hit-qs-google.hansetrans.de Open in urlscan Pro
35.234.90.174  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://hit-qs-google-kundenzugang.hansetrans.de/ Page URL
2. https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response hit-qs-google-kundenzugang.hansetrans.de/	914 B 1 KB	603ms 41ms	Document text/html	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash a55207ed6aa62a8edc6f045a5da2cfe165e9bfd05627e0ccbef6a49850d01827 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes cache-control no-cache, no-store, max-age=0, must-revalidate content-language de-DE content-length 914 content-type text/html date Tue, 25 Jun 2024 08:17:46 GMT expires 0 last-modified Fri, 07 Jun 2024 05:26:56 GMT pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	runtime.01fbdeacdde10c1e.js Show response hit-qs-google-kundenzugang.hansetrans.de/	2 KB 2 KB	118ms 90ms	Script application/javascript	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/runtime.01fbdeacdde10c1e.js Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 34ace20547ba47452db2004c281918ce32208cb3e3d65984b9b2f001676f3c6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Origin https://hit-qs-google-kundenzugang.hansetrans.de Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 25 Jun 2024 08:17:46 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 07 Jun 2024 05:26:56 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/javascript cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 1779 x-xss-protection 1; mode=block expires 0
GET H2	200	polyfills.52f6944529b271e4.js Show response hit-qs-google-kundenzugang.hansetrans.de/	33 KB 34 KB	113ms 92ms	Script application/javascript	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/polyfills.52f6944529b271e4.js Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 7a35e20f902560f3f64554e72f5fc1cfd9e77705c3d9c1de697b38f8bed12c11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Origin https://hit-qs-google-kundenzugang.hansetrans.de Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 25 Jun 2024 08:17:46 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 07 Jun 2024 05:26:56 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/javascript cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 33933 x-xss-protection 1; mode=block expires 0
GET H2	200	scripts.29459ae39ee09f9e.js Show response hit-qs-google-kundenzugang.hansetrans.de/	334 KB 335 KB	153ms 141ms	Script application/javascript	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/scripts.29459ae39ee09f9e.js Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash f765ef0d11cfceb35a954461d0612653b2b65e589a86bebd9160758366e9e66f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 25 Jun 2024 08:17:46 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 07 Jun 2024 05:26:56 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/javascript cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 341928 x-xss-protection 1; mode=block expires 0
GET H2	200	main.278f61c2e74e684d.js Show response hit-qs-google-kundenzugang.hansetrans.de/	2 MB 2 MB	71ms 50ms	Script application/javascript	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/main.278f61c2e74e684d.js Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 386afbbb1514af65fbdae1c37949c9469b4d0d3dd4a34404993e5fa7af63b0e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Origin https://hit-qs-google-kundenzugang.hansetrans.de Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 25 Jun 2024 08:17:46 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 07 Jun 2024 05:26:56 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type application/javascript cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 2396314 x-xss-protection 1; mode=block expires 0
GET H2	200	css fonts.googleapis.com/	6 KB 802 B	165ms 60ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3190e9796e3e6b7bdf421c3864f69fcdcf147379b0e3c16c73488e041f6de805 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 25 Jun 2024 08:17:46 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Jun 2024 06:43:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Jun 2024 08:17:46 GMT
GET H2	200	icon fonts.googleapis.com/	569 B 775 B	155ms 51ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 25 Jun 2024 08:17:46 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Jun 2024 08:17:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Jun 2024 08:17:46 GMT
GET H2	200	styles.bbf3c805eb8c892a.css hit-qs-google-kundenzugang.hansetrans.de/	158 KB 159 KB	153ms 142ms	Stylesheet text/css	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/styles.bbf3c805eb8c892a.css Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 65d53ba996879dd971960705402ca6aff73624a679708469c68bca74837efc86 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 25 Jun 2024 08:17:46 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 07 Jun 2024 05:26:56 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type text/css cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 161958 x-xss-protection 1; mode=block expires 0
GET H2	200	config Show response hit-qs-google-kundenzugang.hansetrans.de/api/	237 B 456 B	58ms 43ms	XHR application/json	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/api/config Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/polyfills.52f6944529b271e4.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 40347264c55164c0c7757ada82ffbea90d5b2c0046bfe19cba7635cee5cf9b0f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 client-trace-id 34b2bcab-247e-43d8-b923-1934a572d549 Accept application/json Referer https://hit-qs-google-kundenzugang.hansetrans.de/ sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:47 GMT strict-transport-security max-age=31536000; includeSubDomains vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers client-trace-id 34b2bcab-247e-43d8-b923-1934a572d549 content-type application/json
GET H2	200	styles.bbf3c805eb8c892a.css hit-qs-google-kundenzugang.hansetrans.de/	158 KB 159 KB	47ms 46ms	Stylesheet text/css	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/styles.bbf3c805eb8c892a.css Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 65d53ba996879dd971960705402ca6aff73624a679708469c68bca74837efc86 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 25 Jun 2024 08:17:47 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 07 Jun 2024 05:26:56 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type text/css cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 161958 x-xss-protection 1; mode=block expires 0
GET H2	200	step1.html hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/3p-cookies/ Frame 6323	2 KB 3 KB	160ms 42ms	Document text/html	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/3p-cookies/step1.html Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/main.278f61c2e74e684d.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Content-Security-Policy frame-src 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-length 2318 content-security-policy frame-src 'self'; object-src 'none'; content-type text/html;charset=utf-8 date Tue, 25 Jun 2024 08:17:48 GMT referrer-policy no-referrer strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	step2.html hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/3p-cookies/ Frame 6323	686 B 989 B	45ms 44ms	Document text/html	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/3p-cookies/step2.html Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/3p-cookies/step1.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Content-Security-Policy frame-src 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache, must-revalidate, no-transform, no-store content-length 686 content-security-policy frame-src 'self'; object-src 'none'; content-type text/html;charset=utf-8 date Tue, 25 Jun 2024 08:17:48 GMT referrer-policy no-referrer strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	Primary Request auth Show response hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/	4 KB 5 KB	50ms 49ms	Document text/html	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Requested by Host: hit-qs-google-kundenzugang.hansetrans.de URL: https://hit-qs-google-kundenzugang.hansetrans.de/main.278f61c2e74e684d.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash b4ebda4c267d7760bbcc113d9065f3d4d5578381f4dead0fc6332cf9148696e7 Security Headers Name Value Content-Security-Policy frame-src 'self'; frame-ancestors 'self'; object-src 'none'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, must-revalidate, max-age=0 content-language de content-length 3797 content-security-policy frame-src 'self'; frame-ancestors 'self'; object-src 'none'; content-type text/html;charset=utf-8 date Tue, 25 Jun 2024 08:17:48 GMT referrer-policy no-referrer strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-frame-options SAMEORIGIN x-robots-tag none x-xss-protection 1; mode=block
GET H2	200	favicon.ico hit-qs-google-kundenzugang.hansetrans.de/	1 KB 2 KB	44ms 44ms	Other image/x-icon	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google-kundenzugang.hansetrans.de/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://hit-qs-google-kundenzugang.hansetrans.de/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 25 Jun 2024 08:17:48 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Fri, 07 Jun 2024 05:26:56 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers content-type image/x-icon cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 1150 x-xss-protection 1; mode=block expires 0
GET H2	200	icon fonts.googleapis.com/	569 B 0	14ms 14ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:46 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Jun 2024 08:17:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Jun 2024 08:17:46 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 774 B	64ms 49ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400 Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 02be0d1c0f0bc8465d940cfbab9f4a3faf3c3b31f672fd44c42f779681f27bdf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 25 Jun 2024 08:17:48 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 25 Jun 2024 08:16:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 25 Jun 2024 08:17:48 GMT
GET H2	200	material.min.js Show response code.getmdl.io/1.3.0/	61 KB 61 KB	171ms 49ms	Script application/javascript	2a00:1450:4001:80e::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://code.getmdl.io/1.3.0/material.min.js Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 3c27eee3e7e742ba78c0d9956e337579a5f82db3af39e8da6f450e8632decebc Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 22 Jun 2024 08:17:29 GMT last-modified Wed, 21 Dec 2016 13:18:50 GMT server Google Frontend age 259219 etag W/"61f516d4a1b479b23761090038965bb0" allow GET, HEAD, OPTIONS content-type application/javascript access-control-allow-origin * x-cloud-trace-context ba108477870dff1a86c92827b1b2ef54 cache-control public,max-age=2592000 x-appengine-log-flush-count 0 content-length 62491
GET H2	200	mdl.css hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/css/	138 KB 21 KB	54ms 45ms	Stylesheet text/css	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/css/mdl.css Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 4ec6a69515ce33ae4f7faf7e30cf4622b90f510b1c2c3bd08e05fad04a6e59f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:48 GMT content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-type text/css cache-control max-age=2592000 x-xss-protection 1; mode=block
GET H2	200	styles.css hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/css/	4 KB 1 KB	52ms 43ms	Stylesheet text/css	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/css/styles.css Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 6b04d5175dee67f05425afc827969a6a57d48ab21236b4ff49069a00d2b6b6b0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:48 GMT content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-type text/css cache-control max-age=2592000 content-length 1245 x-xss-protection 1; mode=block
GET H2	200	styles-otp.css hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/css/	664 B 542 B	51ms 44ms	Stylesheet text/css	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/css/styles-otp.css Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash a882217e5e2267cc325e6411edf6d00b178e3a2025d6ddd8d3b764e5d644e9f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:48 GMT content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-type text/css cache-control max-age=2592000 content-length 320 x-xss-protection 1; mode=block
GET H2	200	hit-logo-2018.svg hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/img/	20 KB 8 KB	48ms 42ms	Image image/svg+xml	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/img/hit-logo-2018.svg Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 25dfd56a418b641dac00bef200e81ef8fa6c0c2d9b7b3eaa4eb571700624f39a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:48 GMT content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml cache-control max-age=2592000 content-length 7700 x-xss-protection 1; mode=block
GET H2	200	user.svg hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/img/	356 B 476 B	91ms 85ms	Image image/svg+xml	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/img/user.svg Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash eb703cc5615b7ad353a2f42f67bcc193d2659e61dd0e813b432bd4db7e2e4cfc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:48 GMT content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml cache-control max-age=2592000 content-length 249 x-xss-protection 1; mode=block
GET H2	200	passwort.svg hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/img/	472 B 531 B	76ms 75ms	Image image/svg+xml	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/img/passwort.svg Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 8ce5c16fa8d7372b43226958b0ce931c9076b9f597a6a3268c517a0dc0c3b960 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:48 GMT content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-type image/svg+xml cache-control max-age=2592000 content-length 304 x-xss-protection 1; mode=block
GET H2	200	startInputSubmitButtonValidation.js Show response hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/js/	2 KB 856 B	76ms 76ms	Script text/javascript	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/js/startInputSubmitButtonValidation.js Requested by Host: hit-qs-google.hansetrans.de URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash 9aa968d228a5a4e22f8e4631b2522a9993f855b1e4d7ebcaecfeab57e5d95509 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:48 GMT content-encoding gzip referrer-policy no-referrer x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript cache-control max-age=2592000 content-length 629 x-xss-protection 1; mode=block
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	149ms 49ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://hit-qs-google.hansetrans.de Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 14:48:09 GMT x-content-type-options nosniff age 581379 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 18 Jun 2025 14:48:09 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2b4fbdc82f135a08fab5643804fc02fcedfe59da66d27949525c9f3c09f7fca8 Request headers Referer Origin https://hit-qs-google.hansetrans.de Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	hansetrans-favicon.png hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/img/	1 KB 1 KB	50ms 50ms	Other image/png	35.234.90.174 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://hit-qs-google.hansetrans.de/auth/resources/6la9s/login/hit/img/hansetrans-favicon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.234.90.174 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 174.90.234.35.bc.googleusercontent.com Software / Resource Hash a25f8904836a129593a003fa0b6bf3d3e47342bac3edfb810d8a27cd453a0272 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 08:17:48 GMT strict-transport-security max-age=31536000; includeSubDomains referrer-policy no-referrer x-content-type-options nosniff content-type image/png cache-control max-age=2592000 content-length 1116 x-xss-protection 1; mode=block

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| startInputSubmitButtonValidation object| componentHandler function| MaterialButton function| MaterialCheckbox function| MaterialIconToggle function| MaterialMenu function| MaterialProgress function| MaterialRadio function| MaterialSlider function| MaterialSnackbar function| MaterialSpinner function| MaterialSwitch function| MaterialTabs function| MaterialTextfield function| MaterialTooltip function| MaterialLayout function| MaterialLayoutTab function| MaterialDataTable function| MaterialRipple

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			hit-qs-google.hansetrans.de/auth/realms/master/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: a9dffdae-42da-4a09-a25d-f7814c0efea5.hit-keycloak-1-447
			hit-qs-google.hansetrans.de/auth/realms/master/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: a9dffdae-42da-4a09-a25d-f7814c0efea5.hit-keycloak-1-447
			hit-qs-google.hansetrans.de/auth/realms/master/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzUxMiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIyZThkMGFmZS1jNjAzLTQyMTMtOWNlYy03YjFkYmRlZjk1YmQifQ.eyJjaWQiOiJiMmItZnJvbnRlbmQiLCJwdHkiOiJvcGVuaWQtY29ubmVjdCIsInJ1cmkiOiJodHRwczovL2hpdC1xcy1nb29nbGUta3VuZGVuenVnYW5nLmhhbnNldHJhbnMuZGUvIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL2hpdC1xcy1nb29nbGUuaGFuc2V0cmFucy5kZS9hdXRoL3JlYWxtcy9tYXN0ZXIiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vaGl0LXFzLWdvb2dsZS1rdW5kZW56dWdhbmcuaGFuc2V0cmFucy5kZS8iLCJzdGF0ZSI6IjRmZWZjMDQ1LTUzOGItNDhmYy04MzkxLTZhMmIxYTgxOTdiNiIsIm5vbmNlIjoiY2ViNTRkYTMtMDkyMC00MDBjLTg1MGQtYWJmMTEwMDgzOGIzIiwicmVzcG9uc2VfbW9kZSI6ImZyYWdtZW50In19.bgWiZmsbOWP3iynSLzUnlBL7eNgVtTuGYIJfEFMr8cmCCdpSBtI7xof9bHphj1rZgnUGwg9myfWi-JiIiRRDYA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://hit-qs-google.hansetrans.de/auth/realms/master/protocol/openid-connect/auth?client_id=b2b-frontend&redirect_uri=https%3A%2F%2Fhit-qs-google-kundenzugang.hansetrans.de%2F&state=4fefc045-538b-48fc-8391-6a2b1a8197b6&response_mode=fragment&response_type=code&scope=openid&nonce=ceb54da3-0920-400c-850d-abf1100838b3 Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.getmdl.io
fonts.googleapis.com
fonts.gstatic.com
hit-qs-google-kundenzugang.hansetrans.de
hit-qs-google.hansetrans.de
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2013
2a00:1450:4001:829::200a
35.234.90.174
02be0d1c0f0bc8465d940cfbab9f4a3faf3c3b31f672fd44c42f779681f27bdf
25dfd56a418b641dac00bef200e81ef8fa6c0c2d9b7b3eaa4eb571700624f39a
2b4fbdc82f135a08fab5643804fc02fcedfe59da66d27949525c9f3c09f7fca8
3190e9796e3e6b7bdf421c3864f69fcdcf147379b0e3c16c73488e041f6de805
34ace20547ba47452db2004c281918ce32208cb3e3d65984b9b2f001676f3c6e
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
386afbbb1514af65fbdae1c37949c9469b4d0d3dd4a34404993e5fa7af63b0e5
3c27eee3e7e742ba78c0d9956e337579a5f82db3af39e8da6f450e8632decebc
40347264c55164c0c7757ada82ffbea90d5b2c0046bfe19cba7635cee5cf9b0f
4ec6a69515ce33ae4f7faf7e30cf4622b90f510b1c2c3bd08e05fad04a6e59f9
65d53ba996879dd971960705402ca6aff73624a679708469c68bca74837efc86
6b04d5175dee67f05425afc827969a6a57d48ab21236b4ff49069a00d2b6b6b0
7a35e20f902560f3f64554e72f5fc1cfd9e77705c3d9c1de697b38f8bed12c11
8ce5c16fa8d7372b43226958b0ce931c9076b9f597a6a3268c517a0dc0c3b960
9aa968d228a5a4e22f8e4631b2522a9993f855b1e4d7ebcaecfeab57e5d95509
a25f8904836a129593a003fa0b6bf3d3e47342bac3edfb810d8a27cd453a0272
a55207ed6aa62a8edc6f045a5da2cfe165e9bfd05627e0ccbef6a49850d01827
a882217e5e2267cc325e6411edf6d00b178e3a2025d6ddd8d3b764e5d644e9f7
b4ebda4c267d7760bbcc113d9065f3d4d5578381f4dead0fc6332cf9148696e7
eb703cc5615b7ad353a2f42f67bcc193d2659e61dd0e813b432bd4db7e2e4cfc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f765ef0d11cfceb35a954461d0612653b2b65e589a86bebd9160758366e9e66f