![](/screenshots/6684d384-0348-4fef-ae18-2aeafed32ffc.png)
api.tst.bawagpsk.com
Open in
urlscan Pro
51.138.68.215
Public Scan
Effective URL: https://api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/auth?client_id=depo-easybank&redirect_uri=https%3A%2F%2F...
Submission: On February 24 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on February 26th 2021. Valid for: a year.
This is the only time api.tst.bawagpsk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
19 | 51.138.68.215 51.138.68.215 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
19 | 1 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
depo.tst.easybank.at | |
api.tst.bawagpsk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
bawagpsk.com
api.tst.bawagpsk.com |
3 MB |
7 |
easybank.at
depo.tst.easybank.at |
282 KB |
19 | 2 |
Domain | Requested by | |
---|---|---|
12 | api.tst.bawagpsk.com |
depo.tst.easybank.at
api.tst.bawagpsk.com |
7 | depo.tst.easybank.at |
depo.tst.easybank.at
|
19 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
identifizierung.easybank.at |
Subject Issuer | Validity | Valid | |
---|---|---|---|
depo.tst.easybank.at Entrust Certification Authority - L1K |
2022-02-23 - 2023-03-22 |
a year | crt.sh |
*.tst.bawagpsk.com Entrust Certification Authority - L1K |
2021-02-26 - 2022-03-25 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/auth?client_id=depo-easybank&redirect_uri=https%3A%2F%2Fdepo.tst.easybank.at%2F&state=fab9adb0-907b-4109-8135-c3da91e8fc56&response_mode=fragment&response_type=code&scope=openid&nonce=4d115b8b-37ca-4b59-ae88-af0efc0d7d89
Frame ID: EDBBA5E42267D0DF340D1E480138137B
Requests: 17 HTTP requests in this frame
Frame:
https://api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 13BDE13F38784E6B452EBE9C66CAF989
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/6684d384-0348-4fef-ae18-2aeafed32ffc.png)
Page Title
BAWAG Group AG | OnboardingPage URL History Show full URLs
- https://depo.tst.easybank.at/ Page URL
- https://api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/auth?client_id=depo-easybank&redirec... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Neue PIN festlegen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://depo.tst.easybank.at/ Page URL
- https://api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/auth?client_id=depo-easybank&redirect_uri=https%3A%2F%2Fdepo.tst.easybank.at%2F&state=fab9adb0-907b-4109-8135-c3da91e8fc56&response_mode=fragment&response_type=code&scope=openid&nonce=4d115b8b-37ca-4b59-ae88-af0efc0d7d89 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
depo.tst.easybank.at/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.085ed786d577cf34.js
depo.tst.easybank.at/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.5d93ab28466c203b.js
depo.tst.easybank.at/ |
36 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.47cfd560e2b38a07.js
depo.tst.easybank.at/ |
504 KB 174 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.4033a979965639f4.css
depo.tst.easybank.at/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DINPro-Regular.5d9fe33e25fef294.otf
depo.tst.easybank.at/ |
85 KB 86 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.json
depo.tst.easybank.at/assets/config/ |
276 B 591 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step1.html
api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/3p-cookies/ Frame 13BD |
955 B 997 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
step2.html
api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/3p-cookies/ Frame 13BD |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
auth
api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
actions.js
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/script/ |
483 B 615 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.jpg
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/img/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
validations.js
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/script/ |
2 KB 898 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form-helper.js
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/script/ |
2 KB 902 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hidden.svg
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/img/ |
1 KB 960 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-easy-big.png
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/img/ |
2 MB 2 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DINPro-Light.otf
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/fonts/ |
86 KB 45 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DINPro-Regular.otf
api.tst.bawagpsk.com/auth/resources/ic908/login/libra-keycloak-theme-craftsmen-easy-generic/fonts/ |
85 KB 45 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone function| submitForm function| handleError function| validateInputsListeners function| validateEmailInput function| validatePasswordInput function| loginButtonDisabled function| validateEmailListener function| validatePasswordListener function| validateLoginButtonListener function| handleInputLabel function| handleEmailInputLabel function| handlePasswordInputLabel function| handlePasswordVisibility4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
api.tst.bawagpsk.com/auth/realms/eps/protocol/openid-connect/3p-cookies | Name: KEYCLOAK_3P_COOKIE_SAMESITE Value: supported |
|
api.tst.bawagpsk.com/auth/realms/eps/ | Name: AUTH_SESSION_ID Value: 611d949a-13d1-47fe-a2bc-0d80245e950a.keycloak-1 |
|
api.tst.bawagpsk.com/auth/realms/eps/ | Name: AUTH_SESSION_ID_LEGACY Value: 611d949a-13d1-47fe-a2bc-0d80245e950a.keycloak-1 |
|
api.tst.bawagpsk.com/auth/realms/eps/ | Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIwMmQ1OTA0YS0xMzc1LTQyMGItYWU4MC1iNTUwZGVkNWM2YTQifQ.eyJjaWQiOiJkZXBvLWVhc3liYW5rIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9kZXBvLnRzdC5lYXN5YmFuay5hdC8iLCJhY3QiOiJBVVRIRU5USUNBVEUiLCJub3RlcyI6eyJzY29wZSI6Im9wZW5pZCIsImlzcyI6Imh0dHBzOi8vYXBpLnRzdC5iYXdhZ3Bzay5jb20vYXV0aC9yZWFsbXMvZXBzIiwicmVzcG9uc2VfdHlwZSI6ImNvZGUiLCJyZWRpcmVjdF91cmkiOiJodHRwczovL2RlcG8udHN0LmVhc3liYW5rLmF0LyIsInN0YXRlIjoiZmFiOWFkYjAtOTA3Yi00MTA5LTgxMzUtYzNkYTkxZThmYzU2Iiwibm9uY2UiOiI0ZDExNWI4Yi0zN2NhLTRiNTktYWU4OC1hZjBlZmMwZDdkODkiLCJyZXNwb25zZV9tb2RlIjoiZnJhZ21lbnQifX0.BDGRFJRBRB6UdhpxUfI1xJTd08_TrBx8_0woGE404b8 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.tst.bawagpsk.com
depo.tst.easybank.at
51.138.68.215
18a362c9f3887b2224104a949c95028728effba06423864d0b0eec5321d76571
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
28f30fb6670284bfd6fe7ba0539aa55fa3288f3c5b6801d266b06aa5d80d5272
38137c0ef752e00b735424af37711a8aa53cc1543dae7aef1bc65118b4a8f8a8
417bead7a05e20a77ba50c5e30885b575f72c52d0d0ee9f45356349623ef5707
465b67564feb30b9de502e227e6166bfa5c4c3e59c2218613bb9b1dc1701560a
4e5a36f581a0d86cdc6a2063f974bebb5844df6bd90455b39b108899ea99fdd9
617311af2fbd10bf1a1c15643661740c83fb812ac56fcd83478c00e239eb5080
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
9ea18907896a6e04fa431be4f1a5f697ea6703db029557f8be6092abe7a1d65b
cfc8c1a44aeb5e088c71d3bc4fc0da0a8b48933ed4673dd5caa40eb08832a7e4
d99f6c83382803abaa8e09190c9abc63334f9595d3aad5129bc149acec0068e9
ebc8af8c5bd8ab1053edb68e4bdee581ce33f0f9ed4b351e09034f25fb63082f
eeaa833dc615433d5cf227c06eb097d868263cee63beca9792a3e505218096ce
f26fe203a4ca1f9bcb69ca93a33c8df19a3656e1a4a634d92f4aac53036d269e
f6d4524accd63c5fdab6deda39dd4750adc1575b2e297a47dea2dbf4e2719254
f7cd71028630ce3914bf0cc85f3e44794818c829b84727d13b5c809a2ef73772
f839e684c29a919995b7fe8347567396b7198f54c44abd344f16c4ebe8c8481a