urlscan.io logo urlscan.io
SecurityTrails logo

openaccount.bankaustria.at Open in urlscan Pro
213.134.66.122  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://openaccount.bankaustria.at/
Effective URL: https://openaccount.bankaustria.at/de.html
Submission: On October 31 via automatic, source certstream-suspicious — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 22 HTTP transactions. The main IP is 213.134.66.122, located in Italy and belongs to UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT. The main domain is openaccount.bankaustria.at.
TLS certificate: Issued by Actalis Organization Validated Server... on May 22nd 2023. Valid for: a year.
This is the only time openaccount.bankaustria.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 213.134.66.122 15515 (UNICREDIT...)
4 192.229.233.55 15133 (EDGECAST)
5 104.17.182.88 13335 (CLOUDFLAR...)
1 35.181.78.63 16509 (AMAZON-02)
22 5
Apex Domain
Subdomains		 Transfer
13 bankaustria.at
openaccount.bankaustria.at
811 KB
5 report-uri.com
478166bbb56685e64b14e7172b0bd05c.report-uri.com
2 KB
3 trustcommander.net
cdn.trustcommander.net — Cisco Umbrella Rank: 33188
privacy.trustcommander.net — Cisco Umbrella Rank: 56354
45 KB
2 tagcommander.com
cdn.tagcommander.com — Cisco Umbrella Rank: 14992
233 KB
22 4
Domain Requested by
13 openaccount.bankaustria.at 1 redirects openaccount.bankaustria.at
5 478166bbb56685e64b14e7172b0bd05c.report-uri.com openaccount.bankaustria.at
cdn.tagcommander.com
cdn.trustcommander.net
2 cdn.trustcommander.net cdn.tagcommander.com
2 cdn.tagcommander.com openaccount.bankaustria.at
1 privacy.trustcommander.net cdn.trustcommander.net
22 5

This site contains links to these domains. Also see Links.

Domain
www.bankaustria.at
Subject Issuer Validity Valid
openaccount.bankaustria.at
Actalis Organization Validated Server CA G3		 2023-05-22 -
2024-05-22		 a year crt.sh
cdn.tagcommander.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-23 -
2024-04-22		 a year crt.sh
report-uri.com
E1		 2023-09-30 -
2023-12-29		 3 months crt.sh
*.trustcommander.net
Thawte RSA CA 2018		 2023-02-09 -
2024-03-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://openaccount.bankaustria.at/de.html
Frame ID: EFCFC3310DE2DED7C107A572615035BF
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

de

Page URL History Show full URLs

  1. https://openaccount.bankaustria.at/ HTTP 301
    https://openaccount.bankaustria.at/de.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • \.tagcommander\.com

Page Statistics

22
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

4
Countries

1090 kB
Transfer

3081 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://openaccount.bankaustria.at/ HTTP 301
    https://openaccount.bankaustria.at/de.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request de.html
openaccount.bankaustria.at/
Redirect Chain
  • https://openaccount.bankaustria.at/
  • https://openaccount.bankaustria.at/de.html
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
5150b5d3a433c8655c1a0818886088db07dcddb3631ae73fb33659db5eaa0c98
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2245
Content-Security-Policy
upgrade-insecure-requests;
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Content-Type
text/html
Date
Tue, 31 Oct 2023 10:00:35 GMT
ETag
"1bb1-608f8106a4e27"
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 31 Oct 2023 00:16:20 GMT
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; preload
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
250
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 31 Oct 2023 10:00:35 GMT
Keep-Alive
timeout=5, max=100
Location
https://openaccount.bankaustria.at/de.html
Strict-Transport-Security
max-age=31536000; preload
vue.min.js
openaccount.bankaustria.at/etc/designs/oacAustria/assets/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/assets/js/vue.min.js
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
309fbabff84fc5d37b4526113ee36e71aca5b4d656a5faa9b8dae23dec63e526
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:35 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Connection
Keep-Alive
Content-Length
34063
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 07:23:35 GMT
ETag
"16df0-608fe0861a990"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
pdf.js
openaccount.bankaustria.at/etc/designs/oacAustria/assets/js/pdfjs/build/ 		515 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/assets/js/pdfjs/build/pdf.js
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
e8ebed2f5644bb7043ca1d36125537db9ccd6aab7ab6d13df2c22e34990adb0d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:35 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 00:27:08 GMT
ETag
"80cd2-608f8370dff8e"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
vendors.min.86d742dc1fea68677b67c9722b24c106.css
openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/ 		120 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/vendors.min.86d742dc1fea68677b67c9722b24c106.css
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
cbd4f8a889d70c093ac062dcd1c06f1c59b9266c28cda7f455316175da6f7c4c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:35 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Connection
Keep-Alive
Content-Length
21883
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 04:22:27 GMT
ETag
"1df6b-608fb8093c39c"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
vendors.min.7317df0210a17e49c17133eff6d4dd54.js
openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/ 		496 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/vendors.min.7317df0210a17e49c17133eff6d4dd54.js
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
9183d0c40083d6798d093ea624376f5e4cc5a98bf8d88d1bf346db0b83c47a1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:35 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 09:10:49 GMT
ETag
"7c1bc-608ff87dd9d33"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
common.min.25de68fb044e13f965a61d43d14fc8cd.css
openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/ 		212 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/common.min.25de68fb044e13f965a61d43d14fc8cd.css
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
2e2b666d012a5057aeb2d91a9d15da3b89ae79b94a42ef6e8f2e5bdcb17ba0e0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:35 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Connection
Keep-Alive
Content-Length
34430
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 00:17:05 GMT
ETag
"350e8-608f813146145"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
tc_BankAustria_header_21.js
cdn.tagcommander.com/4324/ 		146 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagcommander.com/4324/tc_BankAustria_header_21.js
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F341) /
Resource Hash
d23b2f6c172af6b50ae0f70e6a696ce68bca70127983afd0bf45c9570a2a1fe8

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:00:35 GMT
content-encoding
gzip
x-cdn
VDMS
age
81011
x-amz-request-id
CSQN09NVEHB3X2Q6
x-cache
HIT
content-length
33596
x-amz-id-2
Hhz7vzYZVXe4LzlDO3BQdCrCbV/zTudxHQOW4KVzipZN4TwzBnqdAnB7rS7BVqbbXh4vpsuHbIA=
last-modified
Fri, 02 Jun 2023 11:17:16 GMT
server
ECS (via/F341)
etag
"b8405ce5e9f490965d673576f06009ec+gzip"
access-control-max-age
31536000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, must-revalidate
vary
Accept-Encoding
logo-at.svg
openaccount.bankaustria.at/etc/designs/oacAustria/assets/img/header/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/assets/img/header/logo-at.svg
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:35 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 00:17:05 GMT
Content-Security-Policy
upgrade-insecure-requests;
ETag
"243b-608f8131413bd"
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9275
X-XSS-Protection
1; mode=block
common.min.758edb79d6b44f1cf85818a64abaa233.js
openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/ 		94 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/common.min.758edb79d6b44f1cf85818a64abaa233.js
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
a46747c8e012187754af4940d4acc4f416fa1b2b7de2b5591173beedd16aa9e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:35 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Connection
Keep-Alive
Content-Length
19986
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 00:16:16 GMT
ETag
"1769e-608f8102c6d99"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
analytics.min.d73d65af4737f86447f2e07af4c9643f.js
openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/ 		890 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/analytics.min.d73d65af4737f86447f2e07af4c9643f.js
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
bc285ee351de0e000392b9be74d1a48a95548a15e8722bff3b0acdd7813d5bfd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:36 GMT
Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Connection
Keep-Alive
Content-Length
418
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 06:10:41 GMT
ETag
"37a-608fd03ad6e30"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
reportOnly
478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/ 		0
595 B 		Other
General
Check archive.org
Download Go to
Full URL
https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://openaccount.bankaustria.at/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 31 Oct 2023 10:00:36 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
81eb0d49fd37bbf2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
1568887941689.png
openaccount.bankaustria.at/content/account-opening-online-at/de/jcr:content/herobanner/image.img.png/ 		330 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://openaccount.bankaustria.at/content/account-opening-online-at/de/jcr:content/herobanner/image.img.png/1568887941689.png
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/de.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
d56bc6c917b045dfea3b01da88198244c5acc86f7c2b29ccd4538d121f9def3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/de.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:36 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 10:00:36 GMT
Content-Security-Policy
upgrade-insecure-requests;
ETag
W/"526e6-6090039e449e8"
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
337638
X-XSS-Protection
1; mode=block
unicredit-regular.otf
openaccount.bankaustria.at/etc/designs/oacAustria/assets/fonts/ 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/assets/fonts/unicredit-regular.otf
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/common.min.25de68fb044e13f965a61d43d14fc8cd.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/common.min.25de68fb044e13f965a61d43d14fc8cd.css
Origin
https://openaccount.bankaustria.at
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:36 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 05:02:12 GMT
Content-Security-Policy
upgrade-insecure-requests;
ETag
"186c0-608fc0ec10861"
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
100032
X-XSS-Protection
1; mode=block
UC-menu_V2.woff
openaccount.bankaustria.at/etc/designs/oacAustria/assets/fonts/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://openaccount.bankaustria.at/etc/designs/oacAustria/assets/fonts/UC-menu_V2.woff
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/common.min.25de68fb044e13f965a61d43d14fc8cd.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.134.66.122 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
Software
/
Resource Hash
8ce32fc88c7147050986ec0af644db1086dd0caf1459bd98382d73e45af547d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/common.min.25de68fb044e13f965a61d43d14fc8cd.css
Origin
https://openaccount.bankaustria.at
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 10:00:36 GMT
Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 31 Oct 2023 05:02:12 GMT
Content-Security-Policy
upgrade-insecure-requests;
ETag
"29a4-608fc0ec14eb1"
Content-Security-Policy-Report-Only
default-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' ; img-src 'self' data: ; font-src 'self' ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; object-src 'none'; report-uri https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10660
X-XSS-Protection
1; mode=block
reportOnly
478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/ 		0
240 B 		Other
General
Check archive.org
Download Go to
Full URL
https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/vendors.min.7317df0210a17e49c17133eff6d4dd54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://openaccount.bankaustria.at/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 31 Oct 2023 10:00:36 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
81eb0d49fd38bbf2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
tc_BankAustria_footer_20.js
cdn.tagcommander.com/4324/ 		790 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js
Requested by
Host: openaccount.bankaustria.at
URL: https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/vendors.min.7317df0210a17e49c17133eff6d4dd54.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F338) /
Resource Hash
f5860a86e2fb427bfe827945db8f2656b020684f34ff80150238757b404ab41e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:00:36 GMT
content-encoding
gzip
x-cdn
VDMS
age
12697
x-amz-request-id
SMRD4XJE8CR7ZGAN
x-cache
HIT
content-length
204127
x-amz-id-2
ZAUrXlyoC5ar6K6/pbWV5cW/nx4NsdLsGg5pz25AMq1j98+cwiH+2DWlSaTpf202ZD54Re7xY0s=
last-modified
Wed, 18 Oct 2023 06:26:59 GMT
server
ECS (via/F338)
etag
"4b5bcbea8a10da66574ebadcd8f173dd+gzip"
access-control-max-age
31536000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, must-revalidate
vary
Accept-Encoding
reportOnly
478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/ 		0
240 B 		Other
General
Check archive.org
Download Go to
Full URL
https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://openaccount.bankaustria.at/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 31 Oct 2023 10:00:36 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
81eb0d4a5d8abbf2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
privacy_v2_8.js
cdn.trustcommander.net/privacy/4324/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustcommander.net/privacy/4324/privacy_v2_8.js
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F336) /
Resource Hash
e031cc6f7757d69e81862a3fbb0ef380cf812e3218c1397fabb9e5f527887df7

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:00:36 GMT
content-encoding
gzip
x-cdn
VDMS
age
344
x-amz-request-id
4P85JTQWJ494PY2M
x-cache
HIT
content-length
22456
x-amz-id-2
ohVlDm5YHa8I8v6IY1Gi0s1RYQcUfAG5ZlTZ6ZLlPy9WIj+wi8hFGN52auahvHV5PZ+i57lrIEQ=
last-modified
Wed, 18 Oct 2023 09:53:24 GMT
server
ECS (via/F336)
etag
"b2d97017f4ba5cf4a77a74bb1ee7fee8+gzip"
access-control-max-age
31536000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, must-revalidate
vary
Accept-Encoding
reportOnly
478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/ 		0
239 B 		Other
General
Check archive.org
Download Go to
Full URL
https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.182.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://openaccount.bankaustria.at/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 31 Oct 2023 10:00:36 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
81eb0d4a5d93bbf2-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
privacy_v2_9.js
cdn.trustcommander.net/privacy/4324/ 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustcommander.net/privacy/4324/privacy_v2_9.js
Requested by
Host: cdn.tagcommander.com
URL: https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 Marlborough, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F347) /
Resource Hash
2d16b4f6c053221971982de32e2a1afc7d350b799f77da6ae9fcf5042e95d96e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://openaccount.bankaustria.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 10:00:36 GMT
content-encoding
gzip
x-cdn
VDMS
age
343
x-amz-request-id
JMYH43ND5ZH6T5QY
x-cache
HIT
content-length
22343
x-amz-id-2
z/9wtwi1fsXttOCtikF1YdiQ/NlPsAfISZfDMM41EfxGwugv8CesnpbrtkdGzirtfD31Ikybgfc=
last-modified
Wed, 18 Oct 2023 09:53:15 GMT
server
ECS (via/F347)
etag
"b85f8df63fda93c753ae1896b467ae85+gzip"
access-control-max-age
31536000
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, must-revalidate
vary
Accept-Encoding
reportOnly
478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/ 		0
618 B 		Other
General
Check archive.org
Download Go to
Full URL
https://478166bbb56685e64b14e7172b0bd05c.report-uri.com/r/d/csp/reportOnly
Requested by
Host: cdn.trustcommander.net
URL: https://cdn.trustcommander.net/privacy/4324/privacy_v2_8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.182.88 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63113904; includeSubDomains; preload

Request headers

Referer
https://openaccount.bankaustria.at/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 31 Oct 2023 10:00:36 GMT
strict-transport-security
max-age=63113904; includeSubDomains; preload
nel
{"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server
cloudflare
vary
Accept-Encoding
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
81eb0d4abb4c65e1-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
/
privacy.trustcommander.net/privacy-consent/ 		43 B
543 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://privacy.trustcommander.net/privacy-consent/
Requested by
Host: cdn.trustcommander.net
URL: https://cdn.trustcommander.net/privacy/4324/privacy_v2_8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.181.78.63 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-78-63.eu-west-3.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://openaccount.bankaustria.at/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
private
Date
Tue, 31 Oct 2023 10:00:36 GMT
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Content-Type
image/gif
access-control-allow-origin
https://openaccount.bankaustria.at
cache-control
private, max-age=486000, pre-check=486000
access-control-allow-credentials
true
Connection
keep-alive
access-control-allow-headers
Content-Type
Content-Length
43
expires
Mon, 29 Jan 2024 10:00:36 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
096f7f4e1114967f2e7102e883edebe113db4cb492889621dc120ffa4d60a256

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| Vue object| PDFJS object| pdfjsDistBuildPdf object| pdfjs-dist/build/pdf function| $ function| jQuery object| html5 object| Modernizr object| approve function| ES6Promise function| _ function| moment number| tc_privacy_used function| tc_privacy_display_21 number| tc_privacy_cpt function| tc_privacy_wait_body_21 function| tC object| tC_4324_21 object| caReady function| cact object| tc_array_events function| tC4324_21 object| tc_vars function| tc_closePrivacyButton function| tc_showPrivacyCenter function| tc_closePrivacyCenter undefined| AccordionsBootstrap undefined| InfoTip function| mobileAndTabletcheck undefined| ErrorTip undefined| MobilePullDownRefresh object| Utils function| ApproveValidator object| MsgUtils object| Console object| JsendUtils object| vueCompInputModule object| vueCompBlockSpinner object| vueCompGlobalSpinner object| vueCompGenericErrors object| vueCompBlockMessages object| vueCompWarningMessages object| vueCompTechnicalErrors object| vueCompDeviceTechErrors object| vueCompInfoMessage object| vueCompModal object| vueCompInfoIconPopover object| vueCompTableDashboard object| vueWildCards undefined| shoppingChartApp undefined| VueShoppingCartApp number| value object| oacAnalyticsService object| productModel string| orderModel undefined| eventGroups undefined| decodeEntities undefined| stripHtml undefined| GetElementText undefined| showLogs undefined| setAdobeVars undefined| timg undefined| gtag undefined| redirections undefined| noprivacy_css undefined| doc_head undefined| style undefined| redirecturl_key undefined| redirecturl_key_maxlength undefined| getURLParameter undefined| redirect_key undefined| Button undefined| ButtonUrl undefined| Parameters undefined| UrlAndDbParameters undefined| _adv undefined| s_code undefined| linksToOcc function| tc_privacy_display_20 function| tc_privacy_wait_body_20 undefined| create_UUID object| tC_4324_20 function| tC4324_20 string| tc_ce_qs string| tcVendorsConsent string| tcCategoriesConsent

2 Cookies

Domain/Path Name / Value
openaccount.bankaustria.at/ Name: TS01b5ad17
Value: 01117f0e61d69bdb15000c2cdf7e09042b7ef40628bac506f43c4c831d971233f08e583631858b51acd78716cf6cf7596792ac0a3f
.bankaustria.at/ Name: TCPID
Value: 1231021103611585228953

8 Console Messages

Source Level URL
Text
javascript warning URL: https://openaccount.bankaustria.at/etc/designs/oacAustria/assets/js/pdfjs/build/pdf.js(Line 6210)
Message:
The provided value 'moz-chunked-arraybuffer' is not a valid enum value of type XMLHttpRequestResponseType.
security error URL: https://openaccount.bankaustria.at/de.html
Message:
[Report Only] Refused to load the script 'https://cdn.tagcommander.com/4324/tc_BankAustria_header_21.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' 'unsafe-eval'".
security error URL: https://openaccount.bankaustria.at/etc/designs/oacAustria/clientlibs/vendors.min.7317df0210a17e49c17133eff6d4dd54.js(Line 361)
Message:
[Report Only] Refused to load the script 'https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' 'unsafe-eval'".
security error URL: https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js(Line 10)
Message:
[Report Only] Refused to load the script 'https://cdn.trustcommander.net/privacy/4324/privacy_v2_8.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' 'unsafe-eval'".
security error URL: https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js(Line 10)
Message:
[Report Only] Refused to load the script 'https://cdn.trustcommander.net/privacy/4324/privacy_v2_9.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' 'unsafe-eval'".
security error URL: https://cdn.tagcommander.com/4324/tc_BankAustria_footer_20.js(Line 10)
Message:
[Report Only] Refused to load the script 'https://cdn.trustcommander.net/privacy/4324/privacy_v2_8.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' 'unsafe-eval'".
security error URL: https://cdn.trustcommander.net/privacy/4324/privacy_v2_8.js(Line 10)
Message:
[Report Only] Refused to connect to 'https://privacy.trustcommander.net/privacy-consent/' because it violates the following Content Security Policy directive: "connect-src 'self'".
security error URL: https://cdn.trustcommander.net/privacy/4324/privacy_v2_8.js(Line 10)
Message:
[Report Only] Refused to connect to 'https://privacy.trustcommander.net/privacy-consent/' because it violates the following Content Security Policy directive: "connect-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

478166bbb56685e64b14e7172b0bd05c.report-uri.com
cdn.tagcommander.com
cdn.trustcommander.net
openaccount.bankaustria.at
privacy.trustcommander.net
104.17.182.88
192.229.233.55
213.134.66.122
35.181.78.63
096f7f4e1114967f2e7102e883edebe113db4cb492889621dc120ffa4d60a256
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
2d16b4f6c053221971982de32e2a1afc7d350b799f77da6ae9fcf5042e95d96e
2e2b666d012a5057aeb2d91a9d15da3b89ae79b94a42ef6e8f2e5bdcb17ba0e0
309fbabff84fc5d37b4526113ee36e71aca5b4d656a5faa9b8dae23dec63e526
5150b5d3a433c8655c1a0818886088db07dcddb3631ae73fb33659db5eaa0c98
8ce32fc88c7147050986ec0af644db1086dd0caf1459bd98382d73e45af547d0
9183d0c40083d6798d093ea624376f5e4cc5a98bf8d88d1bf346db0b83c47a1c
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
a46747c8e012187754af4940d4acc4f416fa1b2b7de2b5591173beedd16aa9e3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc285ee351de0e000392b9be74d1a48a95548a15e8722bff3b0acdd7813d5bfd
cbd4f8a889d70c093ac062dcd1c06f1c59b9266c28cda7f455316175da6f7c4c
d23b2f6c172af6b50ae0f70e6a696ce68bca70127983afd0bf45c9570a2a1fe8
d56bc6c917b045dfea3b01da88198244c5acc86f7c2b29ccd4538d121f9def3d
e031cc6f7757d69e81862a3fbb0ef380cf812e3218c1397fabb9e5f527887df7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ebed2f5644bb7043ca1d36125537db9ccd6aab7ab6d13df2c22e34990adb0d
f5860a86e2fb427bfe827945db8f2656b020684f34ff80150238757b404ab41e