2988822c4c"
X-Frame-Options
sameorigin
Content-Type
image/svg+xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=31536000; IncludeSubDomains; preload
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2276
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| IS_ANDROID boolean| IS_IOS boolean| IS_MOBILE string| FILTER_PARAMS_SEARCH string| FILTER_PARAMS_SORT_NAME string| FILTER_PARAMS_SORT_ORDER string| FILTER_PARAMS_STATUS string| FILTER_PARAMS_APPOINTMENT_STATUS string| FILTER_PARAMS_ASSIGNED_STATUS string| FILTER_PARAMS_USER string| FILTER_PARAMS_DEPARTMENT_IDS string| FILTER_PARAMS_HIGHER_TIER_DEPARTMENT_IDS string| FILTER_PARAMS_TIP_ROUTE string| FILTER_PARAMS_SALES_CHANNEL string| FILTER_PARAMS_ASSIGN_MO string| FILTER_PARAMS_FINANCING string| FILTER_PARAMS_USER_SALES_CHANNEL string| FILTER_PARAMS_OWN_FILTER string| FILTER_PARAMS_TARGET_PRODUCTS string| FILTER_PARAMS_FIO_STATUS string| FILTER_PARAMS_CREATOR_STATUSES string| FILTER_PARAMS_CREATOR_USER string| FILTER_PARAMS_TARGET_SALES_CHANNELS string| SALES_FILTER_PARAMS_SEARCH string| SALES_FILTER_PARAMS_STATUS string| SALES_FILTER_PARAMS_USER string| SALES_FILTER_PARAMS_DEPARTMENT_IDS string| SALES_FILTER_PARAMS_TIP_ROUTE string| SALES_FILTER_PARAMS_SALES_CHANNEL string| SALES_FILTER_PARAMS_USER_SALES_CHANNEL string| SALES_FILTER_PARAMS_YEAR string| SALES_FILTER_PARAMS_OWN_FILTER string| REPLACEMENT_REPLACED_BY_ALERT string| REPLACEMENT_REPLACE_USER_ALERT number| DEFAULT_ALERT_DURATION function| isAndroid function| isIOS function| showAlert function| appendOption function| showMessage function| showErrorMessage function| showWarningMessage function| showSuccessMessage function| showInfoMessage function| clearError function| clearErrors function| markErrorFields function| smoothScrollTop function| statusFormatter function| dateFormatter function| dateTimeFormatter function| dateSorter function| reminderTypeIconFormatter function| addPastAppointmentWarningIconToDataFormatterCell function| queryParamsHierarchy function| queryParamsFilter function| getMultiSelectValuesAsArray function| openTab function| scrollToTop function| scrollToFirstError function| setSessionStorageObject function| getSessionStorageObject function| buildSessionKey function| setPageSessionStorageItem function| getPageSessionStorageItem function| clearUserPageStorage function| showOverlayer function| hideOverlayer function| buildTipDetailUrl function| markVolumeValue function| registerPushToken function| loadBootstrapTableData function| isInternetExplorer function| nl2br function| isBreakpoint function| isMobileView function| getCurrentBreakpoint string| PB_ELEMENT_PROP_PREFIX function| pbElement function| toPx function| registerNavmenu function| $ function| jQuery function| BootstrapTable function| moment string| TIPS_STATUS_TRANS_KEY string| TIPS_STATUS_REASON_KEY string| TIPS_STATUS string| TIPS_APPOINTMENT_STATUS string| URL_AJAX_SALES_PROCESS string| URL_AJAX_PUSH_TOKEN string| USER_ID string| SESSION_REMINDER_KEY string| AJAX_GET_HIERARCHY_FILTER_TEMPLATE_DATA string| CURRENT_ROUTE string| INDEX_URL number| MOBILE_CALL

1 Cookies

Domain/Path Name / Value
frontend.mobilesales.postbank.de/ Name: PHPSESSID
Value: ukgosgcv4t0pv7rvqmv72dmtfv

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; IncludeSubDomains; preload
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block