urlscan.io logo urlscan.io
SecurityTrails logo

www.sparkasse-heilbronn.online Open in urlscan Pro
78.46.211.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sparkasse-heilbronn.online/
Effective URL: https://www.sparkasse-heilbronn.online/
Submission Tags: @phish_report
Submission: On July 04 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 78.46.211.227, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.sparkasse-heilbronn.online.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on July 3rd 2024. Valid for: a year.
This is the only time www.sparkasse-heilbronn.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 78.46.211.227 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
15 3
Apex Domain
Subdomains		 Transfer
15 sparkasse-heilbronn.online
sparkasse-heilbronn.online
www.sparkasse-heilbronn.online
468 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
49 KB
15 2
Domain Requested by
14 www.sparkasse-heilbronn.online www.sparkasse-heilbronn.online
1 www.googletagmanager.com www.sparkasse-heilbronn.online
1 sparkasse-heilbronn.online 1 redirects
15 3

This site contains links to these domains. Also see Links.

Domain
www.sparkasse-heilbronn.de
Subject Issuer Validity Valid
sparkasse-heilbronn.online
Encryption Everywhere DV TLS CA - G2		 2024-07-03 -
2025-07-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.sparkasse-heilbronn.online/
Frame ID: 749BFEAC69866EA1D8CB3825D39739AE
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dummy Startseite SPK-HN Online: Kreissparkasse Heilbronn

Page URL History Show full URLs

  1. http://sparkasse-heilbronn.online/ HTTP 307
    https://sparkasse-heilbronn.online/ HTTP 301
    http://www.sparkasse-heilbronn.online/ HTTP 307
    https://www.sparkasse-heilbronn.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+ href="/?typo3(?:conf|temp)/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

3
IPs

1
Countries

518 kB
Transfer

1669 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sparkasse-heilbronn.online/ HTTP 307
    https://sparkasse-heilbronn.online/ HTTP 301
    http://www.sparkasse-heilbronn.online/ HTTP 307
    https://www.sparkasse-heilbronn.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sparkasse-heilbronn.online/
Redirect Chain
  • http://sparkasse-heilbronn.online/
  • https://sparkasse-heilbronn.online/
  • http://www.sparkasse-heilbronn.online/
  • https://www.sparkasse-heilbronn.online/
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
acddc1387f2772d3fe335da7698534d692e9342e51cb33eca176109c4643f010
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' widgets.kununu.com *.kununu.com w2.countingdownto.com countingdownto.com cdn.trustcommander.net ms.immowelt.org kskt3.de connect.facebook.net *.trustcommander.net cdn.trustcommander.net privacy.trustcommander.net privacy.commander.com privacy.commander1.com cdn.trkkn.com tools.trkkn.com start.video-stream-hosting.de connect.guidecom.de www.baufi-lead.de consentcdn.cookiebot.com consent.cookiebot.com *.google.de www.google.de *.google.com www.google.com region1.google-analytics.com region1.analytics.google.com www.google-analytics.de *.google-analytics.com www.google-analytics.com tagmanager.google.com *.googletagmanager.com www.googletagmanager.com ssl.gstatic.com api.sparkassen-mediacenter.de cdn.trkkn.com cdn.trustcommander.net/privacy/ stats.g.doubleclick.net 'sha256-TcUB1mzXiQO4GxpTRZ0EMpOXKMU3u+n/q1WrgVIcs1I=' 'sha256-rijdwc90UmEDRrsQ45Lp7ObOm3tK5/9Yy0fb+8BXJIA='; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' connect.facebook.net cdn.trkkn.com www.googletagmanager.com cdn.trustcommander.net privacy.commander.com/ privacy.commander1.com/ www.youtube.com/ consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google-analytics.com/ www.googletagmanager.com/ api.sparkassen-mediacenter.de/ cdn.trkkn.com/tracking-extension/ cdn.trustcommander.net/privacy/ stats.g.doubleclick.net/j/; style-src 'report-sample' 'self' 'unsafe-hashes' 'unsafe-inline' cdn.trustcommander.net/ ms.immowelt.org kskt3.de/ connect.guidecom.de consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google.de/; style-src-elem 'self' 'unsafe-inline' 'report-sample'; object-src 'none'; base-uri 'self'; connect-src 'self' *.trustcommander.net cdn.trustcommander.net/ www.baufi-lead.de/ stats.g.doubleclick.net ms.immowelt.org stats.g.doubleclick.net cdn.trustcommander.net privacy.trustcommander.net *.googletagmanager.de *.googletagmanager.com www.googletagmanager.com *.commander1.com privacy.commander1.com region1.google-analytics.com region1.analytics.google.com sparkassen-mediacenter.de external-proxy-immobilien.sparkasse.de *.google.de *.google.com start.video-stream-hosting.de www.baufi-lead.de/ connect.guidecom.de www.google.com/ www.google-analytics.com/ app.sendnode.com/ consentcdn.cookiebot.com/ stats.g.doubleclick.net/j/; font-src 'self' data: www.google.com/ cdn.trustcommander.net/; frame-src 'self' w2.countingdownto.com countingdownto.com https://td.doubleclick.net/ *.trustcommander.net cdn.trustcommander.net/ www.foerdermittelauskunft.de/ ms.immowelt.org www.youtube.com/ sparkassen-mediacenter.de/ start.video-stream-hosting.de/ connect.guidecom.de/ www.youtube-nocookie.com/ ksk-heilbronn.questionizer.eu *.google.de *.google.com www.google.com/ mailing.sparkasse.de app.sendnode.com/ api.sparkassen-mediacenter.de/ consentcdn.cookiebot.com/ consent.cookiebot.com/; img-src 'self' data: widgets.kununu.com *.kununu.com imgsct.cookiebot.com/ *.google-analytics.com region1.google-analytics.com region1.analytics.google.com *.google.com *.google.de www.google.es www.google.al www.google.pl ms.immowelt.org kskt3.de/ www.google.de ticketshop.pitmodule.de/ cdn.trustcommander.net i.ytimg.com www.googletagmanager.com/ ticketshop.pitmodule.de/ www.google.de/ www.google.com/ www.google-analytics.de www.google-analytics.com; manifest-src 'self'; media-src 'self' data: www.google.com/ api.sparkassen-mediacenter.de/; report-uri 326200105cabc2d0b4273a816597cafc.report-uri.com/r/d/csp/reportOnly; worker-src 'none'; form-action 'self'; upgrade-insecure-requests; script-src-attr 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' widgets.kununu.com *.kununu.com w2.countingdownto.com countingdownto.com cdn.trustcommander.net ms.immowelt.org kskt3.de connect.facebook.net *.trustcommander.net cdn.trustcommander.net privacy.trustcommander.net privacy.commander.com privacy.commander1.com cdn.trkkn.com tools.trkkn.com start.video-stream-hosting.de connect.guidecom.de www.baufi-lead.de consentcdn.cookiebot.com consent.cookiebot.com *.google.de www.google.de *.google.com www.google.com region1.google-analytics.com region1.analytics.google.com www.google-analytics.de *.google-analytics.com www.google-analytics.com tagmanager.google.com *.googletagmanager.com www.googletagmanager.com ssl.gstatic.com api.sparkassen-mediacenter.de cdn.trkkn.com cdn.trustcommander.net/privacy/ stats.g.doubleclick.net'sha256-TcUB1mzXiQO4GxpTRZ0EMpOXKMU3u+n/q1WrgVIcs1I=' 'sha256-rijdwc90UmEDRrsQ45Lp7ObOm3tK5/9Yy0fb+8BXJIA='; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' connect.facebook.net cdn.trkkn.com www.googletagmanager.com cdn.trustcommander.net privacy.commander.com/ privacy.commander1.com/ www.youtube.com/ consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google-analytics.com/ www.googletagmanager.com/ api.sparkassen-mediacenter.de/ cdn.trkkn.com/tracking-extension/ cdn.trustcommander.net/privacy/ 'stats.g.doubleclick.net/j/; style-src 'report-sample' 'self' 'unsafe-hashes' 'unsafe-inline' cdn.trustcommander.net/ ms.immowelt.org kskt3.de/ connect.guidecom.de consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google.de/; style-src-elem 'self' 'unsafe-inline' 'report-sample'; object-src 'none'; base-uri 'self'; connect-src 'self' *.trustcommander.net cdn.trustcommander.net/ www.baufi-lead.de/ stats.g.doubleclick.net ms.immowelt.org stats.g.doubleclick.net cdn.trustcommander.net privacy.trustcommander.net *.googletagmanager.de *.googletagmanager.com www.googletagmanager.com *.commander1.com privacy.commander1.com region1.google-analytics.com region1.analytics.google.com sparkassen-mediacenter.de external-proxy-immobilien.sparkasse.de *.google.de *.google.com start.video-stream-hosting.de www.baufi-lead.de/ connect.guidecom.de www.google.com/ www.google-analytics.com/ app.sendnode.com/ consentcdn.cookiebot.com/ stats.g.doubleclick.net/j/; font-src 'self' data: www.google.com/ cdn.trustcommander.net/; frame-src 'self' w2.countingdownto.com countingdownto.com https://td.doubleclick.net/ *.trustcommander.net cdn.trustcommander.net/ www.foerdermittelauskunft.de/ ms.immowelt.org www.youtube.com/ sparkassen-mediacenter.de/ start.video-stream-hosting.de/ connect.guidecom.de/ www.youtube-nocookie.com/ ksk-heilbronn.questionizer.eu *.google.de *.google.com www.google.com/ mailing.sparkasse.de app.sendnode.com/ api.sparkassen-mediacenter.de/ consentcdn.cookiebot.com/ consent.cookiebot.com/; img-src 'self' data: widgets.kununu.com *.kununu.com imgsct.cookiebot.com *.google-analytics.com region1.google-analytics.com region1.analytics.google.com *.google.com *.google.de www.google.es www.google.al www.google.pl ms.immowelt.org kskt3.de/ www.google.de ticketshop.pitmodule.de/ cdn.trustcommander.net i.ytimg.com www.googletagmanager.com/ ticketshop.pitmodule.de/ www.google.de/ www.google.com/ www.google-analytics.de www.google-analytics.com; manifest-src 'self'; media-src 'self' data: www.google.com/ api.sparkassen-mediacenter.de/; report-uri 326200105cabc2d0b4273a816597cafc.report-uri.com/r/d/csp/reportOnly; worker-src 'none'; form-action 'self'; upgrade-insecure-requests; script-src-attr 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0
content-encoding
gzip
content-language
de
content-length
2886
content-security-policy
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' widgets.kununu.com *.kununu.com w2.countingdownto.com countingdownto.com cdn.trustcommander.net ms.immowelt.org kskt3.de connect.facebook.net *.trustcommander.net cdn.trustcommander.net privacy.trustcommander.net privacy.commander.com privacy.commander1.com cdn.trkkn.com tools.trkkn.com start.video-stream-hosting.de connect.guidecom.de www.baufi-lead.de consentcdn.cookiebot.com consent.cookiebot.com *.google.de www.google.de *.google.com www.google.com region1.google-analytics.com region1.analytics.google.com www.google-analytics.de *.google-analytics.com www.google-analytics.com tagmanager.google.com *.googletagmanager.com www.googletagmanager.com ssl.gstatic.com api.sparkassen-mediacenter.de cdn.trkkn.com cdn.trustcommander.net/privacy/ stats.g.doubleclick.net 'sha256-TcUB1mzXiQO4GxpTRZ0EMpOXKMU3u+n/q1WrgVIcs1I=' 'sha256-rijdwc90UmEDRrsQ45Lp7ObOm3tK5/9Yy0fb+8BXJIA='; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' connect.facebook.net cdn.trkkn.com www.googletagmanager.com cdn.trustcommander.net privacy.commander.com/ privacy.commander1.com/ www.youtube.com/ consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google-analytics.com/ www.googletagmanager.com/ api.sparkassen-mediacenter.de/ cdn.trkkn.com/tracking-extension/ cdn.trustcommander.net/privacy/ stats.g.doubleclick.net/j/; style-src 'report-sample' 'self' 'unsafe-hashes' 'unsafe-inline' cdn.trustcommander.net/ ms.immowelt.org kskt3.de/ connect.guidecom.de consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google.de/; style-src-elem 'self' 'unsafe-inline' 'report-sample'; object-src 'none'; base-uri 'self'; connect-src 'self' *.trustcommander.net cdn.trustcommander.net/ www.baufi-lead.de/ stats.g.doubleclick.net ms.immowelt.org stats.g.doubleclick.net cdn.trustcommander.net privacy.trustcommander.net *.googletagmanager.de *.googletagmanager.com www.googletagmanager.com *.commander1.com privacy.commander1.com region1.google-analytics.com region1.analytics.google.com sparkassen-mediacenter.de external-proxy-immobilien.sparkasse.de *.google.de *.google.com start.video-stream-hosting.de www.baufi-lead.de/ connect.guidecom.de www.google.com/ www.google-analytics.com/ app.sendnode.com/ consentcdn.cookiebot.com/ stats.g.doubleclick.net/j/; font-src 'self' data: www.google.com/ cdn.trustcommander.net/; frame-src 'self' w2.countingdownto.com countingdownto.com https://td.doubleclick.net/ *.trustcommander.net cdn.trustcommander.net/ www.foerdermittelauskunft.de/ ms.immowelt.org www.youtube.com/ sparkassen-mediacenter.de/ start.video-stream-hosting.de/ connect.guidecom.de/ www.youtube-nocookie.com/ ksk-heilbronn.questionizer.eu *.google.de *.google.com www.google.com/ mailing.sparkasse.de app.sendnode.com/ api.sparkassen-mediacenter.de/ consentcdn.cookiebot.com/ consent.cookiebot.com/; img-src 'self' data: widgets.kununu.com *.kununu.com imgsct.cookiebot.com/ *.google-analytics.com region1.google-analytics.com region1.analytics.google.com *.google.com *.google.de www.google.es www.google.al www.google.pl ms.immowelt.org kskt3.de/ www.google.de ticketshop.pitmodule.de/ cdn.trustcommander.net i.ytimg.com www.googletagmanager.com/ ticketshop.pitmodule.de/ www.google.de/ www.google.com/ www.google-analytics.de www.google-analytics.com; manifest-src 'self'; media-src 'self' data: www.google.com/ api.sparkassen-mediacenter.de/; report-uri 326200105cabc2d0b4273a816597cafc.report-uri.com/r/d/csp/reportOnly; worker-src 'none'; form-action 'self'; upgrade-insecure-requests; script-src-attr 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Thu, 04 Jul 2024 03:13:25 GMT
expires
Thu, 04 Jul 2024 03:13:25 GMT
permissions-policy
accelerometer=*, ambient-light-sensor=*, autoplay=*, battery=*, camera=*, display-capture=*, fullscreen=*, geolocation=*, gyroscope=*, keyboard-map=*, magnetometer=*, microphone=*, midi=*, navigation-override=*, payment=*, picture-in-picture=*, clipboard-read=*, clipboard-write=*
referrer-policy
strict-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-content-security-policy
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' widgets.kununu.com *.kununu.com w2.countingdownto.com countingdownto.com cdn.trustcommander.net ms.immowelt.org kskt3.de connect.facebook.net *.trustcommander.net cdn.trustcommander.net privacy.trustcommander.net privacy.commander.com privacy.commander1.com cdn.trkkn.com tools.trkkn.com start.video-stream-hosting.de connect.guidecom.de www.baufi-lead.de consentcdn.cookiebot.com consent.cookiebot.com *.google.de www.google.de *.google.com www.google.com region1.google-analytics.com region1.analytics.google.com www.google-analytics.de *.google-analytics.com www.google-analytics.com tagmanager.google.com *.googletagmanager.com www.googletagmanager.com ssl.gstatic.com api.sparkassen-mediacenter.de cdn.trkkn.com cdn.trustcommander.net/privacy/ stats.g.doubleclick.net'sha256-TcUB1mzXiQO4GxpTRZ0EMpOXKMU3u+n/q1WrgVIcs1I=' 'sha256-rijdwc90UmEDRrsQ45Lp7ObOm3tK5/9Yy0fb+8BXJIA='; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' connect.facebook.net cdn.trkkn.com www.googletagmanager.com cdn.trustcommander.net privacy.commander.com/ privacy.commander1.com/ www.youtube.com/ consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google-analytics.com/ www.googletagmanager.com/ api.sparkassen-mediacenter.de/ cdn.trkkn.com/tracking-extension/ cdn.trustcommander.net/privacy/ 'stats.g.doubleclick.net/j/; style-src 'report-sample' 'self' 'unsafe-hashes' 'unsafe-inline' cdn.trustcommander.net/ ms.immowelt.org kskt3.de/ connect.guidecom.de consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google.de/; style-src-elem 'self' 'unsafe-inline' 'report-sample'; object-src 'none'; base-uri 'self'; connect-src 'self' *.trustcommander.net cdn.trustcommander.net/ www.baufi-lead.de/ stats.g.doubleclick.net ms.immowelt.org stats.g.doubleclick.net cdn.trustcommander.net privacy.trustcommander.net *.googletagmanager.de *.googletagmanager.com www.googletagmanager.com *.commander1.com privacy.commander1.com region1.google-analytics.com region1.analytics.google.com sparkassen-mediacenter.de external-proxy-immobilien.sparkasse.de *.google.de *.google.com start.video-stream-hosting.de www.baufi-lead.de/ connect.guidecom.de www.google.com/ www.google-analytics.com/ app.sendnode.com/ consentcdn.cookiebot.com/ stats.g.doubleclick.net/j/; font-src 'self' data: www.google.com/ cdn.trustcommander.net/; frame-src 'self' w2.countingdownto.com countingdownto.com https://td.doubleclick.net/ *.trustcommander.net cdn.trustcommander.net/ www.foerdermittelauskunft.de/ ms.immowelt.org www.youtube.com/ sparkassen-mediacenter.de/ start.video-stream-hosting.de/ connect.guidecom.de/ www.youtube-nocookie.com/ ksk-heilbronn.questionizer.eu *.google.de *.google.com www.google.com/ mailing.sparkasse.de app.sendnode.com/ api.sparkassen-mediacenter.de/ consentcdn.cookiebot.com/ consent.cookiebot.com/; img-src 'self' data: widgets.kununu.com *.kununu.com imgsct.cookiebot.com *.google-analytics.com region1.google-analytics.com region1.analytics.google.com *.google.com *.google.de www.google.es www.google.al www.google.pl ms.immowelt.org kskt3.de/ www.google.de ticketshop.pitmodule.de/ cdn.trustcommander.net i.ytimg.com www.googletagmanager.com/ ticketshop.pitmodule.de/ www.google.de/ www.google.com/ www.google-analytics.de www.google-analytics.com; manifest-src 'self'; media-src 'self' data: www.google.com/ api.sparkassen-mediacenter.de/; report-uri 326200105cabc2d0b4273a816597cafc.report-uri.com/r/d/csp/reportOnly; worker-src 'none'; form-action 'self'; upgrade-insecure-requests; script-src-attr 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline';
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.sparkasse-heilbronn.online/
Non-Authoritative-Reason
HttpsUpgrades
merged-a49152d9824ad7893df2997968b73147.css
www.sparkasse-heilbronn.online/typo3temp/assets/compressed/ 		597 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/typo3temp/assets/compressed/merged-a49152d9824ad7893df2997968b73147.css?1717763055
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
66f16ad0d3aaf8b0da8c2809bc6899fc25f90c64a2bfd014b1b053155d89bdb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 03:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2024 12:24:15 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 03:13:26 GMT
jquery-3.7.0.min.js
www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/lib/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/lib/jquery-3.7.0.min.js?1690186747
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 03:13:26 GMT
last-modified
Mon, 24 Jul 2023 08:19:07 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30337
expires
Fri, 04 Jul 2025 03:13:26 GMT
merged-54716fe6ee79cb7c67126fb9dfa7e9a6.js
www.sparkasse-heilbronn.online/typo3temp/assets/compressed/ 		251 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/typo3temp/assets/compressed/merged-54716fe6ee79cb7c67126fb9dfa7e9a6.js?1691475762
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
6de59efa3eab8b892ab7585cb63338ba1990d258fdae44dd7bc8713dc4e4d5ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 03:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Aug 2023 06:22:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 03:13:26 GMT
jquery.matchHeight-min.js
www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/lib/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/lib/jquery.matchHeight-min.js?1690186747
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 03:13:26 GMT
last-modified
Mon, 24 Jul 2023 08:19:07 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1383
expires
Fri, 04 Jul 2025 03:13:26 GMT
js
www.googletagmanager.com/gtag/ 		128 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=xxx
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
430e5b0fe0a111aa0dea90d30aa713b8785c45aad68795c75dbbd1706777bca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 03:13:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
49788
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jul 2024 03:13:26 GMT
logo_ksk-hn-rot-neg.svg
www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/img/kskhn/logos/ 		24 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/img/kskhn/logos/logo_ksk-hn-rot-neg.svg
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
ec4508d690abcf5433f97e3c5eccf3a7a8be49c4a81b08b2c1706966ece7a61b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'unsafe-inline'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'unsafe-inline'; object-src 'none';
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 03:13:26 GMT
last-modified
Fri, 04 Aug 2023 10:19:23 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5402
expires
Sat, 03 Aug 2024 03:13:26 GMT
csm_404-ksk_1445955516728_9db5e66039.png
www.sparkasse-heilbronn.online/fileadmin/_processed_/4/8/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/_processed_/4/8/csm_404-ksk_1445955516728_9db5e66039.png
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
3e7c7d2c3dc4a714af7f8ec40b890965e24f80f24d11b31a966bc504e97cf705
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 04 Jul 2024 03:13:26 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Aug 2023 07:36:33 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
98156
expires
Sat, 03 Aug 2024 03:13:26 GMT
logo_ksk-hn-rot-pos.svg
www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/img/kskhn/logos/ 		17 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/img/kskhn/logos/logo_ksk-hn-rot-pos.svg
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
844291c8290c657492e19dbfe1f43e131bb2ae154f700f6a5683eb5307df560b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'unsafe-inline'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'unsafe-inline'; object-src 'none';
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 03:13:26 GMT
last-modified
Wed, 26 Jul 2023 11:58:52 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4078
expires
Sat, 03 Aug 2024 03:13:26 GMT
merged-d5afd37cebc65166b58457d62224aefc.js
www.sparkasse-heilbronn.online/typo3temp/assets/compressed/ 		359 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/typo3temp/assets/compressed/merged-d5afd37cebc65166b58457d62224aefc.js?1717741532
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
181f178bf8891a82f6cd4c47ae565321979b3c9f705e27f07847e90f0da2f7c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 03:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 07 Jun 2024 06:25:32 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 03:13:26 GMT
merged-55fe40558b2a1a26550dc34e8a57d0bd.css
www.sparkasse-heilbronn.online/typo3temp/assets/compressed/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/typo3temp/assets/compressed/merged-55fe40558b2a1a26550dc34e8a57d0bd.css?1690378991
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
0be2edca1ba160297e909d5e8269e7b41b855777f8ec505e6ec0c8aa2b9f408f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 03:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Jul 2023 13:43:11 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2499
expires
Fri, 04 Jul 2025 03:13:26 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd1349818badbc2552fa5564039d747743b136a8a4861d2e03b41d6c1f077d87

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		150 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f52e6996eb2e196c09f660329fe28be354eadbc69be65b9c375110427644e08e

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
sparkassehead_rg-webfont.woff
www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/fonts/sparkassehead_rg-webfont.woff
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/typo3temp/assets/compressed/merged-a49152d9824ad7893df2997968b73147.css?1717763055
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
0dbfa8096306c36822968150de4363dedd8ef121da0cd82c6172b2e71703a9d2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/typo3temp/assets/compressed/merged-a49152d9824ad7893df2997968b73147.css?1717763055
Origin
https://www.sparkasse-heilbronn.online
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 04 Jul 2024 03:13:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 08:19:02 GMT
server
Apache
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
32176
expires
Sat, 03 Aug 2024 03:13:26 GMT
SparRg-webfont.woff2
www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/fonts/SparRg-webfont.woff2
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/typo3temp/assets/compressed/merged-a49152d9824ad7893df2997968b73147.css?1717763055
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
64a48024c73d50852e29f097eb44c85f0c3392b3098e28592708a3d5fd7e29c6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/typo3temp/assets/compressed/merged-a49152d9824ad7893df2997968b73147.css?1717763055
Origin
https://www.sparkasse-heilbronn.online
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 04 Jul 2024 03:13:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 Jul 2023 08:19:02 GMT
server
Apache
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
22912
expires
Sat, 03 Aug 2024 03:13:26 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin
https://www.sparkasse-heilbronn.online
Accept-Language
fi-FI,fi;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
kreissparkasse_heilbronn_logo_weiss.svg
www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/img/kskhn/logos/ 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/img/kskhn/logos/kreissparkasse_heilbronn_logo_weiss.svg
Requested by
Host: www.sparkasse-heilbronn.online
URL: https://www.sparkasse-heilbronn.online/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
94d73ef092f9ad0e00e0c9844056ae44cd1034a90038bd7c4d5ad6d4b32d3464
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'unsafe-inline'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'unsafe-inline'; object-src 'none';
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 03:13:26 GMT
last-modified
Mon, 24 Jul 2023 08:19:06 GMT
server
Apache
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6074
expires
Sat, 03 Aug 2024 03:13:26 GMT
favicon.ico
www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/img/kskhn/favicons/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.sparkasse-heilbronn.online/fileadmin/templates/ksk_hn_landingpage/img/kskhn/favicons/favicon.ico
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.211.227 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi4158.your-server.de
Software
Apache /
Resource Hash
2e2a9dfafdd5fd19ca8a8126d4cead7d184bc38f1dc2531b583821f9ae021eda
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.sparkasse-heilbronn.online/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 03:13:26 GMT
last-modified
Mon, 24 Jul 2023 08:19:06 GMT
server
Apache
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=604800
accept-ranges
bytes
content-length
1534
expires
Thu, 11 Jul 2024 03:13:26 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bootstrap function| Swiper function| Mmenu function| iFrameResize string| gaProperty string| disableStr function| gaOptout function| gtag object| dataLayer function| _toConsumableArray function| _slice function| _slicedToArray function| _extends function| PowermailForm function| _typeof object| bookmarkscroll object| headerswiper function| getBackgroundImageSize function| generatepdf function| scrollToImmoResults object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley function| Shariff function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| imagesLoaded function| Isotope object| google_tag_manager object| google_tag_data

0 Cookies

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' widgets.kununu.com *.kununu.com w2.countingdownto.com countingdownto.com cdn.trustcommander.net ms.immowelt.org kskt3.de connect.facebook.net *.trustcommander.net cdn.trustcommander.net privacy.trustcommander.net privacy.commander.com privacy.commander1.com cdn.trkkn.com tools.trkkn.com start.video-stream-hosting.de connect.guidecom.de www.baufi-lead.de consentcdn.cookiebot.com consent.cookiebot.com *.google.de www.google.de *.google.com www.google.com region1.google-analytics.com region1.analytics.google.com www.google-analytics.de *.google-analytics.com www.google-analytics.com tagmanager.google.com *.googletagmanager.com www.googletagmanager.com ssl.gstatic.com api.sparkassen-mediacenter.de cdn.trkkn.com cdn.trustcommander.net/privacy/ stats.g.doubleclick.net 'sha256-TcUB1mzXiQO4GxpTRZ0EMpOXKMU3u+n/q1WrgVIcs1I=' 'sha256-rijdwc90UmEDRrsQ45Lp7ObOm3tK5/9Yy0fb+8BXJIA='; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' connect.facebook.net cdn.trkkn.com www.googletagmanager.com cdn.trustcommander.net privacy.commander.com/ privacy.commander1.com/ www.youtube.com/ consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google-analytics.com/ www.googletagmanager.com/ api.sparkassen-mediacenter.de/ cdn.trkkn.com/tracking-extension/ cdn.trustcommander.net/privacy/ stats.g.doubleclick.net/j/; style-src 'report-sample' 'self' 'unsafe-hashes' 'unsafe-inline' cdn.trustcommander.net/ ms.immowelt.org kskt3.de/ connect.guidecom.de consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google.de/; style-src-elem 'self' 'unsafe-inline' 'report-sample'; object-src 'none'; base-uri 'self'; connect-src 'self' *.trustcommander.net cdn.trustcommander.net/ www.baufi-lead.de/ stats.g.doubleclick.net ms.immowelt.org stats.g.doubleclick.net cdn.trustcommander.net privacy.trustcommander.net *.googletagmanager.de *.googletagmanager.com www.googletagmanager.com *.commander1.com privacy.commander1.com region1.google-analytics.com region1.analytics.google.com sparkassen-mediacenter.de external-proxy-immobilien.sparkasse.de *.google.de *.google.com start.video-stream-hosting.de www.baufi-lead.de/ connect.guidecom.de www.google.com/ www.google-analytics.com/ app.sendnode.com/ consentcdn.cookiebot.com/ stats.g.doubleclick.net/j/; font-src 'self' data: www.google.com/ cdn.trustcommander.net/; frame-src 'self' w2.countingdownto.com countingdownto.com https://td.doubleclick.net/ *.trustcommander.net cdn.trustcommander.net/ www.foerdermittelauskunft.de/ ms.immowelt.org www.youtube.com/ sparkassen-mediacenter.de/ start.video-stream-hosting.de/ connect.guidecom.de/ www.youtube-nocookie.com/ ksk-heilbronn.questionizer.eu *.google.de *.google.com www.google.com/ mailing.sparkasse.de app.sendnode.com/ api.sparkassen-mediacenter.de/ consentcdn.cookiebot.com/ consent.cookiebot.com/; img-src 'self' data: widgets.kununu.com *.kununu.com imgsct.cookiebot.com/ *.google-analytics.com region1.google-analytics.com region1.analytics.google.com *.google.com *.google.de www.google.es www.google.al www.google.pl ms.immowelt.org kskt3.de/ www.google.de ticketshop.pitmodule.de/ cdn.trustcommander.net i.ytimg.com www.googletagmanager.com/ ticketshop.pitmodule.de/ www.google.de/ www.google.com/ www.google-analytics.de www.google-analytics.com; manifest-src 'self'; media-src 'self' data: www.google.com/ api.sparkassen-mediacenter.de/; report-uri 326200105cabc2d0b4273a816597cafc.report-uri.com/r/d/csp/reportOnly; worker-src 'none'; form-action 'self'; upgrade-insecure-requests; script-src-attr 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Security-Policy default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' widgets.kununu.com *.kununu.com w2.countingdownto.com countingdownto.com cdn.trustcommander.net ms.immowelt.org kskt3.de connect.facebook.net *.trustcommander.net cdn.trustcommander.net privacy.trustcommander.net privacy.commander.com privacy.commander1.com cdn.trkkn.com tools.trkkn.com start.video-stream-hosting.de connect.guidecom.de www.baufi-lead.de consentcdn.cookiebot.com consent.cookiebot.com *.google.de www.google.de *.google.com www.google.com region1.google-analytics.com region1.analytics.google.com www.google-analytics.de *.google-analytics.com www.google-analytics.com tagmanager.google.com *.googletagmanager.com www.googletagmanager.com ssl.gstatic.com api.sparkassen-mediacenter.de cdn.trkkn.com cdn.trustcommander.net/privacy/ stats.g.doubleclick.net'sha256-TcUB1mzXiQO4GxpTRZ0EMpOXKMU3u+n/q1WrgVIcs1I=' 'sha256-rijdwc90UmEDRrsQ45Lp7ObOm3tK5/9Yy0fb+8BXJIA='; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' 'report-sample' connect.facebook.net cdn.trkkn.com www.googletagmanager.com cdn.trustcommander.net privacy.commander.com/ privacy.commander1.com/ www.youtube.com/ consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google-analytics.com/ www.googletagmanager.com/ api.sparkassen-mediacenter.de/ cdn.trkkn.com/tracking-extension/ cdn.trustcommander.net/privacy/ 'stats.g.doubleclick.net/j/; style-src 'report-sample' 'self' 'unsafe-hashes' 'unsafe-inline' cdn.trustcommander.net/ ms.immowelt.org kskt3.de/ connect.guidecom.de consentcdn.cookiebot.com/ consent.cookiebot.com/ www.google.com/ www.google.de/; style-src-elem 'self' 'unsafe-inline' 'report-sample'; object-src 'none'; base-uri 'self'; connect-src 'self' *.trustcommander.net cdn.trustcommander.net/ www.baufi-lead.de/ stats.g.doubleclick.net ms.immowelt.org stats.g.doubleclick.net cdn.trustcommander.net privacy.trustcommander.net *.googletagmanager.de *.googletagmanager.com www.googletagmanager.com *.commander1.com privacy.commander1.com region1.google-analytics.com region1.analytics.google.com sparkassen-mediacenter.de external-proxy-immobilien.sparkasse.de *.google.de *.google.com start.video-stream-hosting.de www.baufi-lead.de/ connect.guidecom.de www.google.com/ www.google-analytics.com/ app.sendnode.com/ consentcdn.cookiebot.com/ stats.g.doubleclick.net/j/; font-src 'self' data: www.google.com/ cdn.trustcommander.net/; frame-src 'self' w2.countingdownto.com countingdownto.com https://td.doubleclick.net/ *.trustcommander.net cdn.trustcommander.net/ www.foerdermittelauskunft.de/ ms.immowelt.org www.youtube.com/ sparkassen-mediacenter.de/ start.video-stream-hosting.de/ connect.guidecom.de/ www.youtube-nocookie.com/ ksk-heilbronn.questionizer.eu *.google.de *.google.com www.google.com/ mailing.sparkasse.de app.sendnode.com/ api.sparkassen-mediacenter.de/ consentcdn.cookiebot.com/ consent.cookiebot.com/; img-src 'self' data: widgets.kununu.com *.kununu.com imgsct.cookiebot.com *.google-analytics.com region1.google-analytics.com region1.analytics.google.com *.google.com *.google.de www.google.es www.google.al www.google.pl ms.immowelt.org kskt3.de/ www.google.de ticketshop.pitmodule.de/ cdn.trustcommander.net i.ytimg.com www.googletagmanager.com/ ticketshop.pitmodule.de/ www.google.de/ www.google.com/ www.google-analytics.de www.google-analytics.com; manifest-src 'self'; media-src 'self' data: www.google.com/ api.sparkassen-mediacenter.de/; report-uri 326200105cabc2d0b4273a816597cafc.report-uri.com/r/d/csp/reportOnly; worker-src 'none'; form-action 'self'; upgrade-insecure-requests; script-src-attr 'self' 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block