finanzonline.bmf.gv.at Open in urlscan Pro
85.158.224.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://finanzonline.bmf.gv.at/fon/
Submission: On July 02 via manual (July 2nd 2022, 7:26:04 am UTC) from IN — Scanned from DE

Summary HTTP 40 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 40 HTTP transactions. The main IP is 85.158.224.242, located in Vienna, Austria and belongs to BRZ, AT. The main domain is finanzonline.bmf.gv.at. The Cisco Umbrella rank of the primary domain is 557280.
TLS certificate: Issued by GEANT OV RSA CA 4 on August 13th 2021. Valid for: a year.

This is the only time finanzonline.bmf.gv.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	85.158.224.242 85.158.224.242	8692 (BRZ) (BRZ)
1	85.158.224.73 85.158.224.73	8692 (BRZ) (BRZ)
2 11	84.242.9.199 84.242.9.199	47692 (NESSUS) (NESSUS)
4	84.242.9.222 84.242.9.222	47692 (NESSUS) (NESSUS)
40	5

25 85.158.224.242 (Vienna, Austria)

ASN8692 (BRZ, AT)
PTR: finanzonline.bmf.gv.at

finanzonline.bmf.gv.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.158.224.73 (Vienna, Austria)

ASN8692 (BRZ, AT)

chat.bmf.gv.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 84.242.9.199 (Vienna, Austria) 2 redirects

ASN47692 (NESSUS, AT)
PTR: ip084242009199.rev.nessus.at

www.handy-signatur.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.242.9.222 (Vienna, Austria)

ASN47692 (NESSUS, AT)
PTR: ip084242009222.rev.nessus.at

www.a-trust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	bmf.gv.at finanzonline.bmf.gv.at — Cisco Umbrella Rank: 557280 chat.bmf.gv.at — Cisco Umbrella Rank: 946448	1 MB
11	handy-signatur.at 2 redirects www.handy-signatur.at — Cisco Umbrella Rank: 609785	104 KB
4	a-trust.at www.a-trust.at — Cisco Umbrella Rank: 662960	63 KB
0	Failed function sub() { [native code] }. Failed
40	4

	Domain	Requested by
25	finanzonline.bmf.gv.at	finanzonline.bmf.gv.at
11	www.handy-signatur.at	2 redirects www.handy-signatur.at
4	www.a-trust.at	www.handy-signatur.at
1	chat.bmf.gv.at	finanzonline.bmf.gv.at
0	127.0.0.1 Failed	www.a-trust.at
40	5

This site contains links to these domains. Also see Links.

Domain
www.bmf.gv.at
www.youtube.com
service.bmf.gv.at
www.facebook.com
www.flickr.com

Subject Issuer	Validity	Valid
finanzonline.at GEANT OV RSA CA 4	`2021-08-13` - `2022-08-13`	a year	crt.sh
chat.bmf.gv.at GEANT OV ECC CA 4	`2022-05-19` - `2023-05-19`	a year	crt.sh
www.handy-signatur.at DigiCert SHA2 Secure Server CA	`2020-08-07` - `2022-08-12`	2 years	crt.sh
www.a-trust.at DigiCert TLS RSA SHA256 2020 CA1	`2021-10-14` - `2022-10-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://finanzonline.bmf.gv.at/fon/
Frame ID: 9091584C1F725F14F90784D97AEFF8D2
Requests: 25 HTTP requests in this frame

Frame: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
Frame ID: 1D5D8C2F4225DC0ABDE5BAA8AC536A2A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FinanzOnline Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

1248 kB
Transfer

1605 kB
Size

2
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bmf.gv.at/public.html

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/services/finanzonline/informationen-fuer-buerger/einstiegsinformationen.html
Title: Welche Zugangskennungen kann ich nutzen?

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/public/top-themen/handy-signatur.html
Title: Informationen zur Handy-Signatur Alle Informationen zur Handy-Signatur und wie Sie diese aktivieren können.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCCaXD4Bp7m_RXi5FNkhce0A/videos
Title: Unser YouTube-Kanal Hier sehen Sie Erklärvideos und vieles mehr.

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/services/aemter-behoerden/faoe.html
Title: Kundenservice Alle Informationen zu unserem Kundenservice.

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/fon/sicherheit
Title: Sicherheitsinformationen

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/fon/browsereinstellungen
Title: Technische Voraussetzungen

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/fon/rechtl-grundlagen
Title: Rechtsgrundlagen

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/public/impressum.html
Title: Impressum

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/public/datenschutz.html
Title: Datenschutz

Search URL Search Domain Scan URL

URL: https://www.bmf.gv.at/public/barrierefreiheitserklaerung.html
Title: Barrierefreiheitserklärung

Search URL Search Domain Scan URL

URL: https://service.bmf.gv.at/Service/Allg/Feedback/_start.asp?FTyp=KONTAKT
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/finanzministerium

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/159530260@N03/albums

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx HTTP 302
https://www.handy-signatur.at/mobile/https-security-layer-request/main.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX HTTP 302
https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
finanzonline.bmf.gv.at/fon/ 22 KB
23 KB 93ms
29ms Document
text/html 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

1d91773b104cab3ab0b6f0fefc571dc9f713bda9bb41146aa511b474c4e994c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' chat.bmf.gv.at 'nonce-rYMfEYNvvW'; style-src 'self' 'unsafe-inline'; img-src 'self' chat.bmf.gv.at data:; form-action 'self'; frame-ancestors 'self' www.finanzonline.bmf.gv.at; frame-src 'self' moa.brz.gv.at moa-qs.brz.gv.at www.handy-signatur.at finanzonline.bmf.gv.at; font-src 'self' chat.bmf.gv.at; connect-src 'self' wss://chat.bmf.gv.at/; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
Cache-Control: no-cache="set-cookie, set-cookie2"
Connection: Keep-Alive
Content-Language: de-DE
Content-Length: 22507
Content-Security-Policy: default-src 'self'; script-src 'self' chat.bmf.gv.at 'nonce-rYMfEYNvvW'; style-src 'self' 'unsafe-inline'; img-src 'self' chat.bmf.gv.at data:; form-action 'self'; frame-ancestors 'self' www.finanzonline.bmf.gv.at; frame-src 'self' moa.brz.gv.at moa-qs.brz.gv.at www.handy-signatur.at finanzonline.bmf.gv.at; font-src 'self' chat.bmf.gv.at; connect-src 'self' wss://chat.bmf.gv.at/; upgrade-insecure-requests
Content-Type: text/html;charset=utf-8
Date: Sat, 02 Jul 2022 07:25:59 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Keep-Alive: timeout=5, max=100
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
finanzonline.bmf.gv.at/fon/css/ 116 KB
116 KB 32ms
25ms Stylesheet
text/css 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/css/bootstrap.min.css?v=1.01

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

c0729b84b493435d48403b4f54b1e4d430df818e100a284edf32050b7e2f10bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: text/css
Vary: Origin
Content-Length: 118629
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK intro.css
finanzonline.bmf.gv.at/fon/css/ 13 KB
14 KB 60ms
22ms Stylesheet
text/css 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/css/intro.css?v=1.01

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

485f46a6012b93520c103b9e8139f9660d8ed62418a8deacc6d4f4921abe27e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: text/css
Vary: Origin
Content-Length: 13748
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK style.css
finanzonline.bmf.gv.at/fon/css/ 13 KB
14 KB 62ms
23ms Stylesheet
text/css 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/css/style.css?v=1.68

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

87294a82afabe6f6593bafb030ce494978e29cb79f712191342a71733af5612d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: text/css
Vary: Origin
Content-Length: 13523
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK main.css
finanzonline.bmf.gv.at/fon/css/ 166 KB
167 KB 68ms
28ms Stylesheet
text/css 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/css/main.css?v=1.42

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

ae4942d49d577607d2c17ea6d34e25eeeadf1cbfc373a95bc7a1d95e98695daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:39:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: text/css
Vary: Origin
Content-Length: 169989
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK font-awesome-all.min.css
finanzonline.bmf.gv.at/fon/css/ 53 KB
54 KB 66ms
25ms Stylesheet
text/css 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/css/font-awesome-all.min.css

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: text/css
Vary: Origin
Content-Length: 54456
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK password-strength.css
finanzonline.bmf.gv.at/fon/css/ 666 B
1 KB 61ms
21ms Stylesheet
text/css 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/css/password-strength.css

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

2732eade7571e7db302d4afc0c7a8eb56c6e57e633f65d20053899f955450d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: text/css
Vary: Origin
Content-Length: 666
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK finanzonline_at_Logo.svg
finanzonline.bmf.gv.at/fon/img/ 4 KB
4 KB 43ms
22ms Image
image/svg+xml 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/finanzonline_at_Logo.svg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

847f72a1f801856caf7cf0843d52e97e16f1f264e1e2f047e656395d2249c394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/svg+xml
Vary: Origin
Content-Length: 3588
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK bmf_logo.svg
finanzonline.bmf.gv.at/fon/img/ 5 KB
5 KB 55ms
22ms Image
image/svg+xml 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/bmf_logo.svg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

34bae2c7605439c4752487182ab2c49328cf12223fcb784079a9cd5aa5e52000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/svg+xml
Vary: Origin
Content-Length: 5012
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK alert-triangle.svg
finanzonline.bmf.gv.at/fon/img/ 2 KB
2 KB 56ms
21ms Image
image/svg+xml 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/alert-triangle.svg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

ee6bac63403fb19bd075a42fd636507bf623cbb1ee23e80ae1420fdda9c93792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/svg+xml
Vary: Origin
Content-Length: 1596
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK print.css
finanzonline.bmf.gv.at/fon/css/ 6 KB
6 KB 21ms
21ms Stylesheet
text/css 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/css/print.css?v=1.31

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

496b128d85ee93081c238e50e38132dcdd374ae59544d08d4cc5604174445f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: text/css
Vary: Origin
Content-Length: 6074
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK buergerkarte_eid.png
finanzonline.bmf.gv.at/fon/img/ 8 KB
8 KB 26ms
23ms Image
image/png 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/buergerkarte_eid.png

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

ef788803b7b95b437c89898b53f2b06c45c5e3749ec551993ab5c0af7c44841e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/png
Vary: Origin
Content-Length: 7868
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK buergerkarte_rund.png
finanzonline.bmf.gv.at/fon/img/ 2 KB
3 KB 27ms
24ms Image
image/png 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/buergerkarte_rund.png

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

9fb2308e70d670b9bc97c671c53fb77bf74782be89e5a54a45dc3d93e16c4966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/png
Vary: Origin
Content-Length: 2053
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK Montage_Handysignatur.jpg
finanzonline.bmf.gv.at/fon/img/ 192 KB
193 KB 28ms
28ms Image
image/jpeg 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/Montage_Handysignatur.jpg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

3f5b09b35809576ec39318867824aa239a6dc2ca8fee9e70aad7f48cb8a72fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/jpeg
Vary: Origin
Content-Length: 196873
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK Login.jpg
finanzonline.bmf.gv.at/fon/img/ 28 KB
28 KB 25ms
24ms Image
image/jpeg 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/Login.jpg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

80ceb6aa6d5b18889615eab5a7f9163484a75ed6a4fad9b23bc3954261aaa764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/jpeg
Vary: Origin
Content-Length: 28275
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK Callcenter.jpg
finanzonline.bmf.gv.at/fon/img/ 119 KB
119 KB 25ms
25ms Image
image/jpeg 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/Callcenter.jpg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

bda5d6433e203e6650daba08026ed2c914a4b1073d16c8d3b1175b1085a500e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/jpeg
Vary: Origin
Content-Length: 121443
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK Demobild.jpg
finanzonline.bmf.gv.at/fon/img/ 91 KB
92 KB 26ms
25ms Image
image/jpeg 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/Demobild.jpg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

62642bca23b08a6f040d09f8b40b91c487ac46dc9692fc141a48d73db3c7a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/jpeg
Vary: Origin
Content-Length: 93389
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98

GET
H2 200 widget-fon.js Show response
chat.bmf.gv.at/ 195 KB
66 KB 96ms
37ms Script
text/javascript 85.158.224.73
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.bmf.gv.at/widget-fon.js

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.73 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

Software

Resource Hash

8b8a7da90b7b1d69fa0f6c01e96338374d38b54cb4e68c4c21a08448fcc8126a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; media-src 'self'; img-src 'self' 'unsafe-inline' data: https:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src wss://chat.bmf.gv.at/chat/widget/ wss://chat.bmf.gv.at; frame-ancestors https://ubitec.at/;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 07:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-length: 66762
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 28 Jun 2022 10:44:46 GMT
x-frame-options: deny
etag: "62babf7e-30d8c"
vary: Accept-Encoding, Origin, Accept-Language
content-language: de
access-control-allow-origin: *
cache-control: max-age=60, public
content-security-policy: default-src 'self'; media-src 'self'; img-src 'self' 'unsafe-inline' data: https:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; connect-src wss://chat.bmf.gv.at/chat/widget/ wss://chat.bmf.gv.at; frame-ancestors https://ubitec.at/;
content-type: text/javascript; charset="utf-8"

GET
H/1.1 200
OK icon-bcms_social_media_facebook.svg
finanzonline.bmf.gv.at/fon/img/ 648 B
1 KB 21ms
21ms Image
image/svg+xml 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/icon-bcms_social_media_facebook.svg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

8056d2660f0010616c8809e5c15fb2710cbc4df582c81d9afdeadae06c0753f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/svg+xml
Vary: Origin
Content-Length: 648
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK icon-bcms_social_media_youtube.svg
finanzonline.bmf.gv.at/fon/img/ 788 B
1 KB 20ms
20ms Image
image/svg+xml 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/icon-bcms_social_media_youtube.svg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

c14d23e7183a9f1be184fcb48cee02a934ca57cdfcc5093b555541cf9c421752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/svg+xml
Vary: Origin
Content-Length: 788
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=95

GET
H/1.1 200
OK icon-bcms_social_media_flickr.svg
finanzonline.bmf.gv.at/fon/img/ 771 B
1 KB 21ms
21ms Image
image/svg+xml 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://finanzonline.bmf.gv.at/fon/img/icon-bcms_social_media_flickr.svg

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

d28342273fb6a2769d12dcb63143d5c54d7144a95e06167ccb4bc2000b3cc21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: image/svg+xml
Vary: Origin
Content-Length: 771
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=94

GET
H/1.1 200
OK jquery.min.js Show response
finanzonline.bmf.gv.at/fon/script/jquery/ 87 KB
88 KB 25ms
24ms Script
application/javascript 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/script/jquery/jquery.min.js

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: application/javascript
Vary: Origin
Content-Length: 89501
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK bootstrap.min.js Show response
finanzonline.bmf.gv.at/fon/script/jquery/ 39 KB
39 KB 25ms
24ms Script
application/javascript 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/script/jquery/bootstrap.min.js

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: application/javascript
Vary: Origin
Content-Length: 39680
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK fon-utils_v2.js Show response
finanzonline.bmf.gv.at/fon/script/ 31 KB
31 KB 27ms
27ms Script
application/javascript 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/script/fon-utils_v2.js?v=2.98

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

60d7dbb474be9b5edf43fa0b67f9eaa86c0727e0562e4d61f107cfb92e9b349d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: application/javascript
Vary: Origin
Content-Length: 31575
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK pw-util.js Show response
finanzonline.bmf.gv.at/fon/script/ 2 KB
2 KB 22ms
22ms Script
application/javascript 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/fon/script/pw-util.js?v=1.0

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

ea509db0a294a8395969631a9b22412aa894619fa5b959c363024d6adda9f8e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://finanzonline.bmf.gv.at/fon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 02 Jul 2022 07:25:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: same-origin
Last-Modified: Wed, 01 Jun 2022 13:36:30 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
X-XSS-Protection: 1; mode=block
Connection: Keep-Alive
Content-Type: application/javascript
Vary: Origin
Content-Length: 1696
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
200 StartAuthentication Show response
finanzonline.bmf.gv.at/moa-id-auth/ Frame 1D5D 2 KB
3 KB 171ms
171ms Document
text/html 85.158.224.242
BRZ

General

Check archive.org

Show headers Download Go to

Full URL

https://finanzonline.bmf.gv.at/moa-id-auth/StartAuthentication?Target=SA&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&OA=https://finanzonline.bmf.gv.at/fon/bklogin.do%3FArt%3DM

Requested by

Host: finanzonline.bmf.gv.at
URL: https://finanzonline.bmf.gv.at/fon/script/jquery/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.158.224.242 Vienna, Austria, ASN8692 (BRZ, AT),

Reverse DNS

finanzonline.bmf.gv.at

Software

Apache /

Resource Hash

ad6f35ca7f9f3fc9b801e4df2fbce6b018a9e19a048936bdd48cb5ede3b51c86

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' moa.brz.gv.at chat.bmf.gv.at www.youtube.com secure.oesterreich.gv.at 'unsafe-inline' 'unsafe-eval'; connect-src 'self' wss://chat.bmf.gv.at/ https://www.youtube.com; frame-ancestors 'self'; form-action 'self' eidas.bmi.gv.at 127.0.0.1:3496 www.handy-signatur.at moa.brz.gv.at; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://finanzonline.bmf.gv.at/fon/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AM-TXID-HTTP-Request: Yr_zCDYzNVl5v9MP6hQFiQAAAog
Access-Control-Allow-Origin: https://sso.finanzonline.bmf.gv.at
Cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: Keep-Alive
Content-Length: 1897
Content-Security-Policy: default-src 'self' moa.brz.gv.at chat.bmf.gv.at www.youtube.com secure.oesterreich.gv.at 'unsafe-inline' 'unsafe-eval'; connect-src 'self' wss://chat.bmf.gv.at/ https://www.youtube.com; frame-ancestors 'self'; form-action 'self' eidas.bmi.gv.at 127.0.0.1:3496 www.handy-signatur.at moa.brz.gv.at; upgrade-insecure-requests;
Content-Type: text/html;charset=utf-8
Date: Sat, 02 Jul 2022 07:26:00 GMT
Expires: Sat, 06 May 1995 12:00:00 GMT
Keep-Alive: timeout=5, max=97
Pragma: no-cache
Referrer-Policy: same-origin
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block

GET
H2

200

identification.aspx Show response
www.handy-signatur.at/mobile/https-security-layer-request/ Frame 1D5D
Redirect Chain

https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx
https://www.handy-signatur.at/mobile/https-security-layer-request/main.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

8 KB
8 KB

22ms
22ms

Document
text/html

84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

32beeef6c26ef173a9198587fee118268a1d13848bacd2fb7c8ac64c9fea20fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 8135
content-type: text/html; charset=utf-8
date: Sat, 02 Jul 2022 07:26:00 GMT
expires: -1
pragma: no-cache
strict-transport-security: max-age=31415926; includeSubDomains
x-ua-compatible: IE=edge

Redirect headers

cache-control: no-cache
content-length: 238
content-type: text/html; charset=utf-8
date: Sat, 02 Jul 2022 07:26:00 GMT
expires: -1
location: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
pragma: no-cache
strict-transport-security: max-age=31415926; includeSubDomains
x-ua-compatible: IE=edge

GET
H2 200 bootstrap.min.css
www.a-trust.at/cdn/bootstrap4/css/ Frame 1D5D 158 KB
24 KB 90ms
35ms Stylesheet
text/css 84.242.9.222
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.a-trust.at/cdn/bootstrap4/css/bootstrap.min.css
Requested by: Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.242.9.222 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: ip084242009222.rev.nessus.at
Software: Microsoft-IIS/10.0 /
Resource Hash: 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 07:25:59 GMT
content-encoding: gzip
last-modified: Mon, 03 May 2021 06:46:59 GMT
server: Microsoft-IIS/10.0
etag: "80b3761de83fd71:0"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 24036

GET
H2 200 fontawesome.min.css
www.handy-signatur.at/mobile/https-security-layer-request/css/ Frame 1D5D 54 KB
12 KB 20ms
18ms Stylesheet
text/css 84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/css/fontawesome.min.css

Requested by

Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

af7f3d06c121326f325577af2a0e93fe1bc1b64c32d54847059a5e4ef039fc0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31415926; includeSubDomains
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 15:21:13 GMT
etag: "803af9d28219d61:0"
vary: Accept-Encoding
content-type: text/css
date: Sat, 02 Jul 2022 07:26:00 GMT
accept-ranges: bytes
content-length: 12033
x-ua-compatible: IE=edge

GET
H2 200 style.css
www.handy-signatur.at/mobile/https-security-layer-request/css/ Frame 1D5D 11 KB
2 KB 20ms
19ms Stylesheet
text/css 84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/css/style.css?v=7

Requested by

Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

93e443c46716334d79b2cfc467330db38f54492d9f991aeee67b2c7527ffc721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31415926; includeSubDomains
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:20:02 GMT
etag: "015c5f7a5ed71:0"
vary: Accept-Encoding
content-type: text/css
date: Sat, 02 Jul 2022 07:26:00 GMT
accept-ranges: bytes
content-length: 2296
x-ua-compatible: IE=edge

GET
H2 200 jquery.min.js Show response
www.a-trust.at/cdn/js/ Frame 1D5D 87 KB
30 KB 106ms
52ms Script
application/javascript 84.242.9.222
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.a-trust.at/cdn/js/jquery.min.js
Requested by: Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.242.9.222 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: ip084242009222.rev.nessus.at
Software: Microsoft-IIS/10.0 /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 07:25:59 GMT
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 13:02:15 GMT
server: Microsoft-IIS/10.0
etag: "8065ceac13dd71:0"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30982

GET
H2 200 Common.js Show response
www.handy-signatur.at/mobile/https-security-layer-request/js/ Frame 1D5D 2 KB
2 KB 37ms
36ms Script
application/x-javascript 84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/js/Common.js?v=4

Requested by

Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

dc6714aac68ad9712e5387fb756da31268e217c72d494d2eeab31774dcf14a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31415926; includeSubDomains
last-modified: Mon, 30 Nov 2020 11:36:51 GMT
etag: "ecc56f18dc7d61:0"
content-type: application/x-javascript
date: Sat, 02 Jul 2022 07:26:00 GMT
accept-ranges: bytes
content-length: 1973
x-ua-compatible: IE=edge

GET
H2 200 qrlongpoll6.js Show response
www.handy-signatur.at/mobile/https-security-layer-request/js/ Frame 1D5D 2 KB
2 KB 21ms
20ms Script
application/x-javascript 84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/js/qrlongpoll6.js

Requested by

Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

d7238ee06d39627309bc1f93489f1dbc2d6a09c551effab2c4d9b92037ff8a6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31415926; includeSubDomains
last-modified: Wed, 07 Jul 2021 14:37:18 GMT
etag: "ee5461963d73d71:0"
content-type: application/x-javascript
date: Sat, 02 Jul 2022 07:26:00 GMT
accept-ranges: bytes
content-length: 2230
x-ua-compatible: IE=edge

GET
H2 200 identification_aspx.js Show response
www.handy-signatur.at/mobile/https-security-layer-request/js/localstore/ Frame 1D5D 2 KB
2 KB 37ms
36ms Script
application/x-javascript 84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/js/localstore/identification_aspx.js

Requested by

Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

c61cee5d99366ee4e093e69d931c7a31b41443e146b546c95d981f7bd417764d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31415926; includeSubDomains
last-modified: Sat, 28 Sep 2019 15:50:09 GMT
etag: "d84d681476d51:0"
content-type: application/x-javascript
date: Sat, 02 Jul 2022 07:26:00 GMT
accept-ranges: bytes
content-length: 2360
x-ua-compatible: IE=edge

GET
H2 200 CheckTan3.js Show response
www.handy-signatur.at/mobile/https-security-layer-request/js/ Frame 1D5D 2 KB
2 KB 37ms
37ms Script
application/x-javascript 84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/js/CheckTan3.js

Requested by

Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

8b59668020564e0c5c22a70b513099365332e0278bbc1f56500aea534d7dacfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31415926; includeSubDomains
last-modified: Sat, 28 Sep 2019 15:50:09 GMT
etag: "23ba4c681476d51:0"
content-type: application/x-javascript
date: Sat, 02 Jul 2022 07:26:00 GMT
accept-ranges: bytes
content-length: 2133
x-ua-compatible: IE=edge

GET
H2 200 LogoSmall.gif
www.a-trust.at/cdn/img/ Frame 1D5D 2 KB
2 KB 18ms
18ms Image
image/gif 84.242.9.222
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.a-trust.at/cdn/img/LogoSmall.gif
Requested by: Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.242.9.222 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: ip084242009222.rev.nessus.at
Software: Microsoft-IIS/10.0 /
Resource Hash: ce7981acb99dcbce718daa4855b2c27d281f07fe2fcb38d427dd45ed8e45cd76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 07:26:00 GMT
last-modified: Thu, 27 Feb 2014 09:03:55 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "dbb889d79a33cf1:0"
content-length: 1774
content-type: image/gif

GET
H2 200 LogoEinfachSicher.png
www.a-trust.at/cdn/img/ Frame 1D5D 7 KB
7 KB 18ms
17ms Image
image/png 84.242.9.222
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.a-trust.at/cdn/img/LogoEinfachSicher.png
Requested by: Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.242.9.222 Vienna, Austria, ASN47692 (NESSUS, AT),
Reverse DNS: ip084242009222.rev.nessus.at
Software: Microsoft-IIS/10.0 /
Resource Hash: 751c5061190d019a3b31fab729d4ec4ccab38e5e76ea85eb52ce569f14d402a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 07:26:00 GMT
last-modified: Tue, 10 Nov 2020 15:16:02 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "b11ea6774b7d61:0"
content-length: 7016
content-type: image/png

GET
H2 200 serveimage.aspx
www.handy-signatur.at/mobile/https-security-layer-request/ Frame 1D5D 128 B
175 B 19ms
19ms Image
image/png 84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/serveimage.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Requested by

Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

13c68ebf6f7952a3879c093cacc4ecf64ab0ee062f8627379be7d81b2b288cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.handy-signatur.at/mobile/https-security-layer-request/identification.aspx?sid=A3_GDLRCSCEASNMFYHZGTKPVKNITSEX
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31415926; includeSubDomains
date: Sat, 02 Jul 2022 07:26:00 GMT
content-type: image/png
cache-control: no-cache
x-ua-compatible: IE=edge
content-length: 128
expires: -1

GET
H2 200 fa-solid-900.woff2
www.handy-signatur.at/mobile/https-security-layer-request/webfonts/ Frame 1D5D 73 KB
73 KB 19ms
18ms Font
font/woff2 84.242.9.199
NESSUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handy-signatur.at/mobile/https-security-layer-request/webfonts/fa-solid-900.woff2

Requested by

Host: www.handy-signatur.at
URL: https://www.handy-signatur.at/mobile/https-security-layer-request/css/fontawesome.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

84.242.9.199 Vienna, Austria, ASN47692 (NESSUS, AT),

Reverse DNS

ip084242009199.rev.nessus.at

Software

Resource Hash

0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31415926; includeSubDomains

Request headers

Referer: https://www.handy-signatur.at/mobile/https-security-layer-request/css/fontawesome.min.css
Origin: https://www.handy-signatur.at
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31415926; includeSubDomains
last-modified: Thu, 23 Apr 2020 15:21:14 GMT
etag: "d257b3d38219d61:0"
content-type: font/woff2
date: Sat, 02 Jul 2022 07:26:00 GMT
accept-ranges: bytes
content-length: 74328
x-ua-compatible: IE=edge

GET /
127.0.0.1/atrustbku/ Frame 1D5D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 127.0.0.1
URL: https://127.0.0.1:3496/atrustbku/?_=1656746760582

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			finanzonline.bmf.gv.at/fon	1969-12-31 23:59:59	Name: FONSESSIID Value: 0000Y7Wp8KBIGIx6GhFhjBzIJ91:1cntsq4el
			finanzonline.bmf.gv.at/	1969-12-31 23:59:59	Name: AM_TXID_Browser_Session Value: Yr_zCDYzNVl5v9MP6hQFiQAAAog

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' chat.bmf.gv.at 'nonce-rYMfEYNvvW'; style-src 'self' 'unsafe-inline'; img-src 'self' chat.bmf.gv.at data:; form-action 'self'; frame-ancestors 'self' www.finanzonline.bmf.gv.at; frame-src 'self' moa.brz.gv.at moa-qs.brz.gv.at www.handy-signatur.at finanzonline.bmf.gv.at; font-src 'self' chat.bmf.gv.at; connect-src 'self' wss://chat.bmf.gv.at/; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
chat.bmf.gv.at
finanzonline.bmf.gv.at
www.a-trust.at
www.handy-signatur.at
127.0.0.1
84.242.9.199
84.242.9.222
85.158.224.242
85.158.224.73
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
13c68ebf6f7952a3879c093cacc4ecf64ab0ee062f8627379be7d81b2b288cbe
1d91773b104cab3ab0b6f0fefc571dc9f713bda9bb41146aa511b474c4e994c8
2732eade7571e7db302d4afc0c7a8eb56c6e57e633f65d20053899f955450d30
32beeef6c26ef173a9198587fee118268a1d13848bacd2fb7c8ac64c9fea20fd
34bae2c7605439c4752487182ab2c49328cf12223fcb784079a9cd5aa5e52000
3f5b09b35809576ec39318867824aa239a6dc2ca8fee9e70aad7f48cb8a72fd4
485f46a6012b93520c103b9e8139f9660d8ed62418a8deacc6d4f4921abe27e7
496b128d85ee93081c238e50e38132dcdd374ae59544d08d4cc5604174445f61
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
60d7dbb474be9b5edf43fa0b67f9eaa86c0727e0562e4d61f107cfb92e9b349d
62642bca23b08a6f040d09f8b40b91c487ac46dc9692fc141a48d73db3c7a76a
751c5061190d019a3b31fab729d4ec4ccab38e5e76ea85eb52ce569f14d402a2
8056d2660f0010616c8809e5c15fb2710cbc4df582c81d9afdeadae06c0753f3
80ceb6aa6d5b18889615eab5a7f9163484a75ed6a4fad9b23bc3954261aaa764
847f72a1f801856caf7cf0843d52e97e16f1f264e1e2f047e656395d2249c394
87294a82afabe6f6593bafb030ce494978e29cb79f712191342a71733af5612d
8b59668020564e0c5c22a70b513099365332e0278bbc1f56500aea534d7dacfd
8b8a7da90b7b1d69fa0f6c01e96338374d38b54cb4e68c4c21a08448fcc8126a
93e443c46716334d79b2cfc467330db38f54492d9f991aeee67b2c7527ffc721
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9fb2308e70d670b9bc97c671c53fb77bf74782be89e5a54a45dc3d93e16c4966
ad6f35ca7f9f3fc9b801e4df2fbce6b018a9e19a048936bdd48cb5ede3b51c86
ae4942d49d577607d2c17ea6d34e25eeeadf1cbfc373a95bc7a1d95e98695daa
af7f3d06c121326f325577af2a0e93fe1bc1b64c32d54847059a5e4ef039fc0b
bda5d6433e203e6650daba08026ed2c914a4b1073d16c8d3b1175b1085a500e2
c0729b84b493435d48403b4f54b1e4d430df818e100a284edf32050b7e2f10bc
c14d23e7183a9f1be184fcb48cee02a934ca57cdfcc5093b555541cf9c421752
c61cee5d99366ee4e093e69d931c7a31b41443e146b546c95d981f7bd417764d
ce7981acb99dcbce718daa4855b2c27d281f07fe2fcb38d427dd45ed8e45cd76
d28342273fb6a2769d12dcb63143d5c54d7144a95e06167ccb4bc2000b3cc21c
d7238ee06d39627309bc1f93489f1dbc2d6a09c551effab2c4d9b92037ff8a6b
dc6714aac68ad9712e5387fb756da31268e217c72d494d2eeab31774dcf14a6b
ea509db0a294a8395969631a9b22412aa894619fa5b959c363024d6adda9f8e6
ee6bac63403fb19bd075a42fd636507bf623cbb1ee23e80ae1420fdda9c93792
ef788803b7b95b437c89898b53f2b06c45c5e3749ec551993ab5c0af7c44841e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

finanzonline.bmf.gv.at Open in urlscan Pro 85.158.224.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

1 Countries

1248 kBTransfer

1605 kBSize

2 Cookies

14 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

finanzonline.bmf.gv.at Open in urlscan Pro
85.158.224.242 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

1248 kB
Transfer

1605 kB
Size

2
Cookies

40 HTTP transactions
0 data transactions