kunden.openbank.de Open in urlscan Pro
65.9.66.107 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kunden.openbank.de/
Effective URL:
https://kunden.openbank.de/
Submission Tags: hades
Submission: On January 07 via api (January 7th 2024, 1:33:14 pm UTC) from ES — Scanned from DE

Summary HTTP 51 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 51 HTTP transactions. The main IP is 65.9.66.107, located in United States and belongs to AMAZON-02, US. The main domain is kunden.openbank.de.
TLS certificate: Issued by Amazon RSA 2048 M01 on April 17th 2023. Valid for: a year.

This is the only time kunden.openbank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	65.9.66.91 65.9.66.91	16509 (AMAZON-02) (AMAZON-02)
10	65.9.66.107 65.9.66.107	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.32.27.38 13.32.27.38	16509 (AMAZON-02) (AMAZON-02)
1	52.222.149.13 52.222.149.13	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:fe00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20b... 2600:9000:20b4:be00:4:de86:dd80:93a1	16509 (AMAZON-02) (AMAZON-02)
12	18.173.154.55 18.173.154.55	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c3:b600:1a:22b2:e080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	35.71.143.211 35.71.143.211	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	3.254.43.184 3.254.43.184	16509 (AMAZON-02) (AMAZON-02)
51	16

1 65.9.66.91 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-91.fra56.r.cloudfront.net

kunden.openbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 65.9.66.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-107.fra56.r.cloudfront.net

kunden.openbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.27.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-38.fra56.r.cloudfront.net

teal.openbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-13.cdg52.r.cloudfront.net

js-cdn.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:fe00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20b4:be00:4:de86:dd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.openbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.173.154.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-55.muc50.r.cloudfront.net

api.openbank.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:b600:1a:22b2:e080:93a1 (United States)

ASN16509 (AMAZON-02, US)

bcdn.openbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.143.211 (United States)

ASN16509 (AMAZON-02, US)
PTR: a126ff6b07ca40eab.awsglobalaccelerator.com

even.openbank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.254.43.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-254-43-184.eu-west-1.compute.amazonaws.com

bf08078zsq.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	openbank.de 1 redirects kunden.openbank.de teal.openbank.de even.openbank.de	13 MB
12	openbank.es api.openbank.es — Cisco Umbrella Rank: 938789	131 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 659	176 KB
4	unpkg.com unpkg.com — Cisco Umbrella Rank: 1326	57 KB
3	openbank.com assets.openbank.com bcdn.openbank.com	155 KB
3	dynatrace.com js-cdn.dynatrace.com — Cisco Umbrella Rank: 7965 bf08078zsq.bf.dynatrace.com	86 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	157 KB
1	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1316	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	30 KB
51	10

	Domain	Requested by
12	api.openbank.es	js-cdn.dynatrace.com
11	kunden.openbank.de	1 redirects kunden.openbank.de
5	teal.openbank.de	kunden.openbank.de teal.openbank.de
4	maps.googleapis.com	kunden.openbank.de js-cdn.dynatrace.com maps.googleapis.com
4	unpkg.com	kunden.openbank.de
2	bf08078zsq.bf.dynatrace.com	js-cdn.dynatrace.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com kunden.openbank.de
2	www.googletagmanager.com	teal.openbank.de www.googletagmanager.com
2	assets.openbank.com	kunden.openbank.de
1	even.openbank.de	js-cdn.dynatrace.com
1	bcdn.openbank.com	kunden.openbank.de
1	tags.tiqcdn.com	teal.openbank.de
1	js-cdn.dynatrace.com	kunden.openbank.de
1	code.jquery.com	kunden.openbank.de
51	15

This site contains links to these domains. Also see Links.

Domain
www.openbank.de
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
clientes.openbank.es Amazon RSA 2048 M01	`2023-04-17` - `2024-05-15`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
teal.openbank.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-31`	a year	crt.sh
js-cdn.dynatrace.com Amazon RSA 2048 M02	`2024-01-03` - `2025-01-31`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.openbank.com Amazon RSA 2048 M01	`2023-09-24` - `2024-10-22`	a year	crt.sh
api.openbank.es DigiCert TLS RSA SHA256 2020 CA1	`2023-04-25` - `2024-05-09`	a year	crt.sh
bcdn.openbank.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-13` - `2024-07-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
even.openbank.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-31`	a year	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M03	`2023-12-20` - `2025-01-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://kunden.openbank.de/
Frame ID: C2A2D78F3667258EEC0BD08ABFC611A2
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OpenbankCookies DE

Page URL History Show full URLs

http://kunden.openbank.de/ HTTP 301
https://kunden.openbank.de/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

98 %
HTTPS

56 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

14188 kB
Transfer

63593 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.openbank.de/datenschutzpolitik
Title: hier

Search URL Search Domain Scan URL

URL: https://apps.apple.com/nl/app/openbank-banco-online/id1217874244

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=es.openbank.mobile&hl=nl%20

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kunden.openbank.de/ HTTP 301
https://kunden.openbank.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kunden.openbank.de/
Redirect Chain

http://kunden.openbank.de/
https://kunden.openbank.de/

4 KB
2 KB

126ms
44ms

Document
text/html

65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

753eadb71059d70847a05ea5f590b02322125c109db6937f5aaed71149c32fd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET, POST, HEAD
access-control-max-age: 86400
age: 6
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1513
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Sun, 07 Jan 2024 13:33:01 GMT
etag: "11a2-60d06e7c9f080-gzip"
last-modified: Thu, 21 Dec 2023 15:39:30 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-id: i4TjCoigT6IuVM0T3iRSmEznweRUiHSG4RtVVAd0kxOUaiNh5kLQVA==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sun, 07 Jan 2024 13:33:01 GMT
Location: https://kunden.openbank.de/
Server: CloudFront
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ZY3uQq9udhlB4R1gc7yfeKVMU_H6cdYGUDPTp_U5e0MDqBOE0-GlwA==
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Redirect from cloudfront

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 183ms
57ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: kunden.openbank.de
URL: https://kunden.openbank.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9833770
x-cache: HIT, HIT
content-length: 30125
x-served-by: cache-lga21971-LGA, cache-sof1510038-SOF
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704634382.121792,VS0,VE0
etag: W/"28feccc0-15283"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 181, 83572

GET
H2 200 react.production.min.js Show response
unpkg.com/react@16.14.0/umd/ 12 KB
5 KB 146ms
50ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@16.14.0/umd/react.production.min.js

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kunden.openbank.de/
Origin: https://kunden.openbank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:02 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4710051
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HF5P5JHX4D3H35ZHF1CT4ETB-fra
server: cloudflare
etag: W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 841c91f95e289229-FRA

GET
H2 200 react-dom.production.min.js Show response
unpkg.com/react-dom@16.14.0/umd/ 116 KB
38 KB 50ms
50ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kunden.openbank.de/
Origin: https://kunden.openbank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:02 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 5816902
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HE4PK5EZ9C4J1NNTCHABJDEY-fra
server: cloudflare
etag: W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 841c91f9ae579229-FRA

GET
H2 200 react-is.production.min.js Show response
unpkg.com/react-is@16.13.1/umd/ 3 KB
1 KB 50ms
50ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-is@16.13.1/umd/react-is.production.min.js

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092e3b681fad365a891751ed760b1807cadcb99ed8c4019142b87c2180a33233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kunden.openbank.de/
Origin: https://kunden.openbank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:02 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 640157
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HJYZGWY58N9TZNZ49H8KF9VC-fra
server: cloudflare
etag: W/"a0f-7uei9ew/OGum285f6Q6gz2i8l2E"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 841c91fa0ea99229-FRA

GET
H2 200 styled-components.min.js Show response
unpkg.com/styled-components@5.3.5/dist/ 33 KB
13 KB 50ms
50ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/styled-components@5.3.5/dist/styled-components.min.js

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0352f10d41c621ec4f89daeac8d271892831c00234177038ca64254e8e489e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kunden.openbank.de/
Origin: https://kunden.openbank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:02 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3323620
last-modified: Thu, 24 Mar 2022 14:36:32 GMT
fly-request-id: 01HGF0C26Z31KHFFC692X1K1RH-fra
server: cloudflare
etag: W/"832d-SuxI6UkQR9635sQ+zhlVNHSethA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 841c91fa5f039229-FRA

GET
H2 200 utag.sync.js Show response
teal.openbank.de/web-ok-de/prod/ 109 B
617 B 215ms
40ms Script
application/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://teal.openbank.de/web-ok-de/prod/utag.sync.js
Requested by: Host: kunden.openbank.de
URL: https://kunden.openbank.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60a1f8057c2c253128f504457353d3857625fcba14f125983508149855dda018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: vuARvvtGKm6WUaFDJbMCn.T0iEAwThEZ
via: 1.1 89e34e3fd814f1393ef77867b93dd12e.cloudfront.net (CloudFront), 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 13:32:53 GMT
x-amz-cf-pop: FRA56-P4, FRA56-C2
age: 10
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 109
last-modified: Thu, 04 Jan 2024 11:40:18 GMT
server: AmazonS3
etag: "b8d84ee0ef9237cbb21089bcb0d6e4fa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: FOyYiiroT-v4pP-tKeMmZSdm3daYXDvdYDyV0k09J2yhsucQF4iRRw==

GET
H2 200 2ddf784f46f45581_complete.js Show response
js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/ 222 KB
84 KB 221ms
61ms Script
application/javascript 52.222.149.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js
Requested by: Host: kunden.openbank.de
URL: https://kunden.openbank.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-13.cdg52.r.cloudfront.net
Software: /
Resource Hash: c95ee0d72c0c1840bb498ac0530a924c251935bd63456edefc4a8ff5cd671a2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:01:21 GMT
content-encoding: gzip
via: 1.1 90f2730fcbf1dfb3e49905fd930a0264.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
age: 1901
x-cache: Hit from cloudfront
x-oneagent-js-injection: true
traffic-source: UNKNOWN
dynatrace-response-id: TNCOIYYIC0HB
dynatrace-response-source: Cluster
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
timing-allow-origin: *
x-amz-cf-id: ezwkE3YMe-E0aBf7bYnxvyWTYYtbPjuCn1q03swxMUewlKtp1fOc_A==
expires: Sun, 07 Jan 2024 14:01:21 GMT

GET
H2 200 style.index.8ecd15a0705d73027158.css
kunden.openbank.de/ 4 MB
652 KB 47ms
47ms Stylesheet
text/css 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.openbank.de/style.index.8ecd15a0705d73027158.css

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

5c5b8a5186db19cb19f26b4449c55563d2105e39a580946fc55ee2e0fb2912ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 16:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C1
age: 1457925
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 15:39:30 GMT
server: Apache
etag: "471600-60d06e7c9f080-gzip"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: text/css
access-control-max-age: 86400
cache-control: max-age=31536000, public
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Fohtr_CXG4YAffWV-XtjZ-ocI9Gk_Mwimm63RlxOP6YgER2nw8pn3Q==

GET
H2 200 utag.js Show response
teal.openbank.de/web-ok-de/prod/ 1 MB
807 KB 56ms
56ms Script
application/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://teal.openbank.de/web-ok-de/prod/utag.js
Requested by: Host: kunden.openbank.de
URL: https://kunden.openbank.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b28ae79f45e7ca9f9267b04586577674df48546394ee91bf30a0d8aff3b6e85c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 6WzDY2HMy1WYPNgQUmeP7VXcDIBConMY
content-encoding: br
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront), 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 13:30:11 GMT
last-modified: Thu, 04 Jan 2024 11:40:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C2
age: 179
x-amz-server-side-encryption: AES256
etag: W/"89e5f25217394a96a3a57017014ee25b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 15aSDnvKbMjRJdCNrZ5clrU9jWlIWd-xkMkO2ST5AHJQCZVXR16E-Q==

GET
H2 200 app.index.8ecd15a0705d73027158.js Show response
kunden.openbank.de/ 53 MB
12 MB 42ms
42ms Script
text/javascript 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.openbank.de/app.index.8ecd15a0705d73027158.js

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

f8c6fcd7ceb50bf3d6e197bdf459c45c3e02ef069cb67102d2a4f113d573b014

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 16:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C1
age: 1459128
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 15:39:30 GMT
server: Apache
etag: "34bb06b-60d06e7c9f080-gzip"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: text/javascript
access-control-max-age: 86400
cache-control: max-age=31536000, public
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 8k-gxHcV6VlQScsICrDcyYkiXQ44OFLpCUY-dXkyuKQC7T8nXzxKzw==

GET
H2 200 utag.33.js Show response
tags.tiqcdn.com/utag/ods/web-ok-de/dev/ 2 KB
1 KB 126ms
40ms Script
application/javascript 2600:9000:223e:fe00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ods/web-ok-de/dev/utag.33.js
Requested by: Host: teal.openbank.de
URL: https://teal.openbank.de/web-ok-de/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:fe00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2625609ab20dd11ca3e0216511403a9a89988f6205eafc5d42fc1b4673f0b2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: yVpKZuukOsXGNIK7x686deIULHVwidfX
content-encoding: br
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 13:30:23 GMT
last-modified: Thu, 04 Jan 2024 14:25:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 188
x-amz-server-side-encryption: AES256
etag: W/"cfc2a6d7286295ca6b1aca658c46a84f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: BD940k69dHfUEeN_C-UIATjIN_Tpy324xkpSszHUWJeFGmbdOqrUvw==

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 413dead3dfc9895fa7689eab0ab75eb149f8bfffa586f640831dc56811c0c423

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e392c2fea2e0b1b283b5e79fdd8993ad3f304d4987f1f8e00a40844d4eb088b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 appleicon.svg
kunden.openbank.de/assets/static/cookies/de/ 4 KB
4 KB 124ms
123ms Image
text/html 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kunden.openbank.de/assets/static/cookies/de/appleicon.svg

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

753eadb71059d70847a05ea5f590b02322125c109db6937f5aaed71149c32fd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:03 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 15:39:30 GMT
server: Apache
etag: W/"11a2-60d06e7c9f080"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: text/html
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: false
vary: Accept-Encoding
x-amz-cf-id: b7ykI4n9lYMe4aZZMaTuZ0jClyh3WiW8Ohtp2CQk65fVnHX6VQ_2jg==

GET
H2 404 googleicon.svg
kunden.openbank.de/assets/static/cookies/de/ 4 KB
4 KB 130ms
130ms Image
text/html 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kunden.openbank.de/assets/static/cookies/de/googleicon.svg

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

753eadb71059d70847a05ea5f590b02322125c109db6937f5aaed71149c32fd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:03 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 15:39:30 GMT
server: Apache
etag: W/"11a2-60d06e7c9f080"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: text/html
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: false
vary: Accept-Encoding
x-amz-cf-id: Utra3UB2bzlXlakh0QO2dc3HcbynsroBKIGspwCGjZbaLYm1LhNeFw==

GET
DATA 200
OK truncated
/ 712 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acf74b24a6a3cd9f852f2a23687a5794f37ac460f3ea8ecefe0aae7c57b4f5e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Outfit-Semibold.woff2
assets.openbank.com/web/fonts/ 12 KB
13 KB 227ms
51ms Font
binary/octet-stream 2600:9000:20b4:be00:4:de86:dd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.openbank.com/web/fonts/Outfit-Semibold.woff2
Requested by: Host: kunden.openbank.de
URL: https://kunden.openbank.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:be00:4:de86:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64e52e4382686e0d0040361ea04b52b35f6c53b11ed30764cb1a33141515b18b

Request headers

Referer: https://kunden.openbank.de/
Origin: https://kunden.openbank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: Tr0EVE3LSGS3LPGbvMYq7smX0l59I6aB
date: Sun, 07 Jan 2024 13:20:27 GMT
via: 1.1 391671221007e4a70643cc0de549779c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
age: 3972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12760
last-modified: Fri, 21 Oct 2022 11:37:46 GMT
server: AmazonS3
etag: "965705d8b6e97a1eee348ad95814e9d6"
access-control-max-age: 0
access-control-allow-methods: PUT, GET
content-type: binary/octet-stream
access-control-allow-origin: https://kunden.openbank.de
vary: Origin
access-control-allow-credentials: true
cache-control: public, must-revalidate, max-age=3600
accept-ranges: bytes
x-amz-cf-id: XEZZ_RqC8BXM0i6KNY16xeHul2h8CMGor-VfgFE0vvjCxfENerkHvg==

GET
H2 200 Outfit-Regular.woff2
assets.openbank.com/web/fonts/ 12 KB
13 KB 219ms
43ms Font
binary/octet-stream 2600:9000:20b4:be00:4:de86:dd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.openbank.com/web/fonts/Outfit-Regular.woff2
Requested by: Host: kunden.openbank.de
URL: https://kunden.openbank.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:be00:4:de86:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 146664f5f7c0f4787a0eaf09eed07fdcc38eaa53a45c92d548d32aafd3a8fe39

Request headers

Referer: https://kunden.openbank.de/
Origin: https://kunden.openbank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: SXzJCQTBSRzYY3OYD4vMAwyvIzo22yeN
date: Sun, 07 Jan 2024 13:18:23 GMT
via: 1.1 391671221007e4a70643cc0de549779c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
age: 3972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12752
last-modified: Fri, 21 Oct 2022 11:37:46 GMT
server: AmazonS3
etag: "9cc312a521d265d9c48e3ec9cabe0e85"
access-control-max-age: 0
access-control-allow-methods: PUT, GET
content-type: binary/octet-stream
access-control-allow-origin: https://kunden.openbank.de
vary: Origin
access-control-allow-credentials: true
cache-control: public, must-revalidate, max-age=3600
accept-ranges: bytes
x-amz-cf-id: oRkNx7E7L3imGVoEI16tm1M2NgctY0wYL1w8CSVVku7-HzB7Dr-nkA==

GET
H2 200 Outfit-Semibold.ttf
kunden.openbank.de/fonts/ 30 KB
17 KB 42ms
41ms Font
font/ttf 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.openbank.de/fonts/Outfit-Semibold.ttf

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/style.index.8ecd15a0705d73027158.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

4fca45e77f2ac3bcff26ee980599bba77632310b766ee2dbff533457f0dd76e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kunden.openbank.de/style.index.8ecd15a0705d73027158.css
Origin: https://kunden.openbank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 13:31:57 GMT
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 90
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 15:39:29 GMT
server: Apache
etag: W/"76a8-60d06e7baae40"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: font/ttf
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: false
vary: Accept-Encoding
x-amz-cf-id: hF-o8XNwfVRR4M17pIPGTAUjI_-p9xEDDhNuGBTat3ZkrXvoQXLj9w==

OPTIONS
H2 200 topbar
api.openbank.es/cms-api/common/ 0
0 183ms
62ms Preflight
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/cms-api/common/topbar?language=es

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: openbankauthtoken,version
Access-Control-Request-Method: GET
Origin: https://kunden.openbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: openbankauthtoken,version
access-control-allow-methods: GET
access-control-allow-origin: https://kunden.openbank.de
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: UTF-8
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: application/json
date: Sun, 07 Jan 2024 13:33:05 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-id: 17tX5BLDLJMnNeRFeqGcZbzEEAjOkgL2xpRmFZMEuBV_T2B1_ajQbA==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

OPTIONS
H2 200 ip
api.openbank.es/ipcyp/cypher/ 0
0 184ms
64ms Preflight
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/ipcyp/cypher/ip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: openbankauthtoken
Access-Control-Request-Method: GET
Origin: https://kunden.openbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: openbankauthtoken
access-control-allow-methods: GET
access-control-allow-origin: https://kunden.openbank.de
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: UTF-8
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: application/json
date: Sun, 07 Jan 2024 13:33:05 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-id: PI_r5tPnEKIUFc0emTDo7PRFTVjVhaAsbjS9uvkGG2yq9EoYgVjtmg==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

OPTIONS
H2 200 offlog-profiles
api.openbank.es/ 0
0 168ms
65ms Preflight
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/offlog-profiles?includeProfile=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,openbankauthtoken,version
Access-Control-Request-Method: POST
Origin: https://kunden.openbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type,openbankauthtoken,version
access-control-allow-methods: POST
access-control-allow-origin: https://kunden.openbank.de
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: UTF-8
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: application/json
date: Sun, 07 Jan 2024 13:33:05 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-id: I0NdavY-fm-Uszo2qaKtlKGM5YHV-oSqrpxOGgDmZYAJFyII6MMFzg==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

OPTIONS
H2 200 extended
api.openbank.es/claves/cmc/ 0
0 162ms
62ms Preflight
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/claves/cmc/extended

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: openbankauthtoken
Access-Control-Request-Method: GET
Origin: https://kunden.openbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: openbankauthtoken
access-control-allow-methods: GET
access-control-allow-origin: https://kunden.openbank.de
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: UTF-8
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: application/json
date: Sun, 07 Jan 2024 13:33:05 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-id: 4AUSewGYg1UsMSGF33mzrcq42b26tHeFOiKgYxEMm8DVYcPgFUePZQ==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

OPTIONS
H2 200 web-feature-flagging
api.openbank.es/config-reader-properties/values/ 0
0 159ms
61ms Preflight
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/config-reader-properties/values/web-feature-flagging

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: openbankauthtoken
Access-Control-Request-Method: GET
Origin: https://kunden.openbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: openbankauthtoken
access-control-allow-methods: GET
access-control-allow-origin: https://kunden.openbank.de
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: UTF-8
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: application/json
date: Sun, 07 Jan 2024 13:33:05 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-id: JVCUEe781u7Thjg5LaKnOgHqjq8ov5oHEcdPFq-9d-z1SN9b8qWg_A==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

OPTIONS
H2 200 bytype
api.openbank.es/user/profile/address/ 0
0 158ms
61ms Preflight
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/user/profile/address/bytype

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,openbankauthtoken
Access-Control-Request-Method: POST
Origin: https://kunden.openbank.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type,openbankauthtoken
access-control-allow-methods: POST
access-control-allow-origin: https://kunden.openbank.de
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: UTF-8
content-length: 0
content-security-policy: upgrade-insecure-requests
content-type: application/json
date: Sun, 07 Jan 2024 13:33:05 GMT
server: CloudFront
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-id: ZZs8VKCTL3sTJKJStBLsREcIIZLJANaFTGAt14aQ859lYOXSK_cqcg==
x-amz-cf-pop: MUC50-P3
x-cache: Miss from cloudfront

GET
H2 200 topbar Show response
api.openbank.es/cms-api/common/ 101 KB
102 KB 118ms
108ms XHR
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/cms-api/common/topbar?language=es

Requested by

Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

2f4753874ffeee0aac98e78383f4aa56f5794869bcdf3c26b22ef6f04bcc862d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, application/json
openBankAuthToken
Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
version: 2

Response headers

date: Sun, 07 Jan 2024 13:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
traceresponse: 00-6d29424cca73b23eace008dbab782533-0e6a0f3f817b6518-01
x-cache: Miss from cloudfront
openbankcorrelationid: 1c937886-6b98-4167-a937-ea0cd1c5d0d3, 1c937886-6b98-4167-a937-ea0cd1c5d0d3
projectversion: gateway:2.16.15, cms-api:1.111.0+WM-7770.3
x-xss-protection: 1; mode=block
artifactid: gateway, cms-api
x-application-context: gateway:native,aws,prod:8443
pragma: no-cache
x-dt-tracestate: f2c0e308-a07e0240@dt
server: CloudFront
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36, Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
access-control-max-age: 3600
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kunden.openbank.de
access-control-expose-headers: ADRUM_0,ADRUM_1,ADRUM_2,ADRUM_3,ADRUM_4,ADRUM_5,ADRUM_6,ADRUM_7,ADRUM_8,ADRUM_9,ADRUM_10,ADRUM_11,ADRUM_12,ADRUM_13,ADRUM_14,ADRUM_15,ADRUM_16,ADRUM_17,ADRUM_18,logged-at
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: false
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with, authorization, content-type, openBankAuthToken, sessionToken, username, password, version, originCountry, openBankInteractionId, isOfficeAgent, openBankToken
x-amz-cf-id: -26ML1lCjfoHwW8UbBfNkEyWuwYp5QMzV90QDJIME3HJ5o2-ZJXW4Q==
expires: 0

GET
H2 200 ip Show response
api.openbank.es/ipcyp/cypher/ 367 B
2 KB 109ms
100ms XHR
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/ipcyp/cypher/ip

Requested by

Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

04c9815f411e9c9657274d8a32b3b5aef650cfb4fdebd8097fd5dd980e434faf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, application/json
openBankAuthToken
Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
traceresponse: 00-8db1172aebd27e3db0a9d801acebcdb3-97dd18ae248d34ec-01
x-cache: Miss from cloudfront
openbankcorrelationid: 96d31c96-d1cc-4f70-9ee1-1a20d5f38ae1, 96d31c96-d1cc-4f70-9ee1-1a20d5f38ae1
projectversion: gateway:2.16.15, ipcyp:v1.0.12
x-xss-protection: 1; mode=block
artifactid: gateway, ipcyp
x-application-context: gateway:native,aws,prod:8443
pragma: no-cache
x-dt-tracestate: f2c0e308-a07e0240@dt
server: CloudFront
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36, Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
access-control-max-age: 3600
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kunden.openbank.de
access-control-expose-headers: ADRUM_0,ADRUM_1,ADRUM_2,ADRUM_3,ADRUM_4,ADRUM_5,ADRUM_6,ADRUM_7,ADRUM_8,ADRUM_9,ADRUM_10,ADRUM_11,ADRUM_12,ADRUM_13,ADRUM_14,ADRUM_15,ADRUM_16,ADRUM_17,ADRUM_18,logged-at
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: false
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with, authorization, content-type, openBankAuthToken, sessionToken, username, password, version, originCountry, openBankInteractionId, isOfficeAgent, openBankToken
x-amz-cf-id: IkBaj5UtJy4nsxSXc1sdhhajEFAD5E7_IbH3sb5BOWtE8U0hGz6deg==
expires: 0

POST
H2 401 offlog-profiles Show response
api.openbank.es/ 124 B
1 KB 107ms
98ms XHR
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/offlog-profiles?includeProfile=true

Requested by

Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

600405836f1216195716dc4bf66b5fbb8929af22e1ed5da5926effc37435c72f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/json
Accept: application/json
openBankAuthToken
Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
version: 2

Response headers

date: Sun, 07 Jan 2024 13:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
traceresponse: 00-34cba3ec7544f62720509e1d4cf1f9af-ad55796d9cf4cd4d-01
x-cache: Error from cloudfront
openbankcorrelationid: af5fbdc6-72ce-47ff-a2d7-6759ac9b7a22
projectversion: gateway:2.16.15
x-xss-protection: 1; mode=block
artifactid: gateway
x-application-context: gateway:native,aws,prod:8443
pragma: no-cache
x-dt-tracestate: f2c0e308-a07e0240@dt
server: CloudFront
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
access-control-max-age: 3600
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kunden.openbank.de
access-control-expose-headers: ADRUM_0,ADRUM_1,ADRUM_2,ADRUM_3,ADRUM_4,ADRUM_5,ADRUM_6,ADRUM_7,ADRUM_8,ADRUM_9,ADRUM_10,ADRUM_11,ADRUM_12,ADRUM_13,ADRUM_14,ADRUM_15,ADRUM_16,ADRUM_17,ADRUM_18,logged-at
x-frame-options: SAMEORIGIN
access-control-allow-credentials: false
access-control-allow-headers: x-requested-with, authorization, content-type, openBankAuthToken, sessionToken, username, password, version, originCountry, openBankInteractionId, isOfficeAgent, openBankToken
x-amz-cf-id: hmkuDAp9wVj-5e_YLxY5qiZFAvgZO3anNF8dZg1y-PzUYW34ZIML8Q==

GET
H2 401 extended Show response
api.openbank.es/claves/cmc/ 128 B
1 KB 106ms
96ms XHR
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/claves/cmc/extended

Requested by

Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

33aadc6523559514d82e692e718ded2cea9ac4263e92f30e167865da48b1cc83

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, application/json
openBankAuthToken
Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
traceresponse: 00-a684e0100d734e03d74fcf4e7fd0fc34-cc9f0053241d2c94-01
x-cache: Error from cloudfront
openbankcorrelationid: 2e61f88c-df2b-4d3d-8f2a-b6fe3fefd59d
projectversion: gateway:2.16.15
x-xss-protection: 1; mode=block
artifactid: gateway
x-application-context: gateway:native,aws,prod:8443
pragma: no-cache
x-dt-tracestate: f2c0e308-a07e0240@dt
server: CloudFront
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
access-control-max-age: 3600
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kunden.openbank.de
access-control-expose-headers: ADRUM_0,ADRUM_1,ADRUM_2,ADRUM_3,ADRUM_4,ADRUM_5,ADRUM_6,ADRUM_7,ADRUM_8,ADRUM_9,ADRUM_10,ADRUM_11,ADRUM_12,ADRUM_13,ADRUM_14,ADRUM_15,ADRUM_16,ADRUM_17,ADRUM_18,logged-at
x-frame-options: SAMEORIGIN
access-control-allow-credentials: false
access-control-allow-headers: x-requested-with, authorization, content-type, openBankAuthToken, sessionToken, username, password, version, originCountry, openBankInteractionId, isOfficeAgent, openBankToken
x-amz-cf-id: CIx8Xg8chgzo7a_HC6fK5ZgcNkRtbN_TQ9yCrdzhRlEccUG-vIETAA==

GET
H2 200 web-feature-flagging Show response
api.openbank.es/config-reader-properties/values/ 22 KB
24 KB 192ms
182ms XHR
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/config-reader-properties/values/web-feature-flagging

Requested by

Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

e6e8af110014a73fc366ceba808975065be8d39ef14bb30872a296e8c3ab8161

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, application/json
openBankAuthToken
Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
traceresponse: 00-7759c567dd3b336ae8138686396cd69f-a2646057dcdf1f67-01, 00-7759c567dd3b336ae8138686396cd69f-dd111d6fb5997f52-01
x-cache: Miss from cloudfront
openbankcorrelationid: a09b1783-9818-4263-99a8-116a54667f88, a09b1783-9818-4263-99a8-116a54667f88
projectversion: gateway:2.16.15, config-reader:1.210.4
x-xss-protection: 1; mode=block
artifactid: gateway, config-reader
x-application-context: gateway:native,aws,prod:8443
pragma: no-cache
x-dt-tracestate: f2c0e308-a07e0240@dt, f2c0e308-a07e0240@dt
server: CloudFront
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36, Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
access-control-max-age: 3600
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kunden.openbank.de
access-control-expose-headers: ADRUM_0,ADRUM_1,ADRUM_2,ADRUM_3,ADRUM_4,ADRUM_5,ADRUM_6,ADRUM_7,ADRUM_8,ADRUM_9,ADRUM_10,ADRUM_11,ADRUM_12,ADRUM_13,ADRUM_14,ADRUM_15,ADRUM_16,ADRUM_17,ADRUM_18,logged-at
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: false
x-frame-options: SAMEORIGIN
access-control-allow-headers: x-requested-with, authorization, content-type, openBankAuthToken, sessionToken, username, password, version, originCountry, openBankInteractionId, isOfficeAgent, openBankToken
x-amz-cf-id: dRK6Ny_hicruqI7EMd3LPXSTeRXzZUyJueY-898enNTYgPwziAFZ7w==
expires: 0

POST
H2 401 bytype Show response
api.openbank.es/user/profile/address/ 136 B
1 KB 197ms
187ms XHR
application/json 18.173.154.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.openbank.es/user/profile/address/bytype

Requested by

Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-55.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

e7ba8b5d0742873e6a2fa6df6441411fe31b036f0078926e8dddf131d0cdfc12

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
openBankAuthToken
Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 07 Jan 2024 13:33:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
via: 1.1 66e1af4a9e82225c770ca97b3baaf86e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
traceresponse: 00-e6124825bc46cf49167ac7f10f96ca04-07c261a6b072e534-01
x-cache: Error from cloudfront
openbankcorrelationid: dd9c388b-0a0e-4e0e-8d44-f60d4959d172
projectversion: gateway:2.16.15
x-xss-protection: 1; mode=block
artifactid: gateway
x-application-context: gateway:native,aws,prod:8443
pragma: no-cache
x-dt-tracestate: f2c0e308-a07e0240@dt
server: CloudFront
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
access-control-max-age: 3600
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://kunden.openbank.de
access-control-expose-headers: ADRUM_0,ADRUM_1,ADRUM_2,ADRUM_3,ADRUM_4,ADRUM_5,ADRUM_6,ADRUM_7,ADRUM_8,ADRUM_9,ADRUM_10,ADRUM_11,ADRUM_12,ADRUM_13,ADRUM_14,ADRUM_15,ADRUM_16,ADRUM_17,ADRUM_18,logged-at
x-frame-options: SAMEORIGIN
access-control-allow-credentials: false
access-control-allow-headers: x-requested-with, authorization, content-type, openBankAuthToken, sessionToken, username, password, version, originCountry, openBankInteractionId, isOfficeAgent, openBankToken
x-amz-cf-id: NnHTmAWK5nxsQzaswoRsqnxtnqiEooSzMMdJEqCwQk74uCazDfVfpA==

GET
H2 200 8013fd3e.js Show response
bcdn.openbank.com/scripts/8013fd3e/ 771 KB
129 KB 198ms
45ms Script
application/javascript 2600:9000:20c3:b600:1a:22b2:e080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcdn.openbank.com/scripts/8013fd3e/8013fd3e.js
Requested by: Host: kunden.openbank.de
URL: https://kunden.openbank.de/myprofile/global
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:b600:1a:22b2:e080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1224046cdebc68cb5397ed9e2ee32ee91b7f8f51f5d4e0ec9f3954819bc5288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 ae3f020e2e89e632d339db198e9ba75a.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 02:28:01 GMT
x-amz-cf-pop: MUC50-C1
age: 39906
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 131206
last-modified: Wed, 22 Feb 2023 15:12:04 GMT
server: AmazonS3
etag: "e3e3cd84b5874c98e48ad17eebfa76c3"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: spxBGtlqiov_ThZdQxeDpdPcsfc52oU-OQu2zC5j6YdrA9hYYLNiHQ==

GET
H2 200 OpenbankFont_v051.ttf
kunden.openbank.de/fonts/ 107 KB
60 KB 43ms
43ms Font
font/ttf 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kunden.openbank.de/fonts/OpenbankFont_v051.ttf

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/style.index.8ecd15a0705d73027158.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

a5a3ec74c2b92b9a2f7e3ee2264b6c6ee55640f59f2b012d9a3cd3bd595eb7ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kunden.openbank.de/style.index.8ecd15a0705d73027158.css
Origin: https://kunden.openbank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 13:31:57 GMT
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 92
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 15:39:29 GMT
server: Apache
etag: W/"1ad98-60d06e7baae40"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: font/ttf
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: false
vary: Accept-Encoding
x-amz-cf-id: iwFYLLjd__YX-ZPab_dH3lZg2BM0fZ9u7rV2h1bFbcE6OkOrHxdihA==

GET
H2 200 3bb7d870aea42a32a7d189259f7d1f34.svg
kunden.openbank.de/ 11 KB
5 KB 45ms
45ms Image
image/svg+xml 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kunden.openbank.de/3bb7d870aea42a32a7d189259f7d1f34.svg

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/myprofile/global

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

335d782ee834eb1012d659dd3fef9aaba0e8900e74edcbd74baa9ff494ac0b01

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/myprofile/global
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 18:27:19 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 6375946
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Oct 2023 11:51:29 GMT
server: Apache
etag: W/"2bf4-608106055d240"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: image/svg+xml
access-control-max-age: 86400
cache-control: max-age=31536000, public
access-control-allow-credentials: false
vary: Accept-Encoding
x-amz-cf-id: YPhj8tDF0UM7aEFHVGo-ctD_tjT-_3bhhWPXsdx_MjnKIZ-Id3MJrw==

GET
BLOB 200
OK 9bc94d3a-95a8-4588-9d65-64f0fea20198
https://kunden.openbank.de/ 184 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kunden.openbank.de/9bc94d3a-95a8-4588-9d65-64f0fea20198
Requested by: Host: kunden.openbank.de
URL: https://kunden.openbank.de/myprofile/global
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11fde77846300adaafcf48b5958b04bc7742a609139209ec3b0dddde0ac4a17b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length: 188704
Content-Type

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 194 KB
65 KB 150ms
64ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyC1E_8gldva1_W1yspH1v_i983i70_EcFU&libraries=places

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/myprofile/global

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c3876b6e5b1f69fb6dd6ee1e5ed0e3bb8895f6ed4bb615ad43a28636d293d24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66708
x-xss-protection: 0

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 145ms
62ms XHR
application/json 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://kunden.openbank.de
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 utag.21.js Show response
teal.openbank.de/web-ok-de/prod/ 54 KB
11 KB 41ms
40ms Script
application/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://teal.openbank.de/web-ok-de/prod/utag.21.js?utv=ut4.49.202401021244
Requested by: Host: teal.openbank.de
URL: https://teal.openbank.de/web-ok-de/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1310e04561c9437e2763908669ce8b5dd1f033d756376da53439190f78867ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: r65uvGY_ByRkqKkDTvzXZ7y0A52Hsfm_
content-encoding: br
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront), 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 13:30:22 GMT
last-modified: Thu, 04 Jan 2024 11:40:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C2
age: 194
x-amz-server-side-encryption: AES256
etag: W/"b164423547510db41492c529698098ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: wUtp_K6SmKO4AAHnOdiZw0rH9BVmchcnQihDhr-PDJdwM8x2692jLg==

GET
H2 200 utag.12.js Show response
teal.openbank.de/web-ok-de/prod/ 38 KB
9 KB 41ms
41ms Script
application/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://teal.openbank.de/web-ok-de/prod/utag.12.js?utv=ut4.49.202310021347
Requested by: Host: teal.openbank.de
URL: https://teal.openbank.de/web-ok-de/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e43bbb67b79a9861b340aeb57691806ac47fc353d4d116795086b7fd6a523998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 7GzF1ZvH8gEACaQF.BXx.G31k098liDo
content-encoding: br
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront), 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 13:28:52 GMT
last-modified: Thu, 04 Jan 2024 11:40:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C2
age: 285
x-amz-server-side-encryption: AES256
etag: W/"890d9ed573afe021030607c1d393a2b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vJ35V9kMHaq3crKAK7c5ntI9vnVtrfPbWbR4uL_I_aXTwovv2iVRRw==

GET
H2 200 utag.43.js Show response
teal.openbank.de/web-ok-de/prod/ 42 KB
9 KB 42ms
42ms Script
application/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://teal.openbank.de/web-ok-de/prod/utag.43.js?utv=ut4.49.202401021244
Requested by: Host: teal.openbank.de
URL: https://teal.openbank.de/web-ok-de/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c53331f68e402cbd22f3ff8337603b60a0d2ceed89d487a0480cc1ed311abd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: wTP.nw.N98EyCfy7gZS741E5IIU7tfKp
content-encoding: br
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront), 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
date: Sun, 07 Jan 2024 13:30:22 GMT
last-modified: Thu, 04 Jan 2024 11:40:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, FRA56-C2
age: 194
x-amz-server-side-encryption: AES256
etag: W/"65db4ed18eb56a760d6bfac7802fb27b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: lrUYWIyhq-8GajnSfmv190BcrskL1rGL0r6AiyEW5arBJoKwOuVdKQ==

GET
H2 404 appleicon.svg
kunden.openbank.de/assets/static/cookies/de/ 4 KB
4 KB 42ms
42ms Image
text/html 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kunden.openbank.de/assets/static/cookies/de/appleicon.svg

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/myprofile/global

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

753eadb71059d70847a05ea5f590b02322125c109db6937f5aaed71149c32fd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/myprofile/global
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:03 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 3
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 15:39:30 GMT
server: Apache
etag: W/"11a2-60d06e7c9f080"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: text/html
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: false
vary: Accept-Encoding
x-amz-cf-id: N4fKiPOM8WCplVMX_s1bxl8SQ976fDyZzp3rWLWeurtQhqwkxRq3WA==

GET
H2 404 googleicon.svg
kunden.openbank.de/assets/static/cookies/de/ 4 KB
4 KB 43ms
43ms Image
text/html 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kunden.openbank.de/assets/static/cookies/de/googleicon.svg

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/myprofile/global

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-107.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

753eadb71059d70847a05ea5f590b02322125c109db6937f5aaed71149c32fd8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/myprofile/global
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:03 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 3
x-cache: Error from cloudfront
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Dec 2023 15:39:30 GMT
server: Apache
etag: W/"11a2-60d06e7c9f080"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, HEAD
content-type: text/html
access-control-max-age: 86400
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: false
vary: Accept-Encoding
x-amz-cf-id: -3Ekz5SzTGr76txFvZJE_aiv70GdJjmGXBINN0MU3TUDLplTtkbCUQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 176 KB
65 KB 141ms
54ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-50528584-6

Requested by

Host: teal.openbank.de
URL: https://teal.openbank.de/web-ok-de/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e58d01ba929842ebadb82fc7f6d90b5f030ae7b87bcbc7e13f1e92191b0b5704

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65785
x-xss-protection: 0
last-modified: Sun, 07 Jan 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 07 Jan 2024 13:33:06 GMT

POST
H2 200 i.gif Show response
even.openbank.de/ods/web-ok-de/2/ 43 B
759 B 137ms
44ms XHR
image/gif 35.71.143.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://even.openbank.de/ods/web-ok-de/2/i.gif
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.143.211 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a126ff6b07ca40eab.awsglobalaccelerator.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryPeyAwgr3BlvsdGYN

Response headers

date: Sun, 07 Jan 2024 13:33:06 GMT
x-serverid: uconnect_i-08e9eadce08faf8c7
x-tid: 018ce4207b89000fc674b11448d203074001b06c00b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ods:web-ok-de:2:datacloud
x-region: eu-central-1
content-length: 43
pragma: no-cache
x-did: 018ce4207b89000fc674b11448d203074001b06c00b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://kunden.openbank.de
x-ulver: eea0e3e72333670598197c274b6e00dfd7c24755-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 41ed018a-105d-4aa8-9ac3-abdaa7a75fee
expires: Sun, 07 Jan 2024 13:33:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-50528584-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 07 Jan 2024 11:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6289
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 07 Jan 2024 13:48:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 279 KB
92 KB 50ms
49ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSY44TW7ZS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-50528584-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

588af3b6c18a5cf8cdefe9caa11d0a8772878798bded76b15eeef9dceabb26ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 13:33:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94044
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jan 2024 13:33:06 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 136ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RSY44TW7ZS&gtm=45je4130v9135515203&_p=1704634386575&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1744251031.1704634387&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704634386&sct=1&seg=0&dl=https%3A%2F%2Fkunden.openbank.de%2Fmyprofile%2Fglobal&dt=Openbank&en=interaction&_fv=1&_nsi=1&_ss=2&_ee=1&ep.currentURL=https%3A%2F%2Fkunden.openbank.de%2Fmyprofile%2Fglobal&ep.eventAction=modal%20timeout%2Fsesion-caducada&ep.eventLabel=vista&ep.fixedURL=https%3A%2F%2Fkunden.openbank.de%2Fmyprofile%2Fglobal&ep.project=ok&ep.tealium_environment=prod&ep.tealium_profile=web-ok-de&ep.userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&ep.userIP=T31ygTfuS8UHKOpR0lfRwSFRMvQWNPbq20dc3%2B2CZILofbE7EZFaRjHOCiCfJ4ewX%2BBQEwoRpb5jlFqOQdQ%2FQ0fvIlNLjFgHqvlEg2L6J8DdPu7QNPDSIQHqBFz5N%2FAMoHLIlpMjnruW7h4oWlxK2PjeUhRe2VTNV8weBeSmRxHuHoQrH1cAzxItWA%2BkB7%2BmQFeC5sfwivuFy3PtgMOXfzj0YXQPbV3VZFl%2BU1I4JgtbWWyOB%2FPp2pFJcpTCgKsTuMYU0Ic0B42Cp7KXJVE2echHXkohoCXB2tHEviJ2fCKYCxqOm9t33HQAgUxaaGXwRFqFFBRXZ%2ByUchK2mJkOkw%3D%3D&ep.userMarket=DE&ep.userStatus=logado&ep.userTypeEvent=Cliente&ep.webArea=zona%20privada&ep.webVersion=desktop&ep.appLang=es&up.blGA4=on&up.blocker=off&up.tealium_visitor_id=018ce4207b89000fc674b11448d203074001b06c00b08&up.userType=Cliente&tfd=5265
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RSY44TW7ZS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:33:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kunden.openbank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 41ms
40ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=953172737&t=event&_s=1&dl=https%3A%2F%2Fkunden.openbank.de%2Fmyprofile%2Fglobal&ul=en-us&de=UTF-8&dt=Openbank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=modal%20timeout%2Fsesion-caducada&el=vista&_u=4CDACQABBAAAAAAAIg~&cid=1744251031.1704634387&tid=UA-50528584-6&_gid=1531415223.1704634387&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd3=Cliente&cd4=Cliente&cd5=T31ygTfuS8UHKOpR0lfRwSFRMvQWNPbq20dc3%2B2CZILofbE7EZFaRjHOCiCfJ4ewX%2BBQEwoRpb5jlFqOQdQ%2FQ0fvIlNLjFgHqvlEg2L6J8DdPu7QNPDSIQHqBFz5N%2FAMoHLIlpMjnruW7h4oWlxK2PjeUhRe2VTNV8weBeSmRxHuHoQrH1cAzxItWA%2BkB7%2BmQFeC5sfwivuFy3PtgMOXfzj0YXQPbV3VZFl%2BU1I4JgtbWWyOB%2FPp2pFJcpTCgKsTuMYU0Ic0B42Cp7KXJVE2echHXkohoCXB2tHEviJ2fCKYCxqOm9t33HQAgUxaaGXwRFqFFBRXZ%2ByUchK2mJkOkw%3D%3D&cd6=logado&cd7=DE&cd8=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.129%20Safari%2F537.36&cd11=off&cd12=%2Fmyprofile%2Fglobal&cd14=es&cd15=zona%20privada&cd16=desktop&cd18=https%3A%2F%2Fkunden.openbank.de%2Fmyprofile%2Fglobal&cd69=prod&cd80=web-ok-de&cd95=ok&did=dYmQxMT&gdid=dYmQxMT&z=626683477

Requested by

Host: kunden.openbank.de
URL: https://kunden.openbank.de/myprofile/global

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jan 2024 21:51:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56483
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bf Show response
bf08078zsq.bf.dynatrace.com/ 654 B
928 B 206ms
55ms XHR
text/plain 3.254.43.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bf08078zsq.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_-2D86_sn_5KUTOMA9A9R6ITAC1C7P0SL0EU0P15KM&svrid=-86&flavor=cors&vi=VVAJBPOUUCGTHEEIPMDQLPKMAULHKPUK-0&modifiedSince=1690205376630&rf=https%3A%2F%2Fkunden.openbank.de%2F&bp=3&app=2ddf784f46f45581&crc=3777689905&en=px3tfl1n&end=1
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.254.43.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-254-43-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bae0baddcfcefc8a907562d830a32fba0a4d65fa1f7b86284699a0c42eadaddb

Request headers

Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kunden.openbank.de
x-oneagent-js-injection: true
date: Sun, 07 Jan 2024 13:33:08 GMT
cache-control: no-cache
content-length: 654
content-type: text/plain;charset=utf-8

POST
H2 200 bf Show response
bf08078zsq.bf.dynatrace.com/ 208 B
482 B 55ms
55ms XHR
text/plain 3.254.43.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bf08078zsq.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_10_sn_5KUTOMA9A9R6ITAC1C7P0SL0EU0P15KM_app-3A2ddf784f46f45581_1_ol_0_perc_100000_mul_1&svrid=10&flavor=cors&vi=VVAJBPOUUCGTHEEIPMDQLPKMAULHKPUK-0&modifiedSince=1702561481178&rf=https%3A%2F%2Fkunden.openbank.de%2Fmyprofile%2Fglobal&bp=3&app=2ddf784f46f45581&crc=20591010&en=px3tfl1n&end=1
Requested by: Host: js-cdn.dynatrace.com
URL: https://js-cdn.dynatrace.com/jstag/1623d230d17/bf08078zsq/2ddf784f46f45581_complete.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.254.43.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-254-43-184.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 391723f1152f1b40c767bd2c55f8ce87d718a298cfabe06ca97624357fcf918a

Request headers

Referer: https://kunden.openbank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://kunden.openbank.de
x-oneagent-js-injection: true
date: Sun, 07 Jan 2024 13:33:10 GMT
cache-control: no-cache
content-length: 208
content-type: text/plain;charset=utf-8

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/ 256 KB
57 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC1E_8gldva1_W1yspH1v_i983i70_EcFU&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3daaf758d40f1432a0dcfa5c8e2a97266c130a9b2c0788a8b1e28b3add4597a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:45:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57681
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Jan 2025 17:45:32 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/ 174 KB
54 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC1E_8gldva1_W1yspH1v_i983i70_EcFU&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045637e2a04f41a74b2a44ee4556803352cb2f5a620bfeae853cf2ce0259646d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 06:55:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 542253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55191
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Dec 2024 06:55:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RSY44TW7ZS&gtm=45je4130v9135515203&_p=1704634386575&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&gdid=dYmQxMT&cid=1744251031.1704634387&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704634386&sct=1&seg=0&dl=https%3A%2F%2Fkunden.openbank.de%2Fmyprofile%2Fglobal&dt=Openbank&en=scroll&epn.percent_scrolled=90&_et=2&tfd=10270
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RSY44TW7ZS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://kunden.openbank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jan 2024 13:33:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kunden.openbank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.openbank.de/	1969-12-31 23:59:59	Name: rxVisitor Value: 1704634382858J1VT99A7JG91OCF5DOFS5LH3EL7LU8VE
.openbank.de/	1969-12-31 23:59:59	Name: dtSa Value: -
kunden.openbank.de/	1970-01-21 02:16:10	Name: ok-cookiebite Value: 3291224154-20240000-000001-1704636184552
.openbank.de/	1969-12-31 23:59:59	Name: cdContextId Value: 1
.openbank.de/	1970-01-21 02:16:10	Name: bmuid Value: 1704634386149-F6E9188E-6379-464C-BE97-5259BAC3D4E1
.openbank.de/	1970-01-20 17:30:37	Name: cdSNum Value: 1704634386296-sjn0000178-6985e67a-7281-4cbd-8bb0-f9ac812192a8
.openbank.de/	1970-01-21 03:06:34	Name: fpc_tipoUsuario Value: cliente
.even.openbank.de/	1970-01-21 02:16:10	Name: TAPID Value: ods/web-ok-de>018ce4207b89000fc674b11448d203074001b06c00b08\|
.openbank.de/	1970-01-21 02:16:10	Name: utag_main Value: v_id:018ce4207b89000fc674b11448d203074001b06c00b08$_sn:1$_se:1$_ss:1$_st:1704636183242$ses_id:1704634383242%3Bexp-session$_pn:1%3Bexp-session$bloqueador:off$_prevpage:%3Bexp-1704637986584$blGA:on$dc_visit:1$dc_event:1%3Bexp-session$dc_region:eu-central-1%3Bexp-session
.openbank.de/	1970-01-21 03:06:34	Name: _ga Value: GA1.2.1744251031.1704634387
.openbank.de/	1970-01-21 03:06:34	Name: _ga_RSY44TW7ZS Value: GS1.2.1704634386.1.0.1704634386.0.0.0
.openbank.de/	1970-01-20 17:32:00	Name: _gid Value: GA1.2.1531415223.1704634387
.openbank.de/	1969-12-31 23:59:59	Name: rxvt Value: 1704636187010\|1704634382859
.openbank.de/	1969-12-31 23:59:59	Name: dtPC Value: -86$34382857_638h-vVVAJBPOUUCGTHEEIPMDQLPKMAULHKPUK-0e0
.openbank.de/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_10_sn_5KUTOMA9A9R6ITAC1C7P0SL0EU0P15KM_app-3A2ddf784f46f45581_1_ol_0_perc_100000_mul_1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kunden.openbank.de/assets/static/cookies/de/appleicon.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kunden.openbank.de/assets/static/cookies/de/googleicon.svg Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://kunden.openbank.de/app.index.8ecd15a0705d73027158.js Message: The specified value "!" does not conform to the required format. The format is "#rrggbb" where rr, gg, bb are two-digit hexadecimal numbers.
network	error	URL: https://api.openbank.es/offlog-profiles?includeProfile=true Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.openbank.es/claves/cmc/extended Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://api.openbank.es/user/profile/address/bytype Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://kunden.openbank.de/assets/static/cookies/de/appleicon.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kunden.openbank.de/assets/static/cookies/de/googleicon.svg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.openbank.es
assets.openbank.com
bcdn.openbank.com
bf08078zsq.bf.dynatrace.com
code.jquery.com
even.openbank.de
js-cdn.dynatrace.com
kunden.openbank.de
maps.googleapis.com
region1.google-analytics.com
tags.tiqcdn.com
teal.openbank.de
unpkg.com
www.google-analytics.com
www.googletagmanager.com
13.32.27.38
18.173.154.55
2001:4860:4802:32::36
2600:9000:20b4:be00:4:de86:dd80:93a1
2600:9000:20c3:b600:1a:22b2:e080:93a1
2600:9000:223e:fe00:7:2bfb:7c00:93a1
2606:4700::6810:7aaf
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:827::200e
2a04:4e42:200::649
3.254.43.184
35.71.143.211
52.222.149.13
65.9.66.107
65.9.66.91
0352f10d41c621ec4f89daeac8d271892831c00234177038ca64254e8e489e0e
045637e2a04f41a74b2a44ee4556803352cb2f5a620bfeae853cf2ce0259646d
04c9815f411e9c9657274d8a32b3b5aef650cfb4fdebd8097fd5dd980e434faf
092e3b681fad365a891751ed760b1807cadcb99ed8c4019142b87c2180a33233
11fde77846300adaafcf48b5958b04bc7742a609139209ec3b0dddde0ac4a17b
1310e04561c9437e2763908669ce8b5dd1f033d756376da53439190f78867ef4
146664f5f7c0f4787a0eaf09eed07fdcc38eaa53a45c92d548d32aafd3a8fe39
2625609ab20dd11ca3e0216511403a9a89988f6205eafc5d42fc1b4673f0b2ec
2f4753874ffeee0aac98e78383f4aa56f5794869bcdf3c26b22ef6f04bcc862d
335d782ee834eb1012d659dd3fef9aaba0e8900e74edcbd74baa9ff494ac0b01
33aadc6523559514d82e692e718ded2cea9ac4263e92f30e167865da48b1cc83
391723f1152f1b40c767bd2c55f8ce87d718a298cfabe06ca97624357fcf918a
413dead3dfc9895fa7689eab0ab75eb149f8bfffa586f640831dc56811c0c423
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4fca45e77f2ac3bcff26ee980599bba77632310b766ee2dbff533457f0dd76e6
588af3b6c18a5cf8cdefe9caa11d0a8772878798bded76b15eeef9dceabb26ab
5c5b8a5186db19cb19f26b4449c55563d2105e39a580946fc55ee2e0fb2912ec
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
600405836f1216195716dc4bf66b5fbb8929af22e1ed5da5926effc37435c72f
60a1f8057c2c253128f504457353d3857625fcba14f125983508149855dda018
64e52e4382686e0d0040361ea04b52b35f6c53b11ed30764cb1a33141515b18b
753eadb71059d70847a05ea5f590b02322125c109db6937f5aaed71149c32fd8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c53331f68e402cbd22f3ff8337603b60a0d2ceed89d487a0480cc1ed311abd0
9e392c2fea2e0b1b283b5e79fdd8993ad3f304d4987f1f8e00a40844d4eb088b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5a3ec74c2b92b9a2f7e3ee2264b6c6ee55640f59f2b012d9a3cd3bd595eb7ac
acf74b24a6a3cd9f852f2a23687a5794f37ac460f3ea8ecefe0aae7c57b4f5e7
b28ae79f45e7ca9f9267b04586577674df48546394ee91bf30a0d8aff3b6e85c
b3daaf758d40f1432a0dcfa5c8e2a97266c130a9b2c0788a8b1e28b3add4597a
bae0baddcfcefc8a907562d830a32fba0a4d65fa1f7b86284699a0c42eadaddb
c3876b6e5b1f69fb6dd6ee1e5ed0e3bb8895f6ed4bb615ad43a28636d293d24b
c95ee0d72c0c1840bb498ac0530a924c251935bd63456edefc4a8ff5cd671a2d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1224046cdebc68cb5397ed9e2ee32ee91b7f8f51f5d4e0ec9f3954819bc5288
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43bbb67b79a9861b340aeb57691806ac47fc353d4d116795086b7fd6a523998
e58d01ba929842ebadb82fc7f6d90b5f030ae7b87bcbc7e13f1e92191b0b5704
e6e8af110014a73fc366ceba808975065be8d39ef14bb30872a296e8c3ab8161
e7ba8b5d0742873e6a2fa6df6441411fe31b036f0078926e8dddf131d0cdfc12
f8c6fcd7ceb50bf3d6e197bdf459c45c3e02ef069cb67102d2a4f113d573b014

kunden.openbank.de Open in urlscan Pro 65.9.66.107 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

98 %HTTPS

56 %IPv6

10 Domains

15 Subdomains

16 IPs

3 Countries

14188 kBTransfer

63593 kBSize

15 Cookies

3 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kunden.openbank.de Open in urlscan Pro
65.9.66.107 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

98 %
HTTPS

56 %
IPv6

10
Domains

15
Subdomains

16
IPs

3
Countries

14188 kB
Transfer

63593 kB
Size

15
Cookies

51 HTTP transactions
3 data transactions