urlscan.io logo urlscan.io
SecurityTrails logo

webtrading.onvista-bank.de Open in urlscan Pro
160.92.24.72  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kunde.onvista-bank.de/login.html
Effective URL: https://webtrading.onvista-bank.de/login
Submission: On November 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 1 domains to perform 22 HTTP transactions. The main IP is 160.92.24.72, located in Blois, France and belongs to WORLDLINE, FR. The main domain is webtrading.onvista-bank.de.
TLS certificate: Issued by Entrust Certification Authority - L1M on July 10th 2018. Valid for: 6 months.
This is the only time webtrading.onvista-bank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.11.205.13 15613 (COLOGNE-F...)
21 160.92.24.72 8677 (WORLDLINE)
1 160.92.125.45 8677 (WORLDLINE)
22 3
Apex Domain
Subdomains		 Transfer
23 onvista-bank.de
kunde.onvista-bank.de
webtrading.onvista-bank.de
www.onvista-bank.de
2 MB
22 1
Domain Requested by
21 webtrading.onvista-bank.de webtrading.onvista-bank.de
1 www.onvista-bank.de
1 kunde.onvista-bank.de 1 redirects
22 3

This site contains links to these domains. Also see Links.

Domain
www.onvista-bank.de
Subject Issuer Validity Valid
webtrading.onvista-bank.de
Entrust Certification Authority - L1M		 2018-07-10 -
2019-01-23		 6 months crt.sh
onvista-bank.de
Entrust Certification Authority - L1M		 2018-09-06 -
2019-03-07		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://webtrading.onvista-bank.de/login
Frame ID: 997DBA0535C30C060CF78DA5D66370CA
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kunde.onvista-bank.de/login.html HTTP 302
    https://webtrading.onvista-bank.de/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^AmCharts$/i
Overall confidence: 100%
Detected patterns
  • env /^angular$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^moment$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

3
IPs

2
Countries

2053 kB
Transfer

2056 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kunde.onvista-bank.de/login.html HTTP 302
    https://webtrading.onvista-bank.de/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login
webtrading.onvista-bank.de/
Redirect Chain
  • http://kunde.onvista-bank.de/login.html
  • https://webtrading.onvista-bank.de/login
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
d841c102d2227e917d7ff21af8827dacf2b4f6af4beb8b0784db53471e4872ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
webtrading.onvista-bank.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 28 Nov 2018 18:54:48 GMT
Server
Apache
X-Brs-Env
prod
Cache-Control
no-cache
Set-Cookie
device_view=full; expires=Thu, 27-Dec-2018 23:00:00 GMT; Max-Age=2520312; path=/; httponly
X-Frame-Options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
Content-Security-Policy
frame-ancestors 'self'
Referrer-Policy
no-referrer-when-downgrade
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
nginx
Date
Wed, 28 Nov 2018 18:54:48 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://webtrading.onvista-bank.de/login
X-UA-Compatible
IE=Edge
feature.css
webtrading.onvista-bank.de/css/ 		9 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/css/feature.css?0
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
769449a8226df1925abcad5dd82cbfa6b8aee0b7c218f0b6b3478b1e4030690b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:14 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
9600
X-Content-Type-Options
nosniff
styles.css
webtrading.onvista-bank.de/css/ 		262 KB
263 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/css/styles.css?0
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
66b869ebe4db22ccc55473c43aad3e69fb5872638f639e70fe89ab681d5488a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:11:22 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
268414
X-Content-Type-Options
nosniff
vendors.js
webtrading.onvista-bank.de/js/ 		659 KB
660 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/js/vendors.js?0
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
34246e9e73e83df8e33410f5261f75c1e5e9694461ebb7098b8cbb80e3bb736e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:11:18 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
675109
X-Content-Type-Options
nosniff
libraries.js
webtrading.onvista-bank.de/js/ 		419 KB
420 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/js/libraries.js?0
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
23d04dcb85bf306d906662d412118a11ed8c19473aa41e9abcccd6ae29b6a896
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:17 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
429336
X-Content-Type-Options
nosniff
login.js
webtrading.onvista-bank.de/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/js/login.js?0
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
b72af9dbace371cf7867b932dc6edace850291ca456350490a5d101b8636f6b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:14 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
4102
X-Content-Type-Options
nosniff
onvista.js
webtrading.onvista-bank.de/js/ 		452 KB
453 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/js/onvista.js?0
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
68f99b568c29f2c2c4ba8ff4e31720f30a7d63e0592de6b1ac7a3d592a193a3a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:00:55 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
463314
X-Content-Type-Options
nosniff
print.css
webtrading.onvista-bank.de/css/ 		574 B
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/css/print.css?0
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
5888054594a7ae5e3b0818cb684a7c3a7798210a07e0a3dc3b665c65530ab075
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:11:22 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
574
X-Content-Type-Options
nosniff
PTS55F-webfont.woff
webtrading.onvista-bank.de/assets/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/assets/fonts/PTS55F-webfont.woff
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
d8f49e58f67133f7dd47ffe6dd76523e9fa968591028edcca8e3575e2ba3062e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://webtrading.onvista-bank.de
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://webtrading.onvista-bank.de/css/styles.css?0
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://webtrading.onvista-bank.de/css/styles.css?0
Origin
https://webtrading.onvista-bank.de

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:11:14 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:48 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
27092
X-Content-Type-Options
nosniff
alerts-list.html
webtrading.onvista-bank.de/app/brs-ui-alert/templates/ 		126 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/app/brs-ui-alert/templates/alerts-list.html?v=1543431288
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
eabd98663b3f7d8b37c8967ff4f500c2afe08e067b596af47145507c10b2a308
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:13 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
126
X-Content-Type-Options
nosniff
progressbar.html
webtrading.onvista-bank.de/app/brs-ui-progressbar/templates/ 		131 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/app/brs-ui-progressbar/templates/progressbar.html?v=1543431288
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
3a3b93c51437540bfb8021f917e2eb66b460c2fba0c394d04de5fcf1fc918694
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:11:15 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
131
X-Content-Type-Options
nosniff
Cookie set /
webtrading.onvista-bank.de/services/api/ 		186 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/services/api/?s0=Session_Auth.refresh
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
e566d27ff75c4c93d2fc6c68084b0b0fc09042066fd7d328b1ebd48564399a33
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://webtrading.onvista-bank.de
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Content-Length
443
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Origin
https://webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
strict-transport-security
max-age=31536000; includeSubDomains
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Security-Policy
frame-ancestors 'self'
Set-Cookie
OBJECT_BOURSORAMA=0; expires=Sat, 25-Nov-2028 18:54:49 GMT; path=/; domain=webtrading.onvista-bank.de; secure; httponly PHPSESSIONID=ko0qgnrl6615ioo3vjrq432v75; path=/; domain=webtrading.onvista-bank.de; secure; HttpOnly
Expires
Wed, 28 Nov 2018 18:54:49 GMT
top-navbar-empty.html
webtrading.onvista-bank.de/app/navigation/templates/ 		292 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/app/navigation/templates/top-navbar-empty.html?v=1543431288
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
0eb760e8f7e66380a2f580dc3e914c9a183d6b6fecd9a1bac112f8bd4be7448f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:14 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
292
X-Content-Type-Options
nosniff
middle-navbar-empty.html
webtrading.onvista-bank.de/app/navigation/templates/ 		543 B
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/app/navigation/templates/middle-navbar-empty.html?v=1543431288
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
3a553636dfa88738381bd3fcea331b34a38a2142b3b33ca44aad4989422ec48b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:11 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
543
X-Content-Type-Options
nosniff
login-page-private.html
webtrading.onvista-bank.de/app/auth-login/templates/ 		170 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/app/auth-login/templates/login-page-private.html?v=1543431288
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
8089c9fa4945422e9daa5434ab56c77942b19d1182fd00ce85998fb63335c8bc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:00:52 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
170
X-Content-Type-Options
nosniff
logo_onvista_bank_2017.png
webtrading.onvista-bank.de/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webtrading.onvista-bank.de/assets/images/logo_onvista_bank_2017.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
d5c504b16e8333b64d18c512b998df49ce25052772979b1e63de83e7e62ec384
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full; OBJECT_BOURSORAMA=0; PHPSESSIONID=ko0qgnrl6615ioo3vjrq432v75
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:11:14 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
4194
X-Content-Type-Options
nosniff
/
webtrading.onvista-bank.de/services/api/ 		33 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/services/api/?s0=Session_Auth.initMatrix
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
c1cfc6739c7791dfa420c38918c15b7743335a46d130b11d123c6effb48eda37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://webtrading.onvista-bank.de
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/plain, */*
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full; OBJECT_BOURSORAMA=0; PHPSESSIONID=ko0qgnrl6615ioo3vjrq432v75
Connection
keep-alive
Content-Length
446
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Origin
https://webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 28 Nov 2018 18:54:49 GMT
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json;charset=utf-8
X-XSS-Protection
1; mode=block
Cache-Control
no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Content-Security-Policy
frame-ancestors 'self'
strict-transport-security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Expires
Wed, 28 Nov 2018 18:54:49 GMT
login-form.html
webtrading.onvista-bank.de/app/auth-login/templates/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/app/auth-login/templates/login-form.html?v=1543431288
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
0b48749c10ce5fc4a6fd2f663ac2fa038d2a20085891062dd0e6dcce6992e88d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full; OBJECT_BOURSORAMA=0; PHPSESSIONID=ko0qgnrl6615ioo3vjrq432v75
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:12 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
4529
X-Content-Type-Options
nosniff
secure-matrix.html
webtrading.onvista-bank.de/app/secure-matrix/templates/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/app/secure-matrix/templates/secure-matrix.html?v=1543431288
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
42e98352119603e93f4f7b07a105000a46a2108a282501bffd027bca2a2333fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
Cookie
device_view=full; OBJECT_BOURSORAMA=0; PHPSESSIONID=ko0qgnrl6615ioo3vjrq432v75
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:14 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
2059
X-Content-Type-Options
nosniff
iconfont.woff
webtrading.onvista-bank.de/assets/fonts/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/assets/fonts/iconfont.woff
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
87f1bb5c24cb47074a776ea75efbd4abaee24b0bab84da0b958031dc1f269a1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://webtrading.onvista-bank.de
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://webtrading.onvista-bank.de/css/styles.css?0
Cookie
device_view=full; OBJECT_BOURSORAMA=0; PHPSESSIONID=ko0qgnrl6615ioo3vjrq432v75
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://webtrading.onvista-bank.de/css/styles.css?0
Origin
https://webtrading.onvista-bank.de

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:01:12 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
7356
X-Content-Type-Options
nosniff
fontawesome-webfont.woff
webtrading.onvista-bank.de/vendor/components-font-awesome/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://webtrading.onvista-bank.de/vendor/components-font-awesome/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: webtrading.onvista-bank.de
URL: https://webtrading.onvista-bank.de/js/vendors.js?0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.24.72 Blois, France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-webtrading.onvista.as8677.net
Software
Apache /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://webtrading.onvista-bank.de
Accept-Encoding
gzip, deflate
Host
webtrading.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://webtrading.onvista-bank.de/css/styles.css?0
Cookie
device_view=full; OBJECT_BOURSORAMA=0; PHPSESSIONID=ko0qgnrl6615ioo3vjrq432v75
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://webtrading.onvista-bank.de/css/styles.css?0
Origin
https://webtrading.onvista-bank.de

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 02:00:53 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
83760
X-Content-Type-Options
nosniff
webtrading-hinweis.png
www.onvista-bank.de/files/bilder/Webtrading/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onvista-bank.de/files/bilder/Webtrading/webtrading-hinweis.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
160.92.125.45 , France, ASN8677 (WORLDLINE, FR),
Reverse DNS
prd-ovbw-public-site.onvista.as8677.net
Software
Apache /
Resource Hash
087f378f9a0680ee0d92f8d7961e00ecd517f433b6008e79df4e0651dabd0bf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.onvista-bank.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://webtrading.onvista-bank.de/login
Connection
keep-alive
Cache-Control
no-cache
Referer
https://webtrading.onvista-bank.de/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Wed, 28 Nov 2018 16:24:50 GMT
Server
Apache
Date
Wed, 28 Nov 2018 18:54:49 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-XSS-Protection
1; mode=block
Content-Security-Policy
frame-ancestors 'self'
Accept-Ranges
bytes
Content-Length
71322
X-Content-Type-Options
nosniff
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbbb99487b842263bdaabf2c25748080749e46ac989cae4814e91618e4aedb3f

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| BRS_APP_VERSION object| BRS_CONFIG function| saveAs function| $ function| jQuery object| angular function| moment object| FixedSticky object| AmCharts function| saveTextAs object| jQuery11020016757385163738592 boolean| mCustomScrollbar function| _ object| m string| ua object| authUser

3 Cookies

Domain/Path Name / Value
.webtrading.onvista-bank.de/ Name: PHPSESSIONID
Value: ko0qgnrl6615ioo3vjrq432v75
.webtrading.onvista-bank.de/ Name: OBJECT_BOURSORAMA
Value: 0
webtrading.onvista-bank.de/ Name: device_view
Value: full

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kunde.onvista-bank.de
webtrading.onvista-bank.de
www.onvista-bank.de
160.92.125.45
160.92.24.72
217.11.205.13
087f378f9a0680ee0d92f8d7961e00ecd517f433b6008e79df4e0651dabd0bf3
0b48749c10ce5fc4a6fd2f663ac2fa038d2a20085891062dd0e6dcce6992e88d
0eb760e8f7e66380a2f580dc3e914c9a183d6b6fecd9a1bac112f8bd4be7448f
23d04dcb85bf306d906662d412118a11ed8c19473aa41e9abcccd6ae29b6a896
34246e9e73e83df8e33410f5261f75c1e5e9694461ebb7098b8cbb80e3bb736e
3a3b93c51437540bfb8021f917e2eb66b460c2fba0c394d04de5fcf1fc918694
3a553636dfa88738381bd3fcea331b34a38a2142b3b33ca44aad4989422ec48b
42e98352119603e93f4f7b07a105000a46a2108a282501bffd027bca2a2333fe
5888054594a7ae5e3b0818cb684a7c3a7798210a07e0a3dc3b665c65530ab075
66b869ebe4db22ccc55473c43aad3e69fb5872638f639e70fe89ab681d5488a4
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
68f99b568c29f2c2c4ba8ff4e31720f30a7d63e0592de6b1ac7a3d592a193a3a
769449a8226df1925abcad5dd82cbfa6b8aee0b7c218f0b6b3478b1e4030690b
8089c9fa4945422e9daa5434ab56c77942b19d1182fd00ce85998fb63335c8bc
87f1bb5c24cb47074a776ea75efbd4abaee24b0bab84da0b958031dc1f269a1b
b72af9dbace371cf7867b932dc6edace850291ca456350490a5d101b8636f6b7
bbbb99487b842263bdaabf2c25748080749e46ac989cae4814e91618e4aedb3f
c1cfc6739c7791dfa420c38918c15b7743335a46d130b11d123c6effb48eda37
d5c504b16e8333b64d18c512b998df49ce25052772979b1e63de83e7e62ec384
d841c102d2227e917d7ff21af8827dacf2b4f6af4beb8b0784db53471e4872ae
d8f49e58f67133f7dd47ffe6dd76523e9fa968591028edcca8e3575e2ba3062e
e566d27ff75c4c93d2fc6c68084b0b0fc09042066fd7d328b1ebd48564399a33
eabd98663b3f7d8b37c8967ff4f500c2afe08e067b596af47145507c10b2a308