login.datev.de
Open in
urlscan Pro
193.27.50.209
Public Scan
Effective URL: https://login.datev.de/openid/authorize?state=MDRjZmYwNWMtN2M3Yi00NDUwLTgyZGEtYmMxMDNhMWViMDFjO2xoT2M4aGhXVmM2RnR0K2dTR...
Submission: On November 03 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 9th 2022. Valid for: a year.
This is the only time login.datev.de was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 193.27.50.203 193.27.50.203 | 15451 (DATEV-AS) (DATEV-AS) | |
2 2 | 193.27.51.43 193.27.51.43 | 15451 (DATEV-AS) (DATEV-AS) | |
11 | 193.27.50.209 193.27.50.209 | 15451 (DATEV-AS) (DATEV-AS) | |
4 | 193.27.50.202 193.27.50.202 | 15451 (DATEV-AS) (DATEV-AS) | |
15 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
datev.de
3 redirects
duo.datev.de webapps.datev.de login.datev.de — Cisco Umbrella Rank: 394704 apps.datev.de — Cisco Umbrella Rank: 424942 |
648 KB |
15 | 1 |
Domain | Requested by | |
---|---|---|
11 | login.datev.de |
login.datev.de
|
4 | apps.datev.de |
login.datev.de
apps.datev.de |
2 | webapps.datev.de | 2 redirects |
1 | duo.datev.de | 1 redirects |
15 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
apps.datev.de |
datev.com |
www.datev.de |
www.datev.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.datev.de Thawte TLS RSA CA G1 |
2022-09-09 - 2023-09-26 |
a year | crt.sh |
apps.datev.de Thawte TLS RSA CA G1 |
2022-02-03 - 2023-02-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.datev.de/openid/authorize?state=MDRjZmYwNWMtN2M3Yi00NDUwLTgyZGEtYmMxMDNhMWViMDFjO2xoT2M4aGhXVmM2RnR0K2dTR2VVQlB6UUExNmVnWnpiU3hadEpwOTFPdDQ9&nonce=7430854f-4be0-4165-924d-bc103a1ee2b4&redirect_uri=https://webapps.datev.de/login&code_challenge=IbH4T3vcoGrfjqINvv-5UcFs5OT0oDh9Ll__smOf2cQ&code_challenge_method=S256&client_id=0000fa81-3dfc-4e88-9052-96eb5257eaef&response_type=code%20id_token&response_mode=form_post&scope=openid%20profile%20email%20extended_profile
Frame ID: A1E56B358BC1B9ADAA515DB74AD5E281
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
DATEV LoginPage URL History Show full URLs
-
http://duo.datev.de/?mid=5250&GET_MENU=1114&guid=63B883400B0334CC9264C98B0A4A1D27
HTTP 307
https://webapps.datev.de/wopl/FC/FC?mid=5250&GET_MENU=1114&guid=63B883400B0334CC9264C98B0A4A1D27 HTTP 302
https://webapps.datev.de/authorize HTTP 302
https://login.datev.de/openid/authorize?state=MDRjZmYwNWMtN2M3Yi00NDUwLTgyZGEtYmMxMDNhMWViMDFjO2xoT... Page URL
Detected technologies
AngularJS (JavaScript Frameworks) ExpandDetected patterns
- \bangular.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Help-Center for further information
Search URL Search Domain Scan URL
Title: DATEV eG
Search URL Search Domain Scan URL
Title: More information about DATEV registration methods
Search URL Search Domain Scan URL
Title: Data Protection
Search URL Search Domain Scan URL
Title: Imprint
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://duo.datev.de/?mid=5250&GET_MENU=1114&guid=63B883400B0334CC9264C98B0A4A1D27
HTTP 307
https://webapps.datev.de/wopl/FC/FC?mid=5250&GET_MENU=1114&guid=63B883400B0334CC9264C98B0A4A1D27 HTTP 302
https://webapps.datev.de/authorize HTTP 302
https://login.datev.de/openid/authorize?state=MDRjZmYwNWMtN2M3Yi00NDUwLTgyZGEtYmMxMDNhMWViMDFjO2xoT2M4aGhXVmM2RnR0K2dTR2VVQlB6UUExNmVnWnpiU3hadEpwOTFPdDQ9&nonce=7430854f-4be0-4165-924d-bc103a1ee2b4&redirect_uri=https://webapps.datev.de/login&code_challenge=IbH4T3vcoGrfjqINvv-5UcFs5OT0oDh9Ll__smOf2cQ&code_challenge_method=S256&client_id=0000fa81-3dfc-4e88-9052-96eb5257eaef&response_type=code%20id_token&response_mode=form_post&scope=openid%20profile%20email%20extended_profile Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
authorize
login.datev.de/openid/ Redirect Chain
|
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dna-theme.css
login.datev.de/zrlgui/angular/styles/ |
269 KB 38 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
login.datev.de/zrlgui/angular/styles/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
login.datev.de/zrlgui/angular/scripts/ |
293 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
translate.js
login.datev.de/zrlgui/angular/scripts/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular.js
login.datev.de/zrlgui/angular/scripts/ |
1 MB 330 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
login.datev.de/zrlgui/angular/scripts/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
apps.datev.de/assets/datev/fonts/1.1.0/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
login.datev.de/zrlgui/angular/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dna-theme-sprite.symbol-e0ceaf27.svg
login.datev.de/zrlgui/angular/sprites/ |
15 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notosansdisplay-regular-webfont.woff2
apps.datev.de/assets/datev/fonts/1.1.0/ |
64 KB 65 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notosansdisplay-medium-webfont.woff2
apps.datev.de/assets/datev/fonts/1.1.0/ |
65 KB 66 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
schattenkante.png
login.datev.de/zrlgui/angular/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.json
login.datev.de/zrlgui/angular/scripts/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3b9c2c78-1f7c-419b-aeda-67708caa3005.woff2
apps.datev.de/assets/datev/fonts/1.1.0/ |
41 KB 42 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| translate function| Translate object| datev_authentication_options function| datev_authentication_select string| publicCookieString string| cookieDomain object| authenticationMethods object| angular object| module string| PAGE_ID string| ANWENDUNG object| scope object| STATISTIK_MEDIEN function| mainController object| _self6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.webapps.datev.de/ | Name: DP-WEBAPPS-ORIURI Value: https://webapps.datev.de/wopl/FC/FC?mid=5250&GET_MENU=1114&guid=63B883400B0334CC9264C98B0A4A1D27 |
|
.webapps.datev.de/ | Name: DP-WEBAPPS-HMACURI Value: CuQsYETTKccl5oXPeVRKfQIqAWnNcIjoNO568ahlPRE= |
|
.webapps.datev.de/ | Name: DP-OID-STATE-TOKEN Value: MDRjZmYwNWMtN2M3Yi00NDUwLTgyZGEtYmMxMDNhMWViMDFjO2xoT2M4aGhXVmM2RnR0K2dTR2VVQlB6UUExNmVnWnpiU3hadEpwOTFPdDQ9 |
|
login.datev.de/ | Name: JSESSIONID_ZRLGKA Value: 0000tmlX5MOpIMaWrMxYGhA7Q_f:zrlgka-0_uxprod19 |
|
.apps.datev.de/ | Name: TS01140f81 Value: 013adfa924acb566202e1a9f56aab491009a6d9f3fc67e79aa8f82083e53e2928b589463444590d954d8303d7472fe5bca6e2f32a1 |
|
.datev.de/ | Name: DATEV_LANG Value: en |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apps.datev.de
duo.datev.de
login.datev.de
webapps.datev.de
193.27.50.202
193.27.50.203
193.27.50.209
193.27.51.43
2aa4c764272537b7b352cda9138941930d7dc295fad7a87fa559a9194d39ec2c
33e3e5dd8e3bbc3f7b71ccc8b9d30b56c3ef997530dc66cf40041c4a7c4b0f86
3407cf40545ace45a9ab9e2982f57f2cb1bffc7f2b0a2b487239f807ed82fa37
61b8e1ab569d8c1afb450f92a44d75c5ee79097ebaf0211f73744b916d950ca4
724fdf3eb38da4f1109629d04214722e01ef4d5554033955e1d169c2881859df
7541b800f0b92bcf922fd6e9536e83424453524c4f20ca2090e0c0dd7a38f48e
b6adc8c7ba7787f78260d53b56c6f46c826e62a807fe9327bd27a84d57ade75d
bd8ef1ebf90210b8395d6e1e8cc7845993fc35f8c8b987e569d7a95374a40ec5
c74968c98aa3024f82a6c6aca61edd4835d6bbfd689b26093773629f69f5bccf
c7df41bc00628bec220b0378dc1f2f5041980758403b6f24b9774ac43a9186d8
c890721f3918e1b51b1c8f142202efbc69906a723d55a7f4f8f65ebd3574a2e1
e7adcc31c74d34b5a98a3046685c6c83b43a1a09eef9702d9f4345f629a5fd4c
e7b0c6a59dd578cad0c118e757889e0f532c7d5493c2d7fd94c0e9d0411cbe7f
ede91254f5c01d26a46869bb7fde4675906f1cc89eb8b80bd8956e3530008e8e
fb10b345e05dc1095e4183649f4e75c2c0fc3fedb3b09b854535845e3dfbe355