Submitted URL: https://www.banking.qa2.dkb.de/
Effective URL: https://banking.qa2.dkb.de/
Submission: On December 22 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 30 HTTP transactions. The main IP is 2a02:cb40:300::10f, located in Germany and belongs to SOPRADO-ANY SOPRADO GmbH, DE. The main domain is banking.qa2.dkb.de.
TLS certificate: Issued by DKB CA 1O1 on November 18th 2024. Valid for: a year.
This is the only time banking.qa2.dkb.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 2a02:cb40:300... 20546 (SOPRADO-A...)
3 2a00:1450:400... 15169 (GOOGLE)
2 192.229.233.55 15133 (EDGECAST)
2 4 2a02:cb40:200... 20546 (SOPRADO-A...)
2 2 35.181.29.184 16509 (AMAZON-02)
2 2a02:cb40:200... 20546 (SOPRADO-A...)
30 5
Apex Domain
Subdomains
Transfer
28 dkb.de
www.banking.qa2.dkb.de
banking.qa2.dkb.de
cax.dkb.de
execution-ci360.test.infos.dkb.de
2 MB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
88 KB
2 commander1.com
trust-phoenix.commander1.com
1 KB
2 trustcommander.net
cdn.trustcommander.net — Cisco Umbrella Rank: 43630
154 KB
30 4
Domain Requested by
21 banking.qa2.dkb.de banking.qa2.dkb.de
4 cax.dkb.de 2 redirects
3 www.googletagmanager.com banking.qa2.dkb.de
2 execution-ci360.test.infos.dkb.de www.googletagmanager.com
execution-ci360.test.infos.dkb.de
2 trust-phoenix.commander1.com 2 redirects
2 cdn.trustcommander.net www.googletagmanager.com
cdn.trustcommander.net
1 www.banking.qa2.dkb.de 1 redirects
30 7

This site contains links to these domains. Also see Links.

Domain
www.dkb.de
treuhand.dkb.de
Subject Issuer Validity Valid
banking.qa2.dkb.de
DKB CA 1O1
2024-11-18 -
2025-11-17
a year crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
cdn.tagcommander.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-23 -
2025-03-25
a year crt.sh
execution-ci360.test.infos.dkb.de
DKB CA 1O1
2024-07-10 -
2025-08-07
a year crt.sh

This page contains 3 frames:

Primary Page: https://banking.qa2.dkb.de/
Frame ID: 01BAD85AA8E2C6CD1C6E559CC88A5073
Requests: 28 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-52JSRZQP
Frame ID: A76BB3F0C216DC73D7E05C913FDB0ADE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.trustcommander.net/privacy-center/default/modern/index.html
Frame ID: 731DB64EA848E0B5159C07EAD44A531A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

DKB Banking

Page URL History Show full URLs

  1. https://www.banking.qa2.dkb.de/ HTTP 301
    https://banking.qa2.dkb.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

30
Requests

93 %
HTTPS

67 %
IPv6

4
Domains

7
Subdomains

5
IPs

3
Countries

2422 kB
Transfer

7958 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.banking.qa2.dkb.de/ HTTP 301
    https://banking.qa2.dkb.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://cax.dkb.de/trust/privacy-consent/ HTTP 307
  • https://trust-phoenix.commander1.com/trust/privacy-consent/?tc_first=cax.dkb.de HTTP 307
  • https://cax.dkb.de/trust/privacy-consent/?tc_id=202412221121498257047472&tc_first=cax.dkb.de
Request Chain 27
  • https://cax.dkb.de/trust/privacy-consent/ HTTP 307
  • https://trust-phoenix.commander1.com/trust/privacy-consent/?tc_first=cax.dkb.de HTTP 307
  • https://cax.dkb.de/trust/privacy-consent/?tc_id=202412221121491523511115&tc_first=cax.dkb.de

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
banking.qa2.dkb.de/
Redirect Chain
  • https://www.banking.qa2.dkb.de/
  • https://banking.qa2.dkb.de/
2 KB
2 KB
Document
General
Full URL
https://banking.qa2.dkb.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
3106c6996cef6031faa89a46d1635bbe58881f22e5cab3beb23f84aba43f4a25
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 22 Dec 2024 10:21:47 GMT
etag
W/"9a1-s0CAU1WxylLgxQ1/DCglFeJ7fqk"
expires
Sun, 22 Dec 2024 10:21:47 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
server
myracloud
strict-transport-security
max-age=15811200
vary
origin, accept-encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0

Redirect headers

content-length
161
content-type
text/html
date
Sun, 22 Dec 2024 10:21:47 GMT
location
https://banking.qa2.dkb.de
server
myracloud
strict-transport-security
max-age=15811200
index-Ca7DN_Ma.js
banking.qa2.dkb.de/assets/
2 KB
1 KB
Script
General
Full URL
https://banking.qa2.dkb.de/assets/index-Ca7DN_Ma.js
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
e1e44e868c380d01674497f44a66dca19afc89195aa33dc99d2a12a275e20462
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

content-encoding
gzip
etag
W/"7e0-193dfacd450"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:07:46 GMT
content-type
application/javascript; charset=UTF-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
bootstrap-BqTlY76d.js
banking.qa2.dkb.de/assets/
6 MB
2 MB
Script
General
Full URL
https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/index-Ca7DN_Ma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
628e8248c16c6f73a164c0427613c0a790f9705afa3a6ae899ca2d922575d728
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

content-encoding
gzip
etag
W/"602cfb-193dfaccc80"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:07:44 GMT
content-type
application/javascript; charset=UTF-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
__federation_shared_react-xoJ64Y1K.js
banking.qa2.dkb.de/assets/
7 KB
3 KB
Script
General
Full URL
https://banking.qa2.dkb.de/assets/__federation_shared_react-xoJ64Y1K.js
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/index-Ca7DN_Ma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
62547b2e302bfab95756de9714a62a254d236d2d99fef85805c1b635798308dc
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

content-encoding
gzip
etag
W/"1d01-193dfaccc80"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:07:44 GMT
content-type
application/javascript; charset=UTF-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
__federation_shared_react-dom-BkrPCji_.js
banking.qa2.dkb.de/assets/
131 KB
46 KB
Script
General
Full URL
https://banking.qa2.dkb.de/assets/__federation_shared_react-dom-BkrPCji_.js
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/index-Ca7DN_Ma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
6959fc951c65d5189ba474541c1d89c86522d57e1de682db6c96b3cff865af2e
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

content-encoding
gzip
etag
W/"20b54-193dfacc898"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:07:43 GMT
content-type
application/javascript; charset=UTF-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
bootstrap-31GOLkKt.css
banking.qa2.dkb.de/assets/
299 KB
33 KB
Stylesheet
General
Full URL
https://banking.qa2.dkb.de/assets/bootstrap-31GOLkKt.css
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/index-Ca7DN_Ma.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
12c81b1054107e0661a6591af58d9f2fdbfd0ef915a6d2ae3e6ef8d2e4da9ea8
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

content-encoding
gzip
etag
W/"4ad9e-193dfa60238"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:00:19 GMT
content-type
text/css; charset=UTF-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
dkb-logo.svg
banking.qa2.dkb.de/assets/
904 B
924 B
Other
General
Full URL
https://banking.qa2.dkb.de/assets/dkb-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
8c282992f91c5bd6e477d4d63e29cb2a5930337b0a6b21a054d0ba6cb3043972
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"388-193dfa5c3b8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:00:03 GMT
content-type
image/svg+xml
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
favicon.ico
banking.qa2.dkb.de/assets/
236 KB
237 KB
Other
General
Full URL
https://banking.qa2.dkb.de/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b3e982ffba0784b0d1cc5541ce7f272b4a8a6540baab2a29880fb9295e6c741d
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
W/"3b1de-193dfa5c3b8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:00:03 GMT
content-type
image/x-icon
vary
origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
accept-ranges
bytes
content-length
242142
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
gtm.js
www.googletagmanager.com/
264 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52JSRZQP
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41f89b0587e91c282099fb724004f6d370e5c03d436c07c5531b0916b1d5628a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 22 Dec 2024 10:21:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 22 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89161
x-xss-protection
0
server
Google Tag Manager
feature-flags
banking.qa2.dkb.de/api/cms/
5 KB
3 KB
XHR
General
Full URL
https://banking.qa2.dkb.de/api/cms/feature-flags
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
ae7b6808dbed0695101f369ded573d20b3596d1660b46c664a502e4ca9c410cf
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-xsrf-token
41d6bfe5-3c20-4930-8355-f1e21c07cddd
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/vnd.api+json

Response headers

content-encoding
gzip
etag
W/"12a4-zTQtmhAppJuWrOU/GfINHL7G1dg"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 10:21:49 GMT
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=0
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
maintenance-pages
banking.qa2.dkb.de/api/cms/
11 B
765 B
XHR
General
Full URL
https://banking.qa2.dkb.de/api/cms/maintenance-pages
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-xsrf-token
41d6bfe5-3c20-4930-8355-f1e21c07cddd
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/vnd.api+json

Response headers

content-encoding
gzip
etag
W/"b-EFAlOux7Kcr/ZEgGkn2r+oFAbu4"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 10:21:49 GMT
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=0
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
refresh
banking.qa2.dkb.de/api/
33 B
740 B
XHR
General
Full URL
https://banking.qa2.dkb.de/api/refresh
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
798add727e3a38c5075b6d87a8dc2737a07fc245ae62ca598fe5803c87347105
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-xsrf-token
41d6bfe5-3c20-4930-8355-f1e21c07cddd
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/x-www-form-urlencoded

Response headers

etag
W/"21-wJbG6l4abAlMCIsbbEdJjwGGFE4"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 10:21:49 GMT
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
application/json; charset=utf-8
vary
origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=0
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
content-length
33
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
critical-communications
banking.qa2.dkb.de/api/cms/
11 B
762 B
XHR
General
Full URL
https://banking.qa2.dkb.de/api/cms/critical-communications
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-xsrf-token
41d6bfe5-3c20-4930-8355-f1e21c07cddd
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/vnd.api+json

Response headers

content-encoding
gzip
etag
W/"b-EFAlOux7Kcr/ZEgGkn2r+oFAbu4"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 10:21:49 GMT
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
application/json; charset=utf-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=0
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
client
banking.qa2.dkb.de/api/metrics/
175 KB
67 KB
Script
General
Full URL
https://banking.qa2.dkb.de/api/metrics/client?apiKey=OK4v1cJ9BvC8ZJ8F6LmA&version=3&loaderVersion=3.11.2
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
07c2a9f5ebdf030a76c2ee8d33271abcddcda8e5bf0134f942861f16215554fe
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"5oEIrE+rM9SR0AwFzG9mx2h1DCk"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:49 GMT
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
nxMDOzuSqDudMu0D_WH-hRLf2lbkGuk6_QjlKVjzc0aHCw0qv64_hA==
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
x-amz-cf-pop
FRA56-P8
server
myracloud
ns.html
www.googletagmanager.com/ Frame A76B
0
0
Document
General
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-52JSRZQP
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
cross-origin-resource-policy
cross-origin
date
Sun, 22 Dec 2024 10:21:49 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],}
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
privacy_v2_48.js
cdn.trustcommander.net/privacy/4898/
254 KB
154 KB
Script
General
Full URL
https://cdn.trustcommander.net/privacy/4898/privacy_v2_48.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52JSRZQP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
fa039dfb96777e704a15e0f48835c5c09b69679aa3d8f1804478e683e69c0a78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age
31536000
content-encoding
gzip
etag
"194d19d8dea91998fc2f55bac1b8652c+gzip"
age
29407
access-control-allow-methods
HEAD, GET
x-cache
HIT
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 10:52:04 GMT
vary
Accept-Encoding
x-amz-id-2
F4htlHnnyIVpaZNam8hYJpnY1bdFV1dIQFwLVQDBSK2aq5wdUkegK/er9JeQbugXIskAWlYJLww=
cache-control
max-age=86400, must-revalidate
x-cdn
edgio
x-amz-request-id
ECB0KJ2YN2WYJK4V
access-control-allow-origin
*
content-length
157284
server
ECS (frb/6738)
td
www.googletagmanager.com/
0
341 B
Image
General
Full URL
https://www.googletagmanager.com/td?id=GTM-52JSRZQP&v=3&t=t&pid=1879367264&dl=banking.qa2.dkb.de%2F&tdp=GTM-52JSRZQP;176010522;0;0;0&frm=0&rtg=176010522&slo=4&hlo=0&lst=2&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
text/plain
server
Golfe2
session
banking.qa2.dkb.de/api/
0
0
Fetch
General
Full URL
https://banking.qa2.dkb.de/api/session
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15811200
x-dns-prefetch-control
off
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
referrer-policy
no-referrer
x-download-options
noopen
date
Sun, 22 Dec 2024 10:21:49 GMT
x-xss-protection
0
origin-agent-cluster
?1
vary
origin
server
myracloud
x-frame-options
SAMEORIGIN
DKBEuclid-Semibold-WebXL--wxowF2P.woff2
banking.qa2.dkb.de/assets/
38 KB
38 KB
Font
General
Full URL
https://banking.qa2.dkb.de/assets/DKBEuclid-Semibold-WebXL--wxowF2P.woff2
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-31GOLkKt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
cc785cdd4278b3c1f7b82cb0d88e02102384df793010b1b2d16fc05da26205f8
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

etag
W/"962c-193dfa60238"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:49 GMT
date
Sun, 22 Dec 2024 10:21:49 GMT
last-modified
Thu, 19 Dec 2024 16:00:19 GMT
content-type
font/woff2
vary
origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
DKBEuclid-Regular-WebXL-Cr8achUI.woff2
banking.qa2.dkb.de/assets/
37 KB
37 KB
Font
General
Full URL
https://banking.qa2.dkb.de/assets/DKBEuclid-Regular-WebXL-Cr8achUI.woff2
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-31GOLkKt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
5e4db856f6171b37d6c7d2799dc800fc42417bd565fcc7645115e69f5fdb7568
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

etag
W/"93bc-193dfa60238"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:49 GMT
date
Sun, 22 Dec 2024 10:21:49 GMT
last-modified
Thu, 19 Dec 2024 16:00:19 GMT
content-type
font/woff2
vary
origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
DKBEuclid-Medium-WebXL-CFf-EpHt.woff2
banking.qa2.dkb.de/assets/
37 KB
38 KB
Font
General
Full URL
https://banking.qa2.dkb.de/assets/DKBEuclid-Medium-WebXL-CFf-EpHt.woff2
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-31GOLkKt.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
f9b700512a8764c21a2c5d4e83cf96ec7d113045fc36d240c4c32bdbe1925f66
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

etag
W/"94e0-193dfa60238"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:49 GMT
date
Sun, 22 Dec 2024 10:21:49 GMT
last-modified
Thu, 19 Dec 2024 16:00:19 GMT
content-type
font/woff2
vary
origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
show-password-B-95EUH4.js
banking.qa2.dkb.de/assets/
6 KB
3 KB
Script
General
Full URL
https://banking.qa2.dkb.de/assets/show-password-B-95EUH4.js
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/assets/bootstrap-BqTlY76d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
df2b42653a800f46cf32aed4aa8e764a1cff95e6db7b09261d2fb2bbdf5b300a
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://banking.qa2.dkb.de
Referer

Response headers

content-encoding
gzip
etag
W/"1714-193dfaccc80"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:49 GMT
date
Sun, 22 Dec 2024 10:21:49 GMT
last-modified
Thu, 19 Dec 2024 16:07:44 GMT
content-type
application/javascript; charset=UTF-8
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
dkb-logo.svg
banking.qa2.dkb.de/assets/
904 B
0
Other
General
Full URL
https://banking.qa2.dkb.de/assets/dkb-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
8c282992f91c5bd6e477d4d63e29cb2a5930337b0a6b21a054d0ba6cb3043972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"388-193dfa5c3b8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:00:03 GMT
content-type
image/svg+xml
vary
origin, accept-encoding
x-frame-options
SAMEORIGIN
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
favicon.ico
banking.qa2.dkb.de/assets/
236 KB
0
Other
General
Full URL
https://banking.qa2.dkb.de/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b3e982ffba0784b0d1cc5541ce7f272b4a8a6540baab2a29880fb9295e6c741d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

etag
W/"3b1de-193dfa5c3b8"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:47 GMT
date
Sun, 22 Dec 2024 10:21:47 GMT
last-modified
Thu, 19 Dec 2024 16:00:03 GMT
content-type
image/x-icon
vary
origin
x-frame-options
SAMEORIGIN
cache-control
max-age=3600
x-dns-prefetch-control
off
referrer-policy
no-referrer
x-download-options
noopen
accept-ranges
bytes
content-length
242142
x-xss-protection
0
origin-agent-cluster
?1
server
myracloud
oWc
banking.qa2.dkb.de/api/metrics/client/6NWQcx2/n2lOT/
2 KB
2 KB
XHR
General
Full URL
https://banking.qa2.dkb.de/api/metrics/client/6NWQcx2/n2lOT/oWc?q=OK4v1cJ9BvC8ZJ8F6LmA
Requested by
Host: banking.qa2.dkb.de
URL: https://banking.qa2.dkb.de/api/metrics/client?apiKey=OK4v1cJ9BvC8ZJ8F6LmA&version=3&loaderVersion=3.11.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:300::10f , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
bf6e56606c9c49c84cf090ba41fd528af745203493480c1ab00dc754c8ee9920
Security Headers
Name Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
W/"F73G0GG3gMpeI0pBMNZHQuUIeuI"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Sun, 22 Dec 2024 11:21:49 GMT
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
cMy44XaKAHlpHRV8NjVdwNkBQmcgdWorWaX2GMiSHM9oxJSuJbnmeQ==
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15811200
cache-control
max-age=3600
x-dns-prefetch-control
off
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
x-amz-cf-pop
FRA56-P8
server
myracloud
/
cax.dkb.de/trust/privacy-consent/
Redirect Chain
  • https://cax.dkb.de/trust/privacy-consent/
  • https://trust-phoenix.commander1.com/trust/privacy-consent/?tc_first=cax.dkb.de
  • https://cax.dkb.de/trust/privacy-consent/?tc_id=202412221121498257047472&tc_first=cax.dkb.de
43 B
498 B
Ping
General
Full URL
https://cax.dkb.de/trust/privacy-consent/?tc_id=202412221121498257047472&tc_first=cax.dkb.de
Protocol
H2
Server
2a02:cb40:200::471 , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15811200

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15811200
cache-control
private, max-age=486000, pre-check=486000
pragma
private
access-control-allow-credentials
true
expires
Sat, 22 Mar 2025 10:21:49 GMT
access-control-allow-origin
null
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
image/gif
vary
origin
server
myracloud
access-control-allow-headers
Content-Type

Redirect headers

location
https://cax.dkb.de/trust/privacy-consent/?tc_id=202412221121498257047472&tc_first=cax.dkb.de
access-control-allow-credentials
true
access-control-allow-origin
null
content-length
121
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Origin
access-control-allow-headers
Content-Type
ot-api.min.js
execution-ci360.test.infos.dkb.de/js/
70 KB
22 KB
Script
General
Full URL
https://execution-ci360.test.infos.dkb.de/js/ot-api.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52JSRZQP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::2f6 , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
49ddadc9b09cb04c8de637b957e6795e1b101d9d52636d6e66c059e699f07636
Security Headers
Name Value
Strict-Transport-Security max-age=15811200

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15811200
cache-control
max-age=1800
sas-service-response-flag
true
content-encoding
gzip
etag
"myra-9de20df8"
access-control-allow-credentials
true
expires
Sun, 22 Dec 2024 10:51:49 GMT
access-control-allow-origin
*
x-amz-cf-id
PeoO67rTz4wHI40KViQsOBfpUrWyUdRtswoeQgJaT-HyS90dm_yCdw==
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
application/javascript;charset=UTF-8
content-disposition
inline;filename=f.txt
server
myracloud
x-amz-cf-pop
FRA56-P9
vary
accept-encoding
1d5887bbb700011b516d9a7a
execution-ci360.test.infos.dkb.de/t/s/c/
0
716 B
XHR
General
Full URL
https://execution-ci360.test.infos.dkb.de/t/s/c/1d5887bbb700011b516d9a7a?domain=banking.qa2.dkb.de&p=%2Flogin&params=&page_title=DKB%20Banking&referrer=&uri=https%3A%2F%2Fbanking.qa2.dkb.de%2Flogin&cts=1734862909427&tzo=-60&platform=Linux%20x86_64&port=&protocol=https&screen_info=1600x1200@24&browser_language=de-DE&character_set=UTF-8&csz=71020&bsz=1600x1200&tab_id=56076124715&java_enabled=false&flash_enabled=false
Requested by
Host: execution-ci360.test.infos.dkb.de
URL: https://execution-ci360.test.infos.dkb.de/js/ot-api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:cb40:200::2f6 , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15811200

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15811200
sas-service-response-flag
true
access-control-allow-credentials
true
via
1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
access-control-allow-origin
https://banking.qa2.dkb.de
x-cache
Miss from cloudfront
x-amz-cf-id
Ms0CxULPqiOaevtjk9lDGvht4-rDtnLcGOl4Y6VMPLoEMQLi3dBTsg==
date
Sun, 22 Dec 2024 10:21:49 GMT
x-amz-cf-pop
FRA56-P9
server
myracloud
access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type
/
cax.dkb.de/trust/privacy-consent/
Redirect Chain
  • https://cax.dkb.de/trust/privacy-consent/
  • https://trust-phoenix.commander1.com/trust/privacy-consent/?tc_first=cax.dkb.de
  • https://cax.dkb.de/trust/privacy-consent/?tc_id=202412221121491523511115&tc_first=cax.dkb.de
43 B
498 B
Ping
General
Full URL
https://cax.dkb.de/trust/privacy-consent/?tc_id=202412221121491523511115&tc_first=cax.dkb.de
Protocol
H2
Server
2a02:cb40:200::471 , Germany, ASN20546 (SOPRADO-ANY SOPRADO GmbH, DE),
Reverse DNS
Software
myracloud /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15811200

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=15811200
cache-control
private, max-age=486000, pre-check=486000
pragma
private
access-control-allow-credentials
true
expires
Sat, 22 Mar 2025 10:21:49 GMT
access-control-allow-origin
null
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
image/gif
vary
origin
server
myracloud
access-control-allow-headers
Content-Type

Redirect headers

location
https://cax.dkb.de/trust/privacy-consent/?tc_id=202412221121491523511115&tc_first=cax.dkb.de
access-control-allow-credentials
true
access-control-allow-origin
null
content-length
121
date
Sun, 22 Dec 2024 10:21:49 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Origin
access-control-allow-headers
Content-Type
index.html
cdn.trustcommander.net/privacy-center/default/modern/ Frame 731D
0
0
Document
General
Full URL
https://cdn.trustcommander.net/privacy-center/default/modern/index.html
Requested by
Host: cdn.trustcommander.net
URL: https://cdn.trustcommander.net/privacy/4898/privacy_v2_48.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.55 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674C) /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
HEAD, GET
access-control-allow-origin
*
access-control-max-age
31536000
age
31053
cache-control
max-age=86400,must-revalidate
content-encoding
gzip
content-length
660
content-type
text/html
date
Sun, 22 Dec 2024 10:21:49 GMT
etag
"7978d3df50d4126280873a3dc0b378dd+gzip"
last-modified
Wed, 28 Aug 2024 15:24:21 GMT
server
ECS (frb/674C)
vary
Accept-Encoding
x-amz-id-2
LIumFFQMxooMTzt5cfm1xbgrsQdKjiI/L1tifGb299mjxnP27VDRDUrF6Y/lJLR139clbIDNxiw=
x-amz-request-id
FKYNBQPMZ3J7KTHD
x-cache
HIT
x-cdn
edgio

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| NONCE_ID string| SERVER_DATA object| gaia string| __reactRouterVersion object| __SENTRY__ object| dataLayer object| gtm object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| tCPrivacyTagManager number| tc_privacy_used function| tC object| caReady function| cact string| tcVendorsConsent string| tcCategoriesConsent function| ci360 function| Function function| Object object| $ci360 boolean| ci360_config_called

10 Cookies

Domain/Path Name / Value
banking.qa2.dkb.de/ Name: __Host-xsrf
Value: 41d6bfe5-3c20-4930-8355-f1e21c07cddd
banking.qa2.dkb.de/ Name: AWSALB
Value: QqO+MhAh2V9xpPKY1vyw1oPtSIxmTwmtCakl2N2ROvECTwWxBrBb6L3dyAwuYQTLRquPseoXGrFKONb3X0A1Kr4S/Jph6AzF6xnI5SlE8zfiyPha+PtpmgYv8Xzi
banking.qa2.dkb.de/ Name: AWSALBCORS
Value: QqO+MhAh2V9xpPKY1vyw1oPtSIxmTwmtCakl2N2ROvECTwWxBrBb6L3dyAwuYQTLRquPseoXGrFKONb3X0A1Kr4S/Jph6AzF6xnI5SlE8zfiyPha+PtpmgYv8Xzi
.dkb.de/ Name: TCPID
Value: 124120112149294993596
.cax.dkb.de/ Name: TC_CHECK_COOKIES_SUPPORT
Value: 1
cax.dkb.de/ Name: FDLBFIRSTTRUST
Value: s01|Z2foQ|Z2foQ
execution-ci360.test.infos.dkb.de/ Name: AWSALB
Value: 2ztKNwsSCV+lfE5rXfA8vovTfoIetp0M9ArUCiMcTSuKBtmiG5Kewkq4FrITDftM//WtwS5Uc4hQ40v/MFcvgFTjTeMRDSWS4uexgSjsu4mEI9keXi66kYWYyGOs
execution-ci360.test.infos.dkb.de/ Name: AWSALBCORS
Value: 2ztKNwsSCV+lfE5rXfA8vovTfoIetp0M9ArUCiMcTSuKBtmiG5Kewkq4FrITDftM//WtwS5Uc4hQ40v/MFcvgFTjTeMRDSWS4uexgSjsu4mEI9keXi66kYWYyGOs
.commander1.com/ Name: TCID
Value: 202412221121491523511115
.dkb.de/ Name: CAID
Value: 202412221121491523511115

2 Console Messages

Source Level URL
Text
network error URL: https://banking.qa2.dkb.de/api/refresh
Message:
Failed to load resource: the server responded with a status of 400 ()
rendering warning URL: https://banking.qa2.dkb.de/login
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A060EA0054260000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15811200
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banking.qa2.dkb.de
cax.dkb.de
cdn.trustcommander.net
execution-ci360.test.infos.dkb.de
trust-phoenix.commander1.com
www.banking.qa2.dkb.de
www.googletagmanager.com
192.229.233.55
2a00:1450:4001:803::2008
2a02:cb40:200::2f6
2a02:cb40:200::471
2a02:cb40:300::10f
35.181.29.184
07c2a9f5ebdf030a76c2ee8d33271abcddcda8e5bf0134f942861f16215554fe
12c81b1054107e0661a6591af58d9f2fdbfd0ef915a6d2ae3e6ef8d2e4da9ea8
3106c6996cef6031faa89a46d1635bbe58881f22e5cab3beb23f84aba43f4a25
41f89b0587e91c282099fb724004f6d370e5c03d436c07c5531b0916b1d5628a
49ddadc9b09cb04c8de637b957e6795e1b101d9d52636d6e66c059e699f07636
5e4db856f6171b37d6c7d2799dc800fc42417bd565fcc7645115e69f5fdb7568
62547b2e302bfab95756de9714a62a254d236d2d99fef85805c1b635798308dc
628e8248c16c6f73a164c0427613c0a790f9705afa3a6ae899ca2d922575d728
6959fc951c65d5189ba474541c1d89c86522d57e1de682db6c96b3cff865af2e
798add727e3a38c5075b6d87a8dc2737a07fc245ae62ca598fe5803c87347105
8c282992f91c5bd6e477d4d63e29cb2a5930337b0a6b21a054d0ba6cb3043972
8fe32e407a1038ee38753b70e5374b3a46d6ae9d5f16cd5b73c53abaca8f5ed0
ae7b6808dbed0695101f369ded573d20b3596d1660b46c664a502e4ca9c410cf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e982ffba0784b0d1cc5541ce7f272b4a8a6540baab2a29880fb9295e6c741d
bf6e56606c9c49c84cf090ba41fd528af745203493480c1ab00dc754c8ee9920
cc785cdd4278b3c1f7b82cb0d88e02102384df793010b1b2d16fc05da26205f8
df2b42653a800f46cf32aed4aa8e764a1cff95e6db7b09261d2fb2bbdf5b300a
e1e44e868c380d01674497f44a66dca19afc89195aa33dc99d2a12a275e20462
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9b700512a8764c21a2c5d4e83cf96ec7d113045fc36d240c4c32bdbe1925f66
fa039dfb96777e704a15e0f48835c5c09b69679aa3d8f1804478e683e69c0a78