zapp-postmessage.test.basis-ven.de Open in urlscan Pro
87.118.68.52 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zapp-postmessage.test.basis-ven.de/
Submission: On March 17 via automatic, source certstream-suspicious (March 17th 2024, 8:54:38 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 87.118.68.52, located in Germany and belongs to KEYWEB-AS, DE. The main domain is zapp-postmessage.test.basis-ven.de.
TLS certificate: Issued by R3 on March 17th 2024. Valid for: 3 months.

This is the only time zapp-postmessage.test.basis-ven.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	87.118.68.52 87.118.68.52	31103 (KEYWEB-AS) (KEYWEB-AS)
2 2	80.67.16.21 80.67.16.21	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
8	1

8 87.118.68.52 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: host25.gn2-server.de

zapp-postmessage.test.basis-ven.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b2020-ve-dms.vzby.basis-ven.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.67.16.21 (Cologne, Germany) 2 redirects

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: sslsites.ispgateway.de

sslsites.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	basis-ven.de zapp-postmessage.test.basis-ven.de b2020-ve-dms.vzby.basis-ven.de	42 KB
2	sslsites.de 2 redirects sslsites.de	470 B
8	2

	Domain	Requested by
7	b2020-ve-dms.vzby.basis-ven.de	zapp-postmessage.test.basis-ven.de b2020-ve-dms.vzby.basis-ven.de
2	sslsites.de	2 redirects
1	zapp-postmessage.test.basis-ven.de
8	3

This site contains no links.

Subject Issuer	Validity	Valid
zapp-postmessage.test.basis-ven.de R3	`2024-03-17` - `2024-06-15`	3 months	crt.sh
b2020-ve-dms.vzby.basis-ven.de R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://zapp-postmessage.test.basis-ven.de/
Frame ID: E8502B78C3EB35C275B4B2C81BCEE1BB
Requests: 1 HTTP requests in this frame

Frame: https://b2020-ve-dms.vzby.basis-ven.de/index.php?login
Frame ID: 3AF030921B2FE17C5A965C9E7C0E3F7B
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PostMessage Demo fÃ¼r ZAPP

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

42 kB
Transfer

109 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://sslsites.de/b2020-ve-dms.vzby.basis-ve.de HTTP 302
https://sslsites.de/b2020-ve-dms.vzby.basis-ve.de/ HTTP 302
https://b2020-ve-dms.vzby.basis-ven.de/

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response zapp-postmessage.test.basis-ven.de/	3 KB 1 KB	97ms 16ms	Document text/html	87.118.68.52 KEYWEB-AS
General Check archive.org Show headers Download Go to Full URL https://zapp-postmessage.test.basis-ven.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.118.68.52 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS host25.gn2-server.de Software Apache / Resource Hash `4aec77151e32304b5c065cc7e74972312086f6ff8f92491937185bf11db288e4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 1165 content-type text/html date Sun, 17 Mar 2024 20:54:34 GMT etag "a6c-5b1c14a2fbbc0-gzip" last-modified Fri, 16 Oct 2020 03:23:35 GMT server Apache vary Accept-Encoding
GET H2	200	/ Show response b2020-ve-dms.vzby.basis-ven.de/ Frame 3AF0 Redirect Chain https://sslsites.de/b2020-ve-dms.vzby.basis-ve.de https://sslsites.de/b2020-ve-dms.vzby.basis-ve.de/ https://b2020-ve-dms.vzby.basis-ven.de/	147 B 313 B	140ms 22ms	Document text/html	87.118.68.52 KEYWEB-AS
General Check archive.org Show headers Download Go to Full URL https://b2020-ve-dms.vzby.basis-ven.de/ Requested by Host: zapp-postmessage.test.basis-ven.de URL: https://zapp-postmessage.test.basis-ven.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.118.68.52 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS host25.gn2-server.de Software Apache / Resource Hash `6d1462434c6b24563916abf33baf3dd991c8a78a14a23cc94b91bc50a12a0aef` Request headers Referer https://zapp-postmessage.test.basis-ven.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 138 content-type text/html; charset=iso-8859-1 date Sun, 17 Mar 2024 20:54:34 GMT server Apache vary Accept-Encoding Redirect headers Connection close Content-Length 223 Content-Type text/html; charset=iso-8859-1 Date Sun, 17 Mar 2024 20:54:34 GMT Location https://b2020-ve-dms.vzby.basis-ven.de/ Server Apache Via 1.1 sslsites.de
GET H2	200	index.php Show response b2020-ve-dms.vzby.basis-ven.de/ Frame 3AF0	5 KB 2 KB	63ms 63ms	Document text/html	87.118.68.52 KEYWEB-AS
General Check archive.org Show headers Download Go to Full URL https://b2020-ve-dms.vzby.basis-ven.de/index.php?login Requested by Host: b2020-ve-dms.vzby.basis-ven.de URL: https://b2020-ve-dms.vzby.basis-ven.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.118.68.52 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS host25.gn2-server.de Software Apache / Resource Hash `03fb108e138faff12031a63fec16f2e6d0153c8b6cffa8dc6a947745f0539416` Request headers Referer https://b2020-ve-dms.vzby.basis-ven.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 1704 content-type text/html; charset=iso-8859-1 date Sun, 17 Mar 2024 20:54:34 GMT server Apache vary Accept-Encoding
GET H2	200	jquery.min.js Show response b2020-ve-dms.vzby.basis-ven.de/function/ Frame 3AF0	95 KB 33 KB	55ms 54ms	Script application/javascript	87.118.68.52 KEYWEB-AS
General Check archive.org Show headers Download Go to Full URL https://b2020-ve-dms.vzby.basis-ven.de/function/jquery.min.js Requested by Host: b2020-ve-dms.vzby.basis-ven.de URL: https://b2020-ve-dms.vzby.basis-ven.de/index.php?login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.118.68.52 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS host25.gn2-server.de Software Apache / Resource Hash `69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174` Request headers accept-language de-DE,de;q=0.9 Referer https://b2020-ve-dms.vzby.basis-ven.de/index.php?login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 20:54:34 GMT content-encoding gzip last-modified Wed, 27 Apr 2016 12:49:06 GMT server Apache etag "17b9c-53176d5c65480-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 33794
GET H2	200	function.vintra.js Show response b2020-ve-dms.vzby.basis-ven.de/function/ Frame 3AF0	813 B 418 B	16ms 15ms	Script application/javascript	87.118.68.52 KEYWEB-AS
General Check archive.org Show headers Download Go to Full URL https://b2020-ve-dms.vzby.basis-ven.de/function/function.vintra.js Requested by Host: b2020-ve-dms.vzby.basis-ven.de URL: https://b2020-ve-dms.vzby.basis-ven.de/index.php?login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.118.68.52 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS host25.gn2-server.de Software Apache / Resource Hash `ec6ed8a575ede564174997562179aebe9768541811efa4b9fdc8208d800566d2` Request headers accept-language de-DE,de;q=0.9 Referer https://b2020-ve-dms.vzby.basis-ven.de/index.php?login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 20:54:34 GMT content-encoding gzip last-modified Sun, 29 Jul 2018 13:05:49 GMT server Apache etag "32d-5722300f48540-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 323
GET H2	200	login.png b2020-ve-dms.vzby.basis-ven.de/image/ Frame 3AF0	2 KB 2 KB	15ms 15ms	Image image/png	87.118.68.52 KEYWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b2020-ve-dms.vzby.basis-ven.de/image/login.png Requested by Host: b2020-ve-dms.vzby.basis-ven.de URL: https://b2020-ve-dms.vzby.basis-ven.de/index.php?login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.118.68.52 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS host25.gn2-server.de Software Apache / Resource Hash `e6309a8343462855f3fdde4eb72a0c95f76d8436aba1e74d326d7fdc822f066a` Request headers accept-language de-DE,de;q=0.9 Referer https://b2020-ve-dms.vzby.basis-ven.de/index.php?login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 20:54:34 GMT last-modified Fri, 23 Jun 2017 10:30:17 GMT server Apache accept-ranges bytes etag "648-5529e165c2040" content-length 1608 content-type image/png
POST H2	200	ajax-vintra.php Show response b2020-ve-dms.vzby.basis-ven.de/ Frame 3AF0	0 17 B	16ms 15ms	XHR text/html	87.118.68.52 KEYWEB-AS
General Check archive.org Show headers Download Go to Full URL https://b2020-ve-dms.vzby.basis-ven.de/ajax-vintra.php Requested by Host: b2020-ve-dms.vzby.basis-ven.de URL: https://b2020-ve-dms.vzby.basis-ven.de/function/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.118.68.52 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS host25.gn2-server.de Software Apache / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://b2020-ve-dms.vzby.basis-ven.de/index.php?login X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Sun, 17 Mar 2024 20:54:34 GMT server Apache content-length 0 content-type text/html; charset=iso-8859-1
GET H2	200	body.png b2020-ve-dms.vzby.basis-ven.de/image/ Frame 3AF0	4 KB 4 KB	16ms 16ms	Image image/png	87.118.68.52 KEYWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b2020-ve-dms.vzby.basis-ven.de/image/body.png Requested by Host: b2020-ve-dms.vzby.basis-ven.de URL: https://b2020-ve-dms.vzby.basis-ven.de/index.php?login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 87.118.68.52 , Germany, ASN31103 (KEYWEB-AS, DE), Reverse DNS host25.gn2-server.de Software Apache / Resource Hash `938603536f4a0fc0696628684714300a518022b12877d8ac6f4ab787e6caa398` Request headers accept-language de-DE,de;q=0.9 Referer https://b2020-ve-dms.vzby.basis-ven.de/index.php?login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 20:54:34 GMT last-modified Fri, 23 Jun 2017 10:25:12 GMT server Apache accept-ranges bytes etag "eea-5529e042e3200" content-length 3818 content-type image/png

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.basis-ven.de/	1969-12-31 23:59:59	Name: basis-ve2020DMSvz_by Value: hhjhu5b3ts0lrfn81ro14rgmks

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b2020-ve-dms.vzby.basis-ven.de
sslsites.de
zapp-postmessage.test.basis-ven.de
80.67.16.21
87.118.68.52
03fb108e138faff12031a63fec16f2e6d0153c8b6cffa8dc6a947745f0539416
4aec77151e32304b5c065cc7e74972312086f6ff8f92491937185bf11db288e4
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
6d1462434c6b24563916abf33baf3dd991c8a78a14a23cc94b91bc50a12a0aef
938603536f4a0fc0696628684714300a518022b12877d8ac6f4ab787e6caa398
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6309a8343462855f3fdde4eb72a0c95f76d8436aba1e74d326d7fdc822f066a
ec6ed8a575ede564174997562179aebe9768541811efa4b9fdc8208d800566d2

zapp-postmessage.test.basis-ven.de Open in urlscan Pro 87.118.68.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

1 IPs

1 Countries

42 kBTransfer

109 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

Indicators

zapp-postmessage.test.basis-ven.de Open in urlscan Pro
87.118.68.52 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

42 kB
Transfer

109 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions