urlscan.io logo urlscan.io
SecurityTrails logo

www.baf.at Open in urlscan Pro
194.149.233.198  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bacaf-financecenter.com/
Effective URL: https://www.baf.at/startsite.html
Submission: On November 04 via api from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 53 HTTP transactions. The main IP is 194.149.233.198, located in Italy and belongs to UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT. The main domain is www.baf.at.
TLS certificate: Issued by Actalis Organization Validated Server... on September 18th 2020. Valid for: a year.
This is the only time www.baf.at was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 193.193.173.53 12428 (UNICREDIT...)
1 46 194.149.233.198 15515 (UNICREDIT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.210.43.143 16509 (AMAZON-02)
1 1 99.81.11.244 16509 (AMAZON-02)
1 15.237.76.117 16509 (AMAZON-02)
53 7
1    193.193.173.53 (Italy)

ASN12428 (UNICREDIT-AS-MI-, IT)
PTR: www.baf.at.gtm.unicreditgroup.eu
bacaf-financecenter.com
46    194.149.233.198 (Italy)

ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT)
PTR: www.baf.at.gtm.unicreditgroup.eu
www.baf.at
1    2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    52.210.43.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-43-143.eu-west-1.compute.amazonaws.com
dpm.demdex.net
unicreditgroup.demdex.net
1    99.81.11.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
unicreditbankaustria.d3.sc.omtrdc.net
Domain Requested by
46 www.baf.at 1 redirects www.baf.at
2 dpm.demdex.net www.baf.at
1 unicreditbankaustria.d3.sc.omtrdc.net www.baf.at
1 cm.everesttech.net 1 redirects
1 unicreditgroup.demdex.net www.baf.at
1 www.gstatic.com www.google.com
1 s.ytimg.com www.youtube.com
1 www.youtube.com www.baf.at
1 www.google.com www.baf.at
1 bacaf-financecenter.com 1 redirects
53 10

This site contains no links.

Subject Issuer Validity Valid
www.baf.at
Actalis Organization Validated Server CA G3		 2020-09-18 -
2021-09-18		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://www.baf.at/startsite.html
Frame ID: A193FAAA01021153CD52A3FCD04A423C
Requests: 52 HTTP requests in this frame

Frame: https://unicreditgroup.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 170F2FB4F84948EF3AC2883DD98889BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bacaf-financecenter.com/ HTTP 301
    https://www.baf.at/ HTTP 301
    https://www.baf.at/startsite.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i
Overall confidence: 100%
Detected patterns
  • script /\/etc\/designs\//i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

53
Requests

100 %
HTTPS

44 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

9428 kB
Transfer

9680 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bacaf-financecenter.com/ HTTP 301
    https://www.baf.at/ HTTP 301
    https://www.baf.at/startsite.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://cm.everesttech.net/cm/dd?d_uuid=78928480429789870784029263756023406116 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X6LLRQAAALBElhXj

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request startsite.html
www.baf.at/
Redirect Chain
  • http://bacaf-financecenter.com/
  • https://www.baf.at/
  • https://www.baf.at/startsite.html
69 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
c873b7b2549a2334f921ed5f853cc249b0a75bcccef82e6c1a5b8bb64b560e19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.baf.at
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
renderid=rend8013; TS01372e67=01117f0e617be63ee36c23b99eff5ce6d6b3cedb4ef8d3c3ef80eae424fe77b8069fb295a23405e6968bc08887af2aecbb0ae3127843d289be3aa524f0bcfba3b3efbba83a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:46 GMT
Strict-Transport-Security
max-age=31536000; preload
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"114dc-5b34642e602dc"
Accept-Ranges
bytes
Content-Length
70876
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Wed, 04 Nov 2020 15:39:46 GMT
Strict-Transport-Security
max-age=31536000; preload
Set-Cookie
renderid=rend8013; path=/ TS01372e67=01117f0e617be63ee36c23b99eff5ce6d6b3cedb4ef8d3c3ef80eae424fe77b8069fb295a23405e6968bc08887af2aecbb0ae3127843d289be3aa524f0bcfba3b3efbba83a; Path=/; Secure; HTTPOnly
Location
https://www.baf.at/startsite.html
Content-Language
en-US
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
httpd/unix-directory
general.min.css
www.baf.at/etc/designs/baf/clientlibs/ 		243 KB
243 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
705e285ea9581ca681dd5f1eb2f421ebb889f5aac3b5567490b159aad097e54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"3cae7-5b34642e81dee"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
248551
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
form.min.css
www.baf.at/etc/designs/baf/clientlibs/page/ 		11 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/page/form.min.css
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
0a9be835224e57c50915363f03ac298c44b8f6e126059bb3bddf8233f1999469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"2dfd-5b34642e8fc97"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
11773
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
home.min.css
www.baf.at/etc/designs/baf/clientlibs/page/ 		95 KB
95 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/page/home.min.css
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
d4b4a550158490c2fa7a1e7e3beed7d831d44b15a922129311a157ecc33050fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"17adf-5b34642e9660f"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
96991
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
last-include.min.css
www.baf.at/etc/designs/baf/clientlibs/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/last-include.min.css
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
59a1c7b6837901fccf8193d0ca710348c6fec6ceb7e8c49eec0789743a0da673
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"5c2b-5b34642e9a877"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
23595
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
general.min.js
www.baf.at/etc/designs/baf/clientlibs/ 		809 KB
810 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/general.min.js
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
9b4600cdb924d8662677b2a50542008d4298defa34f665a7aef5ec8c09654662
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"ca5f0-5b34642ea3130"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
828912
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
form.min.js
www.baf.at/etc/designs/baf/clientlibs/page/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/page/form.min.js
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
22c367870ba1d7537ab699a35715b473a5aad5153c8a014a581b0cf73d293243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"45a7-5b34642e9a877"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17831
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
home.min.js
www.baf.at/etc/designs/baf/clientlibs/page/ 		35 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/page/home.min.js
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
b4067550f46a3cfeca64cff54b472e4c692db4946f7ddc1ceff21c82aa2da1e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"8cfe-5b34642ea19c0"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
36094
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
last-include.min.js
www.baf.at/etc/designs/baf/clientlibs/ 		0
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/last-include.min.js
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"0-5b34642eb4e59"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
0
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
api.js
www.google.com/recaptcha/ 		912 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=de-AT&onload=onloadCallback&render=explicit
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6a564b06b86bdd35fbb07865accd592f63d7e8e75c7232b51c3cc3a0b3f35f5b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
582
x-xss-protection
1; mode=block
expires
Wed, 04 Nov 2020 15:39:47 GMT
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
7fd99b176e6bd80f03d013d3a4f768b0773e9b613362b4aee58f55175947afb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:39:47 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
status
200
cache-control
no-cache
content-type
application/javascript
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
AppMeasurement.js
www.baf.at/etc/designs/baf/sitecatalyst/ 		149 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/sitecatalyst/AppMeasurement.js
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
ae34079bf8423827f1e8eefaa0a5e7e06395e729c7676e884b1028bff958a343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"252a8-5b34642eb4a71"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/x-javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
152232
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
logobaf.png
www.baf.at/etc/designs/baf/img/static/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/etc/designs/baf/img/static/logobaf.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
ffbeae46e9eac9e7fa00502e87562af23a96dc5ae305806c82f063188a508520
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"193c-5b34642f2f751"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6460
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
slider_desktop_veranlagungsstudie.jpg
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slider/ 		186 KB
186 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slider/slider_desktop_veranlagungsstudie.jpg
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
a366c5564ae93fa942bd38115d76f7608a1f36a67fb69243f232c62431ff2b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:15 GMT
ETag
"2e64c-5b34642f3fd0a"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
190028
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
slider_mobil_veranlagungsstudie.jpg
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slidermobile/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slidermobile/slider_mobil_veranlagungsstudie.jpg
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
b3ff1e90da9e44968b8e6e7a523f7930c266d53a884d12f4138f7159177dcbeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"18dd7-5b34642f6c3fd"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
101847
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
slider_desktop_greenfinance.jpg
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slider/ 		236 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slider/slider_desktop_greenfinance.jpg
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
fa46212ac2a8e7b169e20b55e4368daf97a568412dc4c060fcfad847c846f03d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"3aedb-5b34642f70665"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
241371
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
slider_mobil_greenfinance.jpg
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slidermobile/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slidermobile/slider_mobil_greenfinance.jpg
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
59ca9f3e2cc9bca73c17c5cd4de253bf1fc9ad99b5fed005cbc8fb1eb0706792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"23629-5b34642f7027d"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
144937
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
FIN%20App.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slider/ 		732 KB
733 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slider/FIN%20App.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
70ac6b549b4ffa6fa5e175df802e41a4b93a90790ea60b3216fdb6a6a7ccd10e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"b7137-5b34642f773c5"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
749879
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
FINApp%20mobile.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slidermobile/ 		188 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slidermobile/FINApp%20mobile.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
316eeb638198054ea87b4a36117722d5fdd5d4676a47d337be42dec01d9a93ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"2f100-5b34642f70665"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
192768
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
slider_desktop_bestseller.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slider/ 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slider/slider_desktop_bestseller.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
6daa3d169e22077c51281727497cb88d9c47004c3270f933af477081a335175a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:48 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"41e47-5b34642f7d56e"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
269895
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
slider_mobil_bestseller.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slidermobile/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/Slidermobile/slider_mobil_bestseller.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
68ba5f290257aaf9425e4e0ecaf3c285078226fcfa03ed96217120564ff7efa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"a8f6-5b34642feeddd"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
43254
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
1602573371490.png
www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_2d65/image.img.png/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_2d65/image.img.png/1602573371490.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
02a8ce7a5fa35bb75a67567e4569691b907f1eac8dcb9a0f5823eb8313691e4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"a9c2-5b34642faf251"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
43458
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
1602761024974.png
www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_e032/image.img.png/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_e032/image.img.png/1602761024974.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
0fd9aaf1427628100ea195678a018d40411da9e277e31d49fda84f71dd05b5af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"32091-5b34642fec2e5"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
204945
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
startseite_4er_banner_wohnfinanzierungen.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/4erBanner/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/4erBanner/startseite_4er_banner_wohnfinanzierungen.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
7026675e3692aece6d6b68152428565ac622f941576a2a44ae68c103f0b86b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"cb5b-5b34642fac371"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
52059
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
startseite_4er_banner_versicherungen2.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/4erBanner/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/4erBanner/startseite_4er_banner_versicherungen2.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
25ab5fb241309ec3c90365f0b1381f85a6224c7cffadc407e63ed6c31b703e47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"106d2-5b34642ff5b3d"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
67282
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
1576760254792.png
www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_600900301/image.img.png/ 		570 KB
570 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_600900301/image.img.png/1576760254792.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
c189626e5f00259356650bf5b0f3f4df98343fe209a72fb99966136f639f309a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"8e7fc-5b34642ff630e"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
583676
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
WP%20NL%20neu.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/WebinareStartseite/ 		676 KB
676 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/WebinareStartseite/WP%20NL%20neu.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
efedc973a1381bfb45e2bb5449f3bd296def7d7dd2fc6e6ee4e3309f10b83649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"a8e58-5b34642ff8e06"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
691800
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
1576760272273.png
www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_626931909/image.img.png/ 		1004 KB
1004 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_626931909/image.img.png/1576760272273.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
5ee802c18beed14dd083f81d736477e6a350555b0f9b5decfd104fc22272cfb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"faf31-5b346430308a9"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1027889
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Veranstaltungen.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Veranstaltungen/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Veranstaltungen/Veranstaltungen.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
04ed4f3e0574e5414d72f2aac693546e09547c45df723d4ab8e99c456ae74cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"142a73-5b3464302d9c9"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1321587
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
1562682748148.png
www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_d52c/image.img.png/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_d52c/image.img.png/1562682748148.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
ee8dbb9cdc681a84331feb5a420ddf98b6727ee5c95ddb8595fac400d6ca2679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"210b6-5b34643040e62"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
135350
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
1558524986798.png
www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_1624/image.img.png/ 		203 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/bankaustriafinanzservice/startsite/_jcr_content/content-parsys/text_image_1624/image.img.png/1558524986798.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
1f9c7a20b13069296e3d2c67514ece9b94577edd47b4c4b2945aae49f43fbd53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"32a41-5b3464303d3ca"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
207425
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Quicklink%20Ansprechpartner.png
www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/BannerBilder_generell/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/img/Startseite/BannerBilder_generell/Quicklink%20Ansprechpartner.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
c8936b037d497a35d33c0f288ecff8430f408065136ad99fbf493bf5b613b1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:17 GMT
ETag
"11ad7a-5b3464307851e"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
1158522
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
BA-finanzservice_ucg_white.png
www.baf.at/content/dam/bankaustriafinanzservice/logo/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/content/dam/bankaustriafinanzservice/logo/BA-finanzservice_ucg_white.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
618fafb1ebf1505a8a612329ef2001259ce32bb27782e11a442efae57dc17fa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:17 GMT
ETag
"4b00-5b3464307e2de"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=84
Content-Length
19200
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflXTeNG3/ 		97 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflXTeNG3/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b830c085fb99c91fd115b75a12fff42954712cdce2b83242a6beba584d9b9735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Mon, 02 Nov 2020 17:22:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166613
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35830
x-xss-protection
0
last-modified
Mon, 02 Nov 2020 15:39:41 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Tue, 10 Nov 2020 17:22:56 GMT
menu-nav-sidebar-big.png
www.baf.at/etc/designs/baf/img/static/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/etc/designs/baf/img/static/menu-nav-sidebar-big.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
1ef9af68d04b3a7286cf2300408ca31f2f4a3ef5ec9305a62159dbb51b282edd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"41e-5b34642fa36d0"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
1054
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
UC-Global-7.woff
www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/UC-Global-7.woff
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
73a8b3b0d016ad8e9d01dce9fd7ad20f01cdfced1a43df25619a9adf83dea7ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.baf.at
Referer
https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"e004-5b34642f9f850"
Strict-Transport-Security
max-age=31536000; preload
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
57348
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
unicredit-regular.otf
www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/unicredit-regular.otf
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.baf.at
Referer
https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"186c0-5b34642fa1f60"
Strict-Transport-Security
max-age=31536000; preload
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
100032
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
recaptcha__de_at.js
www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/ 		346 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4lbq4vBYAu25DMtzZ7GGbfAF/recaptcha__de_at.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=de-AT&onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ee11452424372407039b14db82084f41049670ddbd273c8ab4284f4acee50ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.baf.at
Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 06:43:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464188
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139070
x-xss-protection
0
last-modified
Mon, 26 Oct 2020 04:07:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Oct 2021 06:43:21 GMT
ucg_swiper_arrows.png
www.baf.at/etc/designs/baf/img/static/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/etc/designs/baf/img/static/ucg_swiper_arrows.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/page/home.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
466e16725c3b586d278ec5c6968e092fb0201ef4c4c853e58b52089b70bd7562
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/etc/designs/baf/clientlibs/page/home.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"641-5b34642fd579b"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1601
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
blue_arrow_right_sm.png
www.baf.at/etc/designs/baf/img/static/ 		323 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/etc/designs/baf/img/static/blue_arrow_right_sm.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/page/home.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
5ef9524c8e7253767e8bb44703296d3611f8fa3bbe3c98be1ea5805a63768acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/etc/designs/baf/clientlibs/page/home.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:17 GMT
ETag
"143-5b3464307db0e"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
323
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
select-arrow-little-down.png
www.baf.at/etc/designs/baf/img/static/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.baf.at/etc/designs/baf/img/static/select-arrow-little-down.png
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/page/home.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
a87607dcc5b97d8213ecd734756936de81f55ec82ada93a506e1f97618a835b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/etc/designs/baf/clientlibs/page/home.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:17 GMT
ETag
"457-5b3464308dcdf"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=83
Content-Length
1111
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
unicredit-light.otf
www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/ 		102 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/unicredit-light.otf
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.baf.at
Referer
https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"19930-5b34642fc07aa"
Strict-Transport-Security
max-age=31536000; preload
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
104752
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
unicredit-bold.otf
www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/ 		111 KB
111 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/unicredit-bold.otf
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
20a3034e905881e96faa0cff71897a83ea1ec9c2e8e87bead74ec6e292e81f92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.baf.at
Referer
https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"1bc48-5b34642fc4dfa"
Strict-Transport-Security
max-age=31536000; preload
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
113736
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
unicredit-medium.otf
www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/ 		114 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/general/css/fonts/unicredit-medium.otf
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.baf.at
Referer
https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"1c9fc-5b34642fc944b"
Strict-Transport-Security
max-age=31536000; preload
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
117244
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
id
dpm.demdex.net/ 		373 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=1D174673527859600A490D45%40AdobeOrg&d_nsid=0&ts=1604504389145
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/sitecatalyst/AppMeasurement.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-43-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c00f49b15a06b962f323c20bb3b4f9c7ed87f7e48759bd003c449fa76da7d739
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v085-09e85d23a.edge-irl1.demdex.com 5.79.0.20201028125013 2ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
T8IYM7uyT0c=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.baf.at
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 GMT
baf.cookieaccept.do
www.baf.at/ 		24 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/baf.cookieaccept.do?checkCookie=true
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
61971ce9cb5459c55aeb7da376959559e741aaf3b02f53c6fc7cabddf5362e59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.baf.at/startsite.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; preload
Content-Language
en-US
Connection
Keep-Alive
Content-Type
application/json; charset=UTF-8
Keep-Alive
timeout=5, max=99
Content-Length
24
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
link_list_dfd8.json
www.baf.at/content/bankaustriafinanzservice/startsite/jcr:content/content-parsys/ 		386 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/content/bankaustriafinanzservice/startsite/jcr:content/content-parsys/link_list_dfd8.json
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
daa53a0b9b76f9febfb5c0404f494163dca32eb95a966d0be1fcd96157c1e69e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.baf.at/startsite.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"182-5b34642fe690d"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/json
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
386
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
dest5.html
unicreditgroup.demdex.net/ Frame 170F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://unicreditgroup.demdex.net/dest5.html?d_nsid=undefined
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/sitecatalyst/AppMeasurement.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-43-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
unicreditgroup.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.baf.at/startsite.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=78928480429789870784029263756023406116
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer
https://www.baf.at/startsite.html

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Wed, 4 Nov 2020 15:39:49 GMT
DCS
dcs-prod-irl1-1-v001-099066729.edge-irl1.demdex.com 6.1.0.20201103150547-PR_1432-SNAPSHOT
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 8 Oct 2020 16:23:57 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
FKH5HZ1NQyo=
transfer-encoding
chunked
Connection
keep-alive
ibs:dpid=411&dpuuid=X6LLRQAAALBElhXj
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=78928480429789870784029263756023406116
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X6LLRQAAALBElhXj
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X6LLRQAAALBElhXj
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.43.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-43-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v085-0f613c669.edge-irl1.demdex.com 5.79.0.20201028125013 1ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
Mastib8DTJ0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X6LLRQAAALBElhXj
Date
Wed, 04 Nov 2020 15:39:49 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s53604760501344
unicreditbankaustria.d3.sc.omtrdc.net/b/ss/baca-bafportal/1/JS-2.9.0/ 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unicreditbankaustria.d3.sc.omtrdc.net/b/ss/baca-bafportal/1/JS-2.9.0/s53604760501344?AQB=1&ndh=1&pf=1&t=4%2F10%2F2020%2016%3A39%3A49%203%20-60&mid=70252724008020338414259593211782030035&aamlh=6&ce=UTF-8&pageName=baf%3Astartsite&g=https%3A%2F%2Fwww.baf.at%2Fstartsite.html&c.&channelmanagerBB_switch=del&rwd.&renderedExp=desktop&screenSize=1600x1200&screenFormat=Landscape&.rwd&.c&cc=EUR&ch=startsite&server=baf&events=event20&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=baf&c2=D%3Dv2&v2=baf%3Astartsite&c3=D%3Dv3&v3=baf%3Astartsite&c4=D%3Dv4&v4=baf%3Astartsite&c5=D%3Dv5&v5=baf%3Astartsite&v6=at&c7=D%3DpageName&v7=D%3DpageName&c8=D%3Dg&v8=D%3Dg&c14=D%3Dv14&v14=New&c29=D%3Dv29&v29=4%3A39PM%7CWednesday&v30=25062019&v34=No%20referrer&v37=Direct&v38=Direct&v39=D%3Dv35&v41=70252724008020338414259593211782030035&v45=austria&c71=D%3Dv71&v71=desktop%7CLandscape%7C1600x1200&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=1D174673527859600A490D45%40AdobeOrg&AQE=1
Requested by
Host: www.baf.at
URL: https://www.baf.at/startsite.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.baf.at/startsite.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 15:39:49 GMT
x-content-type-options
nosniff
x-c
master-1404.I1e61f9.M0-468
p3p
CP="This is not a P3P policy"
status
200
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 05 Nov 2020 15:39:49 GMT
server
jag
xserver
anedge-f7bfdfcfd-mm5kj
etag
3445646938607026176-4621721414492001125
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 03 Nov 2020 15:39:49 GMT
baf.linklist.do
www.baf.at/ 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/baf.linklist.do?action=attachment&path=%2Fcontent%2Fdam%2Fbankaustriafinanzservice%2Fdoc%2Fhandbuecher%2FVertrieb.pdf&keywords=&_=1604504389054
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.baf.at/startsite.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; preload
Content-Language
en-US
Connection
Keep-Alive
Content-Type
application/json; charset=UTF-8
Keep-Alive
timeout=5, max=98
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
glyphicons-halflings-regular.woff2
www.baf.at/etc/designs/baf/clientlibs/general/plugin/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/etc/designs/baf/clientlibs/general/plugin/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.baf.at
Referer
https://www.baf.at/etc/designs/baf/clientlibs/general.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 04 Nov 2020 11:27:16 GMT
ETag
"466c-5b3464301ff08"
Strict-Transport-Security
max-age=31536000; preload
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18028
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
baf.sessioncheck.do
www.baf.at/ 		76 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.baf.at/baf.sessioncheck.do?
Requested by
Host: www.baf.at
URL: https://www.baf.at/etc/designs/baf/clientlibs/general.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.149.233.198 , Italy, ASN15515 (UNICREDIT-AS-VR-IT Via Alessandro Specchi 16, IT),
Reverse DNS
www.baf.at.gtm.unicreditgroup.eu
Software
/
Resource Hash
bebd3f6a1429adf42e3cd79955898dfc7fc4b2ff3af5063df2eab131bf7cb441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.baf.at/startsite.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date
Wed, 04 Nov 2020 15:39:50 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; preload
Content-Language
en-US
Connection
Keep-Alive
Content-Type
application/json; charset=UTF-8
Keep-Alive
timeout=5, max=82
Content-Length
76
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| Swiper object| Base64 undefined| navigationFlag function| isBreakpoint function| $ object| headerUBISManager object| sidebarUBISManager function| clickPlay function| setVideoModalPosition function| onPlayerReady function| onPlayerStateChange function| resetVideoPlayerEvent function| SwiperIDangerous function| jQuery boolean| mCustomScrollbar object| jQuery112403392271039932002 function| moment object| doT function| CanvasLoader object| BAF function| changeEmailToLowercase function| checkRepeatedPassword function| checkIfTheSame function| onloadCallback object| _allRecaptchaOnPage object| _recaptcha function| showLoginForm function| logout function| getRemainingTime function| resizeLoginUserSection function| checkSession function| imageGalleryFix object| YT object| YTConfig function| onYTReady object| visitor function| AppMeasurement_Module_ActivityMap object| sc_rsuitemap string| s_account_v object| s function| s_doPlugins function| debounce function| jQueryIsAvailable function| CMConfiguration function| get_tld function| AppMeasurement function| s_gi function| s_pgicq function| Visitor object| s_c_il number| s_c_in function| smartresize number| s_objectID number| s_giq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| _templateName string| _mode object| $input object| $searchButton object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| recaptcha object| cm object| s_i_baca-bafportal

11 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 78928480429789870784029263756023406116
.baf.at/ Name: s_nr
Value: 1604504389419-New
.baf.at/ Name: channel_stack
Value: %5B%5B%27Direct%27%2C%271604504389418%27%5D%5D
www.baf.at/ Name: TS01372e67
Value: 01117f0e617be63ee36c23b99eff5ce6d6b3cedb4ef8d3c3ef80eae424fe77b8069fb295a23405e6968bc08887af2aecbb0ae3127843d289be3aa524f0bcfba3b3efbba83a
.baf.at/ Name: gvsC
Value: 1
.baf.at/ Name: AMCV_1D174673527859600A490D45%40AdobeOrg
Value: -330454231%7CMCMID%7C70252724008020338414259593211782030035%7CMCAAMLH-1605109189%7C6%7CMCAAMB-1605109189%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1604511589s%7CNONE%7CMCSYNCSOP%7C411-18578%7CvVersion%7C3.1.2
.baf.at/ Name: s_pv10
Value: baf%3Astartsite
.baf.at/ Name: channel
Value: Direct
.baf.at/ Name: s_cc
Value: true
.baf.at/ Name: AMCVS_1D174673527859600A490D45%40AdobeOrg
Value: 1
www.baf.at/ Name: renderid
Value: rend8013

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bacaf-financecenter.com
cm.everesttech.net
dpm.demdex.net
s.ytimg.com
unicreditbankaustria.d3.sc.omtrdc.net
unicreditgroup.demdex.net
www.baf.at
www.google.com
www.gstatic.com
www.youtube.com
15.237.76.117
193.193.173.53
194.149.233.198
2a00:1450:4001:801::200e
2a00:1450:4001:814::2003
2a00:1450:4001:817::2004
2a00:1450:4001:825::200e
52.210.43.143
99.81.11.244
02a8ce7a5fa35bb75a67567e4569691b907f1eac8dcb9a0f5823eb8313691e4f
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
04ed4f3e0574e5414d72f2aac693546e09547c45df723d4ab8e99c456ae74cbc
0a9be835224e57c50915363f03ac298c44b8f6e126059bb3bddf8233f1999469
0fd9aaf1427628100ea195678a018d40411da9e277e31d49fda84f71dd05b5af
1ef9af68d04b3a7286cf2300408ca31f2f4a3ef5ec9305a62159dbb51b282edd
1f9c7a20b13069296e3d2c67514ece9b94577edd47b4c4b2945aae49f43fbd53
20a3034e905881e96faa0cff71897a83ea1ec9c2e8e87bead74ec6e292e81f92
22c367870ba1d7537ab699a35715b473a5aad5153c8a014a581b0cf73d293243
25ab5fb241309ec3c90365f0b1381f85a6224c7cffadc407e63ed6c31b703e47
2ee11452424372407039b14db82084f41049670ddbd273c8ab4284f4acee50ad
316eeb638198054ea87b4a36117722d5fdd5d4676a47d337be42dec01d9a93ba
466e16725c3b586d278ec5c6968e092fb0201ef4c4c853e58b52089b70bd7562
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
59a1c7b6837901fccf8193d0ca710348c6fec6ceb7e8c49eec0789743a0da673
59ca9f3e2cc9bca73c17c5cd4de253bf1fc9ad99b5fed005cbc8fb1eb0706792
5ee802c18beed14dd083f81d736477e6a350555b0f9b5decfd104fc22272cfb3
5ef9524c8e7253767e8bb44703296d3611f8fa3bbe3c98be1ea5805a63768acc
618fafb1ebf1505a8a612329ef2001259ce32bb27782e11a442efae57dc17fa2
61971ce9cb5459c55aeb7da376959559e741aaf3b02f53c6fc7cabddf5362e59
68ba5f290257aaf9425e4e0ecaf3c285078226fcfa03ed96217120564ff7efa6
6a564b06b86bdd35fbb07865accd592f63d7e8e75c7232b51c3cc3a0b3f35f5b
6daa3d169e22077c51281727497cb88d9c47004c3270f933af477081a335175a
7026675e3692aece6d6b68152428565ac622f941576a2a44ae68c103f0b86b1e
705e285ea9581ca681dd5f1eb2f421ebb889f5aac3b5567490b159aad097e54e
70ac6b549b4ffa6fa5e175df802e41a4b93a90790ea60b3216fdb6a6a7ccd10e
73a8b3b0d016ad8e9d01dce9fd7ad20f01cdfced1a43df25619a9adf83dea7ec
7882b1fe56ec16311aed154afc1578601c4fad824da307100cbd641b35bec919
7fd99b176e6bd80f03d013d3a4f768b0773e9b613362b4aee58f55175947afb0
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
9b4600cdb924d8662677b2a50542008d4298defa34f665a7aef5ec8c09654662
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a366c5564ae93fa942bd38115d76f7608a1f36a67fb69243f232c62431ff2b0c
a87607dcc5b97d8213ecd734756936de81f55ec82ada93a506e1f97618a835b0
ae34079bf8423827f1e8eefaa0a5e7e06395e729c7676e884b1028bff958a343
b3ff1e90da9e44968b8e6e7a523f7930c266d53a884d12f4138f7159177dcbeb
b4067550f46a3cfeca64cff54b472e4c692db4946f7ddc1ceff21c82aa2da1e1
b830c085fb99c91fd115b75a12fff42954712cdce2b83242a6beba584d9b9735
bebd3f6a1429adf42e3cd79955898dfc7fc4b2ff3af5063df2eab131bf7cb441
c00f49b15a06b962f323c20bb3b4f9c7ed87f7e48759bd003c449fa76da7d739
c189626e5f00259356650bf5b0f3f4df98343fe209a72fb99966136f639f309a
c873b7b2549a2334f921ed5f853cc249b0a75bcccef82e6c1a5b8bb64b560e19
c8936b037d497a35d33c0f288ecff8430f408065136ad99fbf493bf5b613b1c5
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
d4b4a550158490c2fa7a1e7e3beed7d831d44b15a922129311a157ecc33050fc
daa53a0b9b76f9febfb5c0404f494163dca32eb95a966d0be1fcd96157c1e69e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee8dbb9cdc681a84331feb5a420ddf98b6727ee5c95ddb8595fac400d6ca2679
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efedc973a1381bfb45e2bb5449f3bd296def7d7dd2fc6e6ee4e3309f10b83649
fa46212ac2a8e7b169e20b55e4368daf97a568412dc4c060fcfad847c846f03d
ffbeae46e9eac9e7fa00502e87562af23a96dc5ae305806c82f063188a508520