bayernid.freistaat.bayern Open in urlscan Pro
193.28.249.234  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login Show response bayernid.freistaat.bayern/de/bayern/freistaat/	11 KB 5 KB	93ms 34ms	Document text/html	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash 7305bf6af1fe46e0ffcae9ae62735c7328c0b2c6d237287df880d6414835d292 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Language de-DE Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Content-Type text/html;charset=UTF-8 Date Sat, 25 Mar 2023 14:52:53 GMT Keep-Alive timeout=5, max=500 Referrer-Policy no-referrer Server Apache Strict-Transport-Security max-age=15724800; includeSubDomains Transfer-Encoding chunked Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	style-27d9b87f5f88fb6fd6619222e11ec33f1.min.css bayernid.freistaat.bayern/api/v1/webservice/public/content/	604 KB 82 KB	31ms 30ms	Stylesheet text/css	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/style-27d9b87f5f88fb6fd6619222e11ec33f1.min.css Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash f1962189e82eff171317db8000b50000477de9a627dff08ad00694238243d232 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type text/css;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=499
GET H/1.1	200 OK	style-f09bb5de08b417f0537755338dc06b863.min.css bayernid.freistaat.bayern/api/v1/webservice/public/content/	5 KB 2 KB	56ms 26ms	Stylesheet text/css	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/style-f09bb5de08b417f0537755338dc06b863.min.css Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash 33aa96d66d3f7fdeaa484597af2914500fc2648166e1234fa81ef88f7ad2f190 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type text/css;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=500
GET H/1.1	200 OK	cms-98404f7608311dd534ac59176ba12dc65.min.js Show response bayernid.freistaat.bayern/api/v1/webservice/public/content/	81 KB 19 KB	57ms 28ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/cms-98404f7608311dd534ac59176ba12dc65.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash c7337bffce7c8b3f4f49393801e2582976ac8c944bae3cf6a24f8959ecfd27a6 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=500
GET H/1.1	200 OK	cms-89f1f6a1a5a7a06462cb1fc49ff050f17.min.js Show response bayernid.freistaat.bayern/api/v1/webservice/public/content/	104 KB 26 KB	58ms 29ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/cms-89f1f6a1a5a7a06462cb1fc49ff050f17.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash d005fe23ccd26d9d36fd4863e6acadf816f3463ee674ce4210b650ee58c0d2f2 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=500
GET H/1.1	200 OK	cms-3677c49ee6794e0160264496e77c20649.min.js Show response bayernid.freistaat.bayern/api/v1/webservice/public/content/	127 KB 30 KB	57ms 28ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/cms-3677c49ee6794e0160264496e77c20649.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash 9e75b2a1be18d5686fd8e8db7696f1fcbbc11dcc01dde5bdc974d4b882fd6786 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=500
GET H/1.1	200 OK	csp.min.js Show response bayernid.freistaat.bayern/static/js/	1 KB 2 KB	53ms 25ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/static/js/csp.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash 061778f617d9c99530da9d88a223712f839d4adec65f16a1c0729ae52bcfd474 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Connection Keep-Alive Content-Length 1105 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Wed, 02 Nov 2022 12:08:06 GMT Server Apache Vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript Cache-Control no-cache, no-store, max-age=0, must-revalidate Accept-Ranges bytes Keep-Alive timeout=5, max=500
GET H/1.1	200 OK	polyfills.min.js Show response bayernid.freistaat.bayern/static/js/	130 KB 45 KB	78ms 24ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/static/js/polyfills.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash 27a82c0b14daaa56400b1fdb459e4e69d6a216b8f30f1e8369e04ca437b29563 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Wed, 02 Nov 2022 12:08:06 GMT Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript Cache-Control no-cache, no-store, max-age=0, must-revalidate Keep-Alive timeout=5, max=499
GET H/1.1	200 OK	bundle-b6dc6ae78d6c3e76693d9f863071704b2.min.js Show response bayernid.freistaat.bayern/api/v1/webservice/public/content/	3 MB 754 KB	110ms 56ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/bundle-b6dc6ae78d6c3e76693d9f863071704b2.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash 899d87a16535ee4bc0dc4ebd8aeecab4795ba2a58706ac263afbad234916af68 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=499
GET H/1.1	200 OK	bundle-41e01c50075af038ee56956370c49c254.min.js Show response bayernid.freistaat.bayern/api/v1/webservice/public/content/	258 KB 53 KB	98ms 39ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/bundle-41e01c50075af038ee56956370c49c254.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash 828fed751038b1a368fa7ebfd5be8aa4e1b536d02d4dbfe4047aef407ef29b5d Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=498
GET H/1.1	200 OK	bundle-955c3c7814c74f9c056a4e3fe99fe1f56.min.js Show response bayernid.freistaat.bayern/api/v1/webservice/public/content/	106 KB 28 KB	99ms 31ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/bundle-955c3c7814c74f9c056a4e3fe99fe1f56.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash ef97fd60e73a6bb86851c4c53d86092b990ee46a5bcce06246c9fd1339d4b5bf Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=499
GET H/1.1	200 OK	bundle-a6e1e361da2dbf8d03fcf3543456977e8.min.js Show response bayernid.freistaat.bayern/api/v1/webservice/public/content/	92 KB 16 KB	99ms 29ms	Script application/javascript	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/content/bundle-a6e1e361da2dbf8d03fcf3543456977e8.min.js Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash be5eea50be1aa72ba9083d578911cc58345567702be265af960cbefb8dbcf3be Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Strict-Transport-Security max-age=15724800; includeSubDomains Content-Encoding gzip Transfer-Encoding chunked Content-Disposition inline;filename=f.txt Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Server Apache Vary Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/javascript;charset=UTF-8 Cache-Control public, max-age=604800, immutable Keep-Alive timeout=5, max=499
GET H/1.1	200 OK	featuretoggles Show response bayernid.freistaat.bayern/api/v3/servicekonto/public/	405 B 1 KB	20ms 19ms	Fetch application/json	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v3/servicekonto/public/featuretoggles Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/api/v1/webservice/public/content/bundle-b6dc6ae78d6c3e76693d9f863071704b2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash b6a1d5471c6b00d5b2e66fa5a8840207a0798ea7f4d2dd05de39205e19e73e43 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers X-XSRF-TOKEN aa015180-c96b-4ba1-afd2-c70bcaa43f91 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Content-Type application/json Accept application/json Referer bsp_ctx de/bayern/freistaat X-XSRF-TOKEN-ADDON YWEwMTUxODAtYzk2Yi00YmExLWFmZDItYzcwYmNhYTQzZjkxIHwgYWtkYiBhcGkgfCB1c2FnZSBwZXJtaXNzaW9uIHJlcXVpcmVkIQ== Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Referrer-Policy no-referrer Server Apache Strict-Transport-Security max-age=15724800; includeSubDomains Vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type application/json Transfer-Encoding chunked Cache-Control no-cache, no-store, max-age=0, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=498 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	image-1681d119f6cd007a85895ad7ebd0b9f9.jpg bayernid.freistaat.bayern/api/v1/webservice/public/asset/	603 KB 605 KB	31ms 31ms	Image image/jpeg	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Show image Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/asset/image-1681d119f6cd007a85895ad7ebd0b9f9.jpg Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash f496e657be8a37c8dec36cb92b3855a11b6fa7d9407e636960048caab07519a1 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://bayernid.freistaat.bayern/de/bayern/freistaat/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Referrer-Policy no-referrer Server Apache Strict-Transport-Security max-age=15724800; includeSubDomains Vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type image/jpeg Transfer-Encoding chunked Cache-Control public, max-age=604800, immutable Connection Keep-Alive Keep-Alive timeout=5, max=497 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	static-703cf8f274fbb265d49c6262825780e1.woff2 bayernid.freistaat.bayern/api/v1/webservice/public/asset/	81 KB 81 KB	26ms 26ms	Font text/plain	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/asset/static-703cf8f274fbb265d49c6262825780e1.woff2 Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/api/v1/webservice/public/content/style-27d9b87f5f88fb6fd6619222e11ec33f1.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash a7f9b69fccbab8995bbc05b9b7d34db5e893588072fe368929c67e2467221f4f Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer Origin https://bayernid.freistaat.bayern accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Referrer-Policy no-referrer Server Apache Strict-Transport-Security max-age=15724800; includeSubDomains Vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Cache-Control public, max-age=604800, immutable Connection Keep-Alive Keep-Alive timeout=5, max=498 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	image-18964f742063ea3d288bd365d13d2c7d.png bayernid.freistaat.bayern/api/v1/webservice/public/asset/	16 KB 17 KB	22ms 22ms	Image image/png	193.28.249.234 COLT COLT Technol...
General Check archive.org Show headers Download Go to Show image Full URL https://bayernid.freistaat.bayern/api/v1/webservice/public/asset/image-18964f742063ea3d288bd365d13d2c7d.png Requested by Host: bayernid.freistaat.bayern URL: https://bayernid.freistaat.bayern/de/bayern/freistaat/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 193.28.249.234 , Germany, ASN8220 (COLT COLT Technology Services Group Limited, GB), Reverse DNS Software Apache / Resource Hash 84a2c28d28c4c61aa6d43985215619f06d2fe92340c3b86c79f9c6947eab0504 Security Headers Name Value Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Sat, 25 Mar 2023 14:52:53 GMT Content-Security-Policy default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de; X-Content-Type-Options nosniff Referrer-Policy no-referrer Server Apache Strict-Transport-Security max-age=15724800; includeSubDomains Vary Origin,Access-Control-Request-Method,Access-Control-Request-Headers X-Frame-Options SAMEORIGIN Content-Type image/png Transfer-Encoding chunked Cache-Control public, max-age=604800, immutable Connection Keep-Alive Keep-Alive timeout=5, max=497 X-XSS-Protection 1; mode=block

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| cms_data_588888d4cb2a4e4b4d5a56a683356cc8 function| cms_data_a9403b1592d4e08c60c322fa22201173 function| cms_data_d20de41646d1b11f3ebf91c39924c75d boolean| CSP_UNSAFE_EVAL function| setImmediate function| clearImmediate object| regeneratorRuntime object| regjsgen number| 2f1acc6c3a606b082e5eef5e54414ffb function| _ function| Vue object| Framework function| moment object| framework object| application object| layoutLegacy object| registration object| APP_CONFIG function| printVTestIDs

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bayernid.freistaat.bayern/	1969-12-31 23:59:59	Name: _bsp_trc Value: 1b9b18e0-dd45-4495-a38a-733a9f0c7c54
			bayernid.freistaat.bayern/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: aa015180-c96b-4ba1-afd2-c70bcaa43f91
			bayernid.freistaat.bayern/	1969-12-31 23:59:59	Name: ROUTEID Value: .2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; style-src 'unsafe-inline' 'self'; connect-src 'self' http://127.0.0.1:24727; upgrade-insecure-requests; media-src 'self' https://www.ausweisapp.bund.de;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bayernid.freistaat.bayern
193.28.249.234
061778f617d9c99530da9d88a223712f839d4adec65f16a1c0729ae52bcfd474
27a82c0b14daaa56400b1fdb459e4e69d6a216b8f30f1e8369e04ca437b29563
33aa96d66d3f7fdeaa484597af2914500fc2648166e1234fa81ef88f7ad2f190
7305bf6af1fe46e0ffcae9ae62735c7328c0b2c6d237287df880d6414835d292
828fed751038b1a368fa7ebfd5be8aa4e1b536d02d4dbfe4047aef407ef29b5d
84a2c28d28c4c61aa6d43985215619f06d2fe92340c3b86c79f9c6947eab0504
899d87a16535ee4bc0dc4ebd8aeecab4795ba2a58706ac263afbad234916af68
9e75b2a1be18d5686fd8e8db7696f1fcbbc11dcc01dde5bdc974d4b882fd6786
a7f9b69fccbab8995bbc05b9b7d34db5e893588072fe368929c67e2467221f4f
b6a1d5471c6b00d5b2e66fa5a8840207a0798ea7f4d2dd05de39205e19e73e43
be5eea50be1aa72ba9083d578911cc58345567702be265af960cbefb8dbcf3be
c7337bffce7c8b3f4f49393801e2582976ac8c944bae3cf6a24f8959ecfd27a6
d005fe23ccd26d9d36fd4863e6acadf816f3463ee674ce4210b650ee58c0d2f2
ef97fd60e73a6bb86851c4c53d86092b990ee46a5bcce06246c9fd1339d4b5bf
f1962189e82eff171317db8000b50000477de9a627dff08ad00694238243d232
f496e657be8a37c8dec36cb92b3855a11b6fa7d9407e636960048caab07519a1