sso-dev.bdk-bank.io Open in urlscan Pro
18.156.22.245 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fahrzeugkatalog.dev.bdk-bank.de/
Effective URL:
https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-catalog&redirect_uri=...
Submission: On December 14 via automatic, source certstream-suspicious (December 14th 2022, 12:25:12 pm UTC) — Scanned from DE

Summary HTTP 27 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 27 HTTP transactions. The main IP is 18.156.22.245, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is sso-dev.bdk-bank.io.
TLS certificate: Issued by R3 on November 23rd 2022. Valid for: 3 months.

This is the only time sso-dev.bdk-bank.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	3.71.236.42 3.71.236.42	16509 (AMAZON-02) (AMAZON-02)
1	3.76.19.216 3.76.19.216	16509 (AMAZON-02) (AMAZON-02)
12	18.156.22.245 18.156.22.245	16509 (AMAZON-02) (AMAZON-02)
27	4

6 3.71.236.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-236-42.eu-central-1.compute.amazonaws.com

fahrzeugkatalog.dev.bdk-bank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.76.19.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-19-216.eu-central-1.compute.amazonaws.com

webassets.mip.bdk-bank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.156.22.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

sso-dev.bdk-bank.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bdk-bank.io sso-dev.bdk-bank.io	49 KB
7	bdk-bank.de fahrzeugkatalog.dev.bdk-bank.de webassets.mip.bdk-bank.de	5 MB
27	2

	Domain	Requested by
12	sso-dev.bdk-bank.io	fahrzeugkatalog.dev.bdk-bank.de sso-dev.bdk-bank.io
6	fahrzeugkatalog.dev.bdk-bank.de	fahrzeugkatalog.dev.bdk-bank.de
1	webassets.mip.bdk-bank.de	fahrzeugkatalog.dev.bdk-bank.de
27	3

This site contains links to these domains. Also see Links.

Domain
www.bdk-bank.de

Subject Issuer	Validity	Valid
fahrzeugkatalog.dev.bdk-bank.de R3	`2022-12-14` - `2023-03-14`	3 months	crt.sh
webassets.mip.bdk-bank.de R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh
sso.dev.mip.bdk-bank.de R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-catalog&redirect_uri=https%3A%2F%2Ffahrzeugkatalog.dev.bdk-bank.de%2Ftypen&state=16232ab2-77b0-4649-835c-dddd6b8e57c8&response_mode=fragment&response_type=code&scope=openid&nonce=023ff290-4ac4-4ed5-885f-6d15f0e86b10
Frame ID: BC099237191B02A86FB9D95A7FEC21A1
Requests: 23 HTTP requests in this frame

Frame: https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 9DAE7032715ED991C75F5E3A87431E64
Requests: 2 HTTP requests in this frame

Frame: https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/login-status-iframe.html
Frame ID: 092DEAC90C2CFC87A0F2ADBC2E64E5A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nutzerverwaltung - BDK service login

Page URL History Show full URLs

https://fahrzeugkatalog.dev.bdk-bank.de/ Page URL
https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-c... Page URL

Page Statistics

27
Requests

70 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

5089 kB
Transfer

5243 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bdk-bank.de/handelspartner/impressum-bildnachweis/
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.bdk-bank.de/handelspartner/datenschutz/
Title: Datenschutzbestimmungen

Search URL Search Domain Scan URL

URL: https://www.bdk-bank.de/dsgvo/
Title: Datenverarbeitung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fahrzeugkatalog.dev.bdk-bank.de/ Page URL
https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-catalog&redirect_uri=https%3A%2F%2Ffahrzeugkatalog.dev.bdk-bank.de%2Ftypen&state=16232ab2-77b0-4649-835c-dddd6b8e57c8&response_mode=fragment&response_type=code&scope=openid&nonce=023ff290-4ac4-4ed5-885f-6d15f0e86b10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
fahrzeugkatalog.dev.bdk-bank.de/ 482 B
1017 B 116ms
10ms Document
text/html 3.71.236.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fahrzeugkatalog.dev.bdk-bank.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.236.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-236-42.eu-central-1.compute.amazonaws.com

Software

Resource Hash

085cd877334c5aac5728887497049463dc0d26221ae4ee4ead53ba5f2cf2e02a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data: blob: https://media.eurotaxglass.com; frame-ancestors 'none'; frame-src https://.bdk-bank.io https://.bdk-bank.de; style-src 'self' 'unsafe-inline'; font-src https://.bdk-bank.de; connect-src https://.bdk-bank.io https://*.bdk-bank.de
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: must-revalidate
content-length: 482
content-security-policy: default-src 'self'; img-src 'self' data: blob: https://media.eurotaxglass.com; frame-ancestors 'none'; frame-src https://*.bdk-bank.io https://*.bdk-bank.de; style-src 'self' 'unsafe-inline'; font-src https://*.bdk-bank.de; connect-src https://*.bdk-bank.io https://*.bdk-bank.de
content-type: text/html
date: Wed, 14 Dec 2022 12:25:06 GMT
etag: "6356c561-1e2"
last-modified: Mon, 24 Oct 2022 17:03:29 GMT
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 main.a9e05cde.js Show response
fahrzeugkatalog.dev.bdk-bank.de/static/js/ 2 MB
2 MB 10ms
10ms Script
application/javascript 3.71.236.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.236.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-236-42.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c7784335165d936eb662ea4992bc3364a40dc5605edee848dc7905d185eca5f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:06 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 24 Oct 2022 17:03:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "6356c561-1afa03"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1767939
x-xss-protection: 1; mode=block
expires: Thu, 14 Dec 2023 12:25:06 GMT

GET
H2 200 main.4ade3684.css
fahrzeugkatalog.dev.bdk-bank.de/static/css/ 87 KB
88 KB 27ms
27ms Stylesheet
text/css 3.71.236.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fahrzeugkatalog.dev.bdk-bank.de/static/css/main.4ade3684.css

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.236.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-236-42.eu-central-1.compute.amazonaws.com

Software

Resource Hash

caf266c40c26f48f24129f1bdad51c0256c8ef560ba0592a2e3c0025fe1fca7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:06 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 24 Oct 2022 17:03:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "6356c561-15def"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 89583
x-xss-protection: 1; mode=block
expires: Thu, 14 Dec 2023 12:25:06 GMT

GET
H2 200 env.js Show response
fahrzeugkatalog.dev.bdk-bank.de/ 96 B
638 B 27ms
27ms Script
application/javascript 3.71.236.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fahrzeugkatalog.dev.bdk-bank.de/env.js

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.236.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-236-42.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ed426e29844a62270908b8d64c0eeddaa15c9af3b91e2f47c88f902958cade03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data: blob: https://media.eurotaxglass.com; frame-ancestors 'none'; frame-src https://.bdk-bank.io https://.bdk-bank.de; style-src 'self' 'unsafe-inline'; font-src https://.bdk-bank.de; connect-src https://.bdk-bank.io https://*.bdk-bank.de
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:25:06 GMT
content-security-policy: default-src 'self'; img-src 'self' data: blob: https://media.eurotaxglass.com; frame-ancestors 'none'; frame-src https://*.bdk-bank.io https://*.bdk-bank.de; style-src 'self' 'unsafe-inline'; font-src https://*.bdk-bank.de; connect-src https://*.bdk-bank.io https://*.bdk-bank.de
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 12 Dec 2022 11:57:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "63971745-60"
x-frame-options: DENY
content-type: application/javascript
cache-control: must-revalidate
accept-ranges: bytes
content-length: 96
x-xss-protection: 1; mode=block

GET
H2 200 HelveticaMedium.woff2
webassets.mip.bdk-bank.de/fonts/ 17 KB
18 KB 62ms
10ms Font
application/octet-stream 3.76.19.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://webassets.mip.bdk-bank.de/fonts/HelveticaMedium.woff2

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/css/main.4ade3684.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.76.19.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-76-19-216.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0415958f00e0405cd409d616d701590ce2dd8562e258be3f2e83482480d137f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://fahrzeugkatalog.dev.bdk-bank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Thu, 10 Nov 2022 16:40:31 GMT
etag: "636d297f-4508"
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17672

GET
H2 200 keycloak.json Show response
fahrzeugkatalog.dev.bdk-bank.de/ 204 B
742 B 56ms
56ms XHR
application/json 3.71.236.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fahrzeugkatalog.dev.bdk-bank.de/keycloak.json

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.236.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-236-42.eu-central-1.compute.amazonaws.com

Software

Resource Hash

01edd7f2142644907892109daffc3e26d84a2a8143d32bf947af89c5ff6c5673

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data: blob: https://media.eurotaxglass.com; frame-ancestors 'none'; frame-src https://.bdk-bank.io https://.bdk-bank.de; style-src 'self' 'unsafe-inline'; font-src https://.bdk-bank.de; connect-src https://.bdk-bank.io https://*.bdk-bank.de
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 12:25:07 GMT
content-security-policy: default-src 'self'; img-src 'self' data: blob: https://media.eurotaxglass.com; frame-ancestors 'none'; frame-src https://*.bdk-bank.io https://*.bdk-bank.de; style-src 'self' 'unsafe-inline'; font-src https://*.bdk-bank.de; connect-src https://*.bdk-bank.io https://*.bdk-bank.de
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 12 Dec 2022 11:57:57 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "63971745-cc"
x-frame-options: DENY
content-type: application/json
cache-control: must-revalidate
accept-ranges: bytes
content-length: 204
x-xss-protection: 1; mode=block

GET
H2 200 393.fe73771b.chunk.js Show response
fahrzeugkatalog.dev.bdk-bank.de/static/js/ 3 MB
3 MB 56ms
56ms Script
application/javascript 3.71.236.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fahrzeugkatalog.dev.bdk-bank.de/static/js/393.fe73771b.chunk.js

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.236.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-236-42.eu-central-1.compute.amazonaws.com

Software

Resource Hash

60033676981be5bc9a1583085470b88755d1b48ed3bfd1bfc6d8723238d87f90

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:07 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
referrer-policy: no-referrer
last-modified: Mon, 24 Oct 2022 17:03:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: "6356c561-31fcbd"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3275965
x-xss-protection: 1; mode=block
expires: Thu, 14 Dec 2023 12:25:07 GMT

GET
H2 200 step1.html Show response
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/3p-cookies/ Frame 9DAE 955 B
1 KB 301ms
102ms Document
text/html 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 955
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Wed, 14 Dec 2022 12:25:07 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 step2.html Show response
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/3p-cookies/ Frame 9DAE 1 KB
1 KB 12ms
12ms Document
text/html 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/3p-cookies/step2.html

Requested by

Host: sso-dev.bdk-bank.io
URL: https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/3p-cookies/step1.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 1142
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Wed, 14 Dec 2022 12:25:07 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 login-status-iframe.html Show response
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/ Frame 092D 4 KB
4 KB 48ms
48ms Document
text/html 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/login-status-iframe.html

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

266d2b010bdabdffb13c399965ef815be87b29204ce092d702f20f3b00c22f9b

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 3713
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Wed, 14 Dec 2022 12:25:07 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 204 init Show response
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/login-status-iframe.html/ Frame 092D 0
151 B 89ms
89ms XHR
text/plain 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/login-status-iframe.html/init?client_id=webapp-vehicle-catalog&origin=https%3A%2F%2Ffahrzeugkatalog.dev.bdk-bank.de

Requested by

Host: sso-dev.bdk-bank.io
URL: https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/login-status-iframe.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:07 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
x-xss-protection: 1; mode=block

GET
H2 200 auth
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/ 0
0 17ms
16ms Document
text/html 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-catalog&redirect_uri=https%3A%2F%2Ffahrzeugkatalog.dev.bdk-bank.de%2F&state=351d111f-24de-4069-9a0b-137011a217a5&response_mode=fragment&response_type=code&scope=openid&nonce=747eeb74-f071-4192-87d9-2c5600da3259

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 6542
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Wed, 14 Dec 2022 12:25:07 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 auth
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/ 0
0 28ms
27ms Document
text/html 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-catalog&redirect_uri=https%3A%2F%2Ffahrzeugkatalog.dev.bdk-bank.de%2Ftypen&state=39eed456-ff06-4a07-b7cb-22fa4ffbd36f&response_mode=fragment&response_type=code&scope=openid&nonce=6f2e704d-bf83-4658-82ac-74b61434b857

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 6542
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Wed, 14 Dec 2022 12:25:08 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 auth
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/ 0
0 33ms
33ms Document
text/html 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-catalog&redirect_uri=https%3A%2F%2Ffahrzeugkatalog.dev.bdk-bank.de%2Ftypen&state=3d0a1018-b1b7-4508-9f49-cabba453fba4&response_mode=fragment&response_type=code&scope=openid&nonce=fb1ea4a0-f51e-4ff4-9b28-5a6a53cf51d5

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 6542
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Wed, 14 Dec 2022 12:25:08 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request auth Show response
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/ 6 KB
7 KB 19ms
19ms Document
text/html 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-catalog&redirect_uri=https%3A%2F%2Ffahrzeugkatalog.dev.bdk-bank.de%2Ftypen&state=16232ab2-77b0-4649-835c-dddd6b8e57c8&response_mode=fragment&response_type=code&scope=openid&nonce=023ff290-4ac4-4ed5-885f-6d15f0e86b10

Requested by

Host: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/static/js/main.a9e05cde.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

86085645790c17e9c4deed84c8ffebe99a522aaa334da98da92c5586967b2848

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: en
content-length: 6542
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Wed, 14 Dec 2022 12:25:08 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

POST graphql
fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/ 0
0

GET
H2 200 fonts.css
sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/css/ 37 KB
7 KB 16ms
15ms Stylesheet
text/css 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/css/fonts.css?.0.1.0

Requested by

Host: sso-dev.bdk-bank.io
URL: https://sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/auth?client_id=webapp-vehicle-catalog&redirect_uri=https%3A%2F%2Ffahrzeugkatalog.dev.bdk-bank.de%2Ftypen&state=16232ab2-77b0-4649-835c-dddd6b8e57c8&response_mode=fragment&response_type=code&scope=openid&nonce=023ff290-4ac4-4ed5-885f-6d15f0e86b10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

edcf22017b36f880c618286b760c602c60184daa0fb5b8f7fb9c8b9b6ab18b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:08 GMT
content-encoding: gzip
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 7444
x-xss-protection: 1; mode=block

GET
H2 200 bdk_base.css
sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/css/ 154 KB
24 KB 16ms
16ms Stylesheet
text/css 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/css/bdk_base.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8b4c4bdc95d74c670a01023c659bd651d3e76c4262a428afe8a5af0b01a14a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:08 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H2 200 bdk_elements.css
sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/css/ 129 B
334 B 15ms
14ms Stylesheet
text/css 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/css/bdk_elements.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

fd17c02f2630df73bb5e17911aade37bb26402a229a0b7527185c729e7cf9000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:08 GMT
content-encoding: gzip
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 111
x-xss-protection: 1; mode=block

GET
H2 200 bdk-logo.svg
sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/vendor/images/ 8 KB
3 KB 133ms
132ms Image
image/svg+xml 18.156.22.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/vendor/images/bdk-logo.svg

Requested by

Host: sso-dev.bdk-bank.io
URL: https://sso-dev.bdk-bank.io/auth/resources/9g01x/login/bdk-services/css/bdk_base.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.22.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-22-245.eu-central-1.compute.amazonaws.com

Software

Resource Hash

085000c3cfc09c400f179326f8a78d335d34d98eac098b350804105dbd1e3ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:25:08 GMT
content-encoding: gzip
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-type: image/svg+xml
cache-control: max-age=2592000
content-length: 3182
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/graphql

Domain: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/graphql

Domain: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/graphql

Domain: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/graphql

Domain: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/graphql

Domain: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/graphql

Domain: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/graphql

Domain: fahrzeugkatalog.dev.bdk-bank.de
URL: https://fahrzeugkatalog.dev.bdk-bank.de/hasura/v1/graphql

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso-dev.bdk-bank.io/auth/realms/services/protocol/openid-connect/3p-cookies	1970-01-20 08:10:20	Name: KEYCLOAK_3P_COOKIE_SAMESITE Value: supported
sso-dev.bdk-bank.io/auth/realms/services/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: f7941f29-66b1-44e6-853d-95eb0cbdf2f0.keycloak-deployment-cb6555cf8-5rbsf
sso-dev.bdk-bank.io/auth/realms/services/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: f7941f29-66b1-44e6-853d-95eb0cbdf2f0.keycloak-deployment-cb6555cf8-5rbsf
sso-dev.bdk-bank.io/auth/realms/services/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI1NWE2NzIxZC1iMjdkLTQ0OTQtYTE5Mi0yYWE4YmYxNzU5NmEifQ.eyJjaWQiOiJ3ZWJhcHAtdmVoaWNsZS1jYXRhbG9nIiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9mYWhyemV1Z2thdGFsb2cuZGV2LmJkay1iYW5rLmRlL3R5cGVuIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL3Nzby1kZXYuYmRrLWJhbmsuaW8vYXV0aC9yZWFsbXMvc2VydmljZXMiLCJyZXNwb25zZV90eXBlIjoiY29kZSIsInJlZGlyZWN0X3VyaSI6Imh0dHBzOi8vZmFocnpldWdrYXRhbG9nLmRldi5iZGstYmFuay5kZS90eXBlbiIsInN0YXRlIjoiMTYyMzJhYjItNzdiMC00NjQ5LTgzNWMtZGRkZDZiOGU1N2M4Iiwibm9uY2UiOiIwMjNmZjI5MC00YWM0LTRlZDUtODg1Zi02ZDE1ZjBlODZiMTAiLCJyZXNwb25zZV9tb2RlIjoiZnJhZ21lbnQifX0.oc9KIgUwKbstnUxmIsLdu5Fq2-chVWFKql_DBi9bPdk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self' data: blob: https://media.eurotaxglass.com; frame-ancestors 'none'; frame-src https://.bdk-bank.io https://.bdk-bank.de; style-src 'self' 'unsafe-inline'; font-src https://.bdk-bank.de; connect-src https://.bdk-bank.io https://*.bdk-bank.de
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fahrzeugkatalog.dev.bdk-bank.de
sso-dev.bdk-bank.io
webassets.mip.bdk-bank.de
fahrzeugkatalog.dev.bdk-bank.de
18.156.22.245
3.71.236.42
3.76.19.216
01edd7f2142644907892109daffc3e26d84a2a8143d32bf947af89c5ff6c5673
0415958f00e0405cd409d616d701590ce2dd8562e258be3f2e83482480d137f9
085000c3cfc09c400f179326f8a78d335d34d98eac098b350804105dbd1e3ca6
085cd877334c5aac5728887497049463dc0d26221ae4ee4ead53ba5f2cf2e02a
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
266d2b010bdabdffb13c399965ef815be87b29204ce092d702f20f3b00c22f9b
60033676981be5bc9a1583085470b88755d1b48ed3bfd1bfc6d8723238d87f90
86085645790c17e9c4deed84c8ffebe99a522aaa334da98da92c5586967b2848
8b4c4bdc95d74c670a01023c659bd651d3e76c4262a428afe8a5af0b01a14a41
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
c7784335165d936eb662ea4992bc3364a40dc5605edee848dc7905d185eca5f1
caf266c40c26f48f24129f1bdad51c0256c8ef560ba0592a2e3c0025fe1fca7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed426e29844a62270908b8d64c0eeddaa15c9af3b91e2f47c88f902958cade03
edcf22017b36f880c618286b760c602c60184daa0fb5b8f7fb9c8b9b6ab18b7d
fd17c02f2630df73bb5e17911aade37bb26402a229a0b7527185c729e7cf9000

sso-dev.bdk-bank.io Open in urlscan Pro 18.156.22.245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

27 Requests

70 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

4 IPs

1 Countries

5089 kBTransfer

5243 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

sso-dev.bdk-bank.io Open in urlscan Pro
18.156.22.245 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

70 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

4
IPs

1
Countries

5089 kB
Transfer

5243 kB
Size

4
Cookies

27 HTTP transactions
0 data transactions