sso.myraiffeisen.com Open in urlscan Pro
52.29.137.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://egateway.myraiffeisen.com/
Effective URL:
https://sso.myraiffeisen.com/as/authorization.oauth2?client_id=EG&redirect_uri=https%3A%2F%2Fegateway.myraiffeisen.com%2F&res...
Submission: On August 30 via manual (August 30th 2024, 7:20:57 am UTC) from HR — Scanned from DE

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 38 HTTP transactions. The main IP is 52.29.137.71, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is sso.myraiffeisen.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 5th 2024. Valid for: a year.

This is the only time sso.myraiffeisen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	18.66.248.63 18.66.248.63	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
8	52.29.137.71 52.29.137.71	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.58.92.41 52.58.92.41	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:2019	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	7

17 18.66.248.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-63.dus51.r.cloudfront.net

egateway.myraiffeisen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.29.137.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

sso.myraiffeisen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.92.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-92-41.eu-central-1.compute.amazonaws.com

countly.merlin.rbi.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2019 (United States)

ASN13335 (CLOUDFLARENET, US)

cookies-data.onetrust.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	myraiffeisen.com egateway.myraiffeisen.com sso.myraiffeisen.com	2 MB
4	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	104 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
2	onetrust.io cookies-data.onetrust.io — Cisco Umbrella Rank: 23881	85 B
1	rbi.cloud countly.merlin.rbi.cloud — Cisco Umbrella Rank: 464868	200 B
38	5

	Domain	Requested by
17	egateway.myraiffeisen.com	egateway.myraiffeisen.com
8	sso.myraiffeisen.com	egateway.myraiffeisen.com sso.myraiffeisen.com
4	cdn.cookielaw.org	egateway.myraiffeisen.com cdn.cookielaw.org
3	fonts.googleapis.com	egateway.myraiffeisen.com
2	cookies-data.onetrust.io	egateway.myraiffeisen.com
1	countly.merlin.rbi.cloud	egateway.myraiffeisen.com
38	6

This site contains links to these domains. Also see Links.

Domain
www.myraiffeisen.com
www.rbinternational.com

Subject Issuer	Validity	Valid
*.myraiffeisen.com Amazon RSA 2048 M03	`2024-05-05` - `2025-06-02`	a year	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
countly.merlin.rbi.cloud Amazon RSA 2048 M03	`2024-01-06` - `2025-02-03`	a year	crt.sh
onetrust.io WE1	`2024-08-28` - `2024-11-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sso.myraiffeisen.com/as/authorization.oauth2?client_id=EG&redirect_uri=https%3A%2F%2Fegateway.myraiffeisen.com%2F&response_type=code&scope=openid&nonce=JXFmfMJ9BjqcR8KWmGTB&state=fc01259589a342fc93a22f1a921575f5&code_challenge=ckP1JnYAH5k_CmTSsWQxaCaimMdR-oxgAYMe4QaCfls&code_challenge_method=S256&response_mode=query
Frame ID: C0E35ECE13E40B52E67B3E837FEF4A15
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page URL History Show full URLs

https://egateway.myraiffeisen.com/ Page URL
https://sso.myraiffeisen.com/as/authorization.oauth2?client_id=EG&redirect_uri=https%3A%2F%2Fegateway.myr... Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

38
Requests

92 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

1646 kB
Transfer

5289 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myraiffeisen.com/en/ekyc/imprint.html
Title: RBI Imprint

Search URL Search Domain Scan URL

URL: https://www.myraiffeisen.com/en/ekyc/data-protection.html
Title: RBI Data Protection

Search URL Search Domain Scan URL

URL: https://www.rbinternational.com/en/homepage/disclaimer.html
Title: RBI Disclaimer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://egateway.myraiffeisen.com/ Page URL
https://sso.myraiffeisen.com/as/authorization.oauth2?client_id=EG&redirect_uri=https%3A%2F%2Fegateway.myraiffeisen.com%2F&response_type=code&scope=openid&nonce=JXFmfMJ9BjqcR8KWmGTB&state=fc01259589a342fc93a22f1a921575f5&code_challenge=ckP1JnYAH5k_CmTSsWQxaCaimMdR-oxgAYMe4QaCfls&code_challenge_method=S256&response_mode=query Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
egateway.myraiffeisen.com/ 2 KB
2 KB 193ms
41ms Document
text/html 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

122117dcb00a101980e20b234b2db07323c38a1d504b5819f5e0a3b725b28e00

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 62
content-encoding: gzip
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
content-type: text/html
date: Fri, 30 Aug 2024 07:19:52 GMT
etag: W/"d4d913becd1e43ad6edef70c56286f6d"
last-modified: Tue, 06 Aug 2024 18:43:09 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-id: eGKzlb2lj-8fZg4c1iN3kBlcHtjLa82_RWnxxqL7ifwmV3qvE5QgTQ==
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
x-amz-server-side-encryption-bucket-key-enabled: true
x-amz-version-id: ZpY6Dq.29KXsk2xGo9MsgFB9j.5k.Bzd
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 icon
fonts.googleapis.com/ 1 KB
848 B 78ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5bdbbcc72cbc9412f84b9a45c1bcb26e18c49f5b559f3e424afb8cd1e250c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 07:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 07:20:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Aug 2024 07:20:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 87ms
39ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 07:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 06:32:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Aug 2024 07:20:53 GMT

GET
H2 200 icons.css
egateway.myraiffeisen.com/assets/icons/css/ 13 KB
4 KB 35ms
34ms Stylesheet
text/css 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/assets/icons/css/icons.css

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8ee15d9b05a5966ad96f7379b36a10ca8345774805dbdf740ca10cf010003720

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: EPGIWZ.mcjikxaV_z4bNCKMqQ2L72uOa
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
content-encoding: gzip
date: Fri, 30 Aug 2024 06:53:32 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
age: 1642
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:12 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: W/"70891a86ab8603c1fd60c579ed652ffe"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
x-amz-cf-id: SsiaMioJmlQVQshzGSbzTQCuHXqNPzN6-oTJt568JbO1vGxiOxxOpw==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 check-browser.js Show response
egateway.myraiffeisen.com/ 2 KB
2 KB 62ms
60ms Script
application/javascript 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/check-browser.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b9a405ad4c8794fa5b7f9fb17a7b46ea0641df39dbc6818f3f11ad9746055c87

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: tswTygkR_QflYRDDvt3DKQ4rQ_.X8jEr
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
content-encoding: gzip
date: Fri, 30 Aug 2024 07:17:26 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
age: 208
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:09 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: W/"9ce93046e70e36c5a1560460397fe2b1"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: YEyDVopRFcHgalFWzVK4ny25YS16MnFqCDej4Szqtnw6p7cQJspPEA==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 countly.js Show response
egateway.myraiffeisen.com/ 71 KB
22 KB 70ms
68ms Script
application/javascript 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/countly.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9a76a5a742d350715d79691ce4e4bae1d1059122a9071f9ced62d143c54450cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: jG6N2F.UW5apVbaDinIUKAR.IjDL2zFV
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
content-encoding: gzip
date: Fri, 30 Aug 2024 06:53:32 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
age: 1642
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:09 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: W/"7d97ce703460eb3b2e57a4d6020035b3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: LkVDxY-yPiB4ccVUYAsANK2rr4BrqpnYzPlDAdgZs0tA0--EsiJehA==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 init-countly.js Show response
egateway.myraiffeisen.com/ 810 B
2 KB 63ms
62ms Script
application/javascript 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/init-countly.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

58665aead37b1408f0e332b3612d3dd3014ed0c6b46309fa702629c8c420698e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:18:08 GMT
x-amz-version-id: AzA6.fEwCnalavhfxop3I3Q_J7JGKDbX
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
x-amz-cf-pop: DUS51-P1
age: 166
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 810
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:10 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: "aff82ca0864a4be2db3b787d5b95a595"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: xq1UnB3wBK_TV54Vm7sBR0uedq2ziAWuwr3I8UiY8hxc9XIPe3OeBQ==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 init-cookie-consent.js Show response
egateway.myraiffeisen.com/ 361 B
2 KB 62ms
61ms Script
application/javascript 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/init-cookie-consent.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fd855fef6cc694b6fdec95f5ab1e4b605f972a3bf60c2e8503c57a0dd4ddfd23

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: S4PpiTSuMQc2p8yjyvp_nYKNEh9cvESj
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
date: Thu, 29 Aug 2024 07:53:54 GMT
x-amz-cf-pop: DUS51-P1
age: 84420
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 361
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:10 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: "10ed70f7af46133b28d5c59593d54ad7"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: doROWxWiDrJr9j9N1JaAkJFreguFtyQdT6_3Cp4f5lskNRTwFCpEVg==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 init-scripts.js Show response
egateway.myraiffeisen.com/ 431 B
2 KB 66ms
65ms Script
application/javascript 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/init-scripts.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c6a0f00a52d0c0a4aeb4603d6f49f6c321e85f28add59f7fe726dfcbc6a2cdcc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 06:16:48 GMT
x-amz-version-id: u_z5K9yKSt0paOSz.0e8hkHP5zvHabt_
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
x-amz-cf-pop: DUS51-P1
age: 3846
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 431
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:10 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: "ade6ca12e82df9a8613b6c88ad0ea5de"
x-frame-options: DENY
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: l1YwrWoKOIXvFv0hBFpaV8zeOZEVD2PGJNVzVZkKk9_iOBsf8KLLRA==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 styles.6e88e4b970ae8be2.css
egateway.myraiffeisen.com/ 235 KB
26 KB 39ms
38ms Stylesheet
text/css 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/styles.6e88e4b970ae8be2.css

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f45fd9c68e1824ccb57446d7f5da5585596cf9639d886d10963ef837bec00b53

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: W.tJLgvm.Ub3xWrG8z4QEoSnH6iXfEUY
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
content-encoding: gzip
date: Thu, 29 Aug 2024 08:29:00 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
age: 82313
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:09 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: W/"dd75947c94e646f9931d5963c87e2e30"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
x-amz-cf-id: c78rYaE5k6NoBkvX3_cKM3xNxlQzm4cj6wY1EWqvkdMjAMNaYYLr4A==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 runtime.2abb420d6e0f352f.js Show response
egateway.myraiffeisen.com/ 3 KB
3 KB 70ms
69ms Script
application/javascript 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/runtime.2abb420d6e0f352f.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8e9bce897fbc9be84a00c4cf2c40da687d6e97c9cea0f443ba01608c0ce01677

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
Origin: https://egateway.myraiffeisen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:18:08 GMT
x-amz-version-id: wf0iSgy4.XwiJaWpBB9KKXh1ynE2480b
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
age: 166
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:09 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: W/"67edf74eb769fca597839dabc201e9b4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: bMvTrDYT0BGQ-Bgj16HNL-WevQwJby8xY61TDz1jhkoCda2gVYkn-Q==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 polyfills.7ab47b70865fbde1.js Show response
egateway.myraiffeisen.com/ 59 KB
22 KB 39ms
38ms Script
application/javascript 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/polyfills.7ab47b70865fbde1.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bd5f0eb6292ea3c78386376d99badee8bf4c4f046d2b31190be2ef5ca7cffa33

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
Origin: https://egateway.myraiffeisen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: xU58DBvtf9YNmTgk7LavBs7ZGU_X3MiM
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
content-encoding: gzip
date: Fri, 30 Aug 2024 06:53:32 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
age: 1642
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:10 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: W/"4fa4b2b7d2901f59f21ba4ba7e322594"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: ie-NjpnjiVSaZzwyb69LEZJLHGSuePWSGWxUXwdFZHkjdiPYvUytbg==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 main.9a7a6213418f00f6.js Show response
egateway.myraiffeisen.com/ 4 MB
993 KB 72ms
72ms Script
application/javascript 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/main.9a7a6213418f00f6.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f5e89f148709b09746201b7cab44617f8d451aa803de7f52f1c9077b04f7877b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
Origin: https://egateway.myraiffeisen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: q7ts5WuinSAW_JWCoqX9LAy9V2Fu8Ed4
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
content-encoding: gzip
date: Fri, 30 Aug 2024 06:53:32 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
age: 1642
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:10 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: W/"25a6cea2400ca55f2d3dfbd57a2e676d"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: oWUj8-PxZduY-VDvlsAZucxj4yW7JZwT5Hd_DkqB4BggKsuVatDnCQ==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1013 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700|Material+Icons|Material+Icons+Outlined

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/styles.6e88e4b970ae8be2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d1f167e3ca0b36e73ff5585e3c043735ae7eb2f58cd6c4446ac937b0a27d93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Aug 2024 07:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Aug 2024 07:20:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Aug 2024 07:20:53 GMT

GET
H2 200 AmaliaW05-Regular.7625f7c142721b09.woff2
egateway.myraiffeisen.com/ 77 KB
79 KB 33ms
33ms Font
application/octet-stream 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/AmaliaW05-Regular.7625f7c142721b09.woff2

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/styles.6e88e4b970ae8be2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cff630abdcaf11c22c15acc11f1a92436040dfe02d585817fa5c63c0b28b00c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/styles.6e88e4b970ae8be2.css
Origin: https://egateway.myraiffeisen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: P0FtVR1uN.wnYuIWMYFUvPB48tcvhkcI
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
date: Fri, 30 Aug 2024 06:53:34 GMT
x-amz-cf-pop: DUS51-P1
age: 1640
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 79096
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:09 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: "e9f986dc690197fbf28359ed0b480758"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/octet-stream
accept-ranges: bytes
x-amz-cf-id: 5TSS9OVuo0d2skvcIEGKL1pO3IUQlrxeCUJjnieMbVVKLvWoLyFLXg==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 openid-configuration
sso.myraiffeisen.com/.well-known/ 5 KB
6 KB 277ms
26ms XHR
application/json 52.29.137.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.myraiffeisen.com/.well-known/openid-configuration

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/polyfills.7ab47b70865fbde1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.137.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Aug 2024 07:20:53 GMT
referrer-policy: origin
server: envoy
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://egateway.myraiffeisen.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 5315
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 82ms
31ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/init-cookie-consent.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 07:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: p+39a+/XEcZfNKybQjgXjA==
age: 85068
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 28 Aug 2024 02:28:29 GMT
server: cloudflare
etag: 0x8DCC7091A7F0929
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b02628b3-d01e-000e-617a-f97f81000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb305569cf1bb5c-FRA

GET
H2 200 favicon.ico
egateway.myraiffeisen.com/ 15 KB
16 KB 35ms
35ms Other
image/vnd.microsoft.icon 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4e49b9ec71198c1abfbc3a3044caf677d0fbc231575961a89ab222e33e5714f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:18:10 GMT
x-amz-version-id: 4G9rJQQSMdhcyOiSTasPYqck_IQjIqdc
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
x-amz-cf-pop: DUS51-P1
age: 163
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 15086
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:09 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: "53363734c0a72316e7393c982ad89fb4"
x-frame-options: DENY
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
x-amz-cf-id: VNnPYIj3sPMTQTYxiJQzcj6h0VKcYuO_hQB9m4FdRH86ABIO61IhJg==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 i Show response
countly.merlin.rbi.cloud/ 20 B
200 B 196ms
80ms XHR
application/json 52.58.92.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://countly.merlin.rbi.cloud/i?begin_session=1&metrics=%7B%22_app_version%22%3A%220.0%22%2C%22_ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F128.0.0.0%20Safari%2F537.36%22%2C%22_resolution%22%3A%221600x1200%22%2C%22_density%22%3A1%2C%22_locale%22%3A%22de-DE%22%7D&app_key=dbc80aae0789467b0879b97472226f4ba833825c&device_id=7316c6e5-8ac9-46a8-82d0-f5e6502a45d0&sdk_name=javascript_native_web&sdk_version=23.02.1&t=1&timestamp=1725002453477&hour=9&dow=5

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/polyfills.7ab47b70865fbde1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.92.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-92-41.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296

Security Headers

Name	Value
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Aug 2024 07:20:53 GMT
x-envoy-upstream-service-time: 56
server: envoy
x-frame-options: deny
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8

GET
H2 200 3087361a-ca6a-4dff-b6f2-660c3c906db6.json Show response
cdn.cookielaw.org/consent/3087361a-ca6a-4dff-b6f2-660c3c906db6/ 3 KB
2 KB 100ms
57ms XHR
application/x-javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3087361a-ca6a-4dff-b6f2-660c3c906db6/3087361a-ca6a-4dff-b6f2-660c3c906db6.json

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/polyfills.7ab47b70865fbde1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dfb9c76dd76f16e875749eb5b133b5075a0d62007ac7794253dcb127a19b721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 07:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3396
content-md5: Hp5RMOjhvZofecNohUvB9w==
content-length: 1341
x-ms-lease-status: unlocked
last-modified: Tue, 19 Apr 2022 10:31:20 GMT
server: cloudflare
etag: 0x8DA21EFBE5D5497
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4c506f5f-701e-0065-0c24-d522d7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb3055708a64d80-FRA
expires: Sat, 31 Aug 2024 07:20:53 GMT

OPTIONS
H2 200 domaingroupcheck
cookies-data.onetrust.io/bannersdk/v1/ 0
0 88ms
41ms Preflight
application/json 2606:4700:4400::6812:2019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: domainid,location,url
Access-Control-Request-Method: GET
Origin: https://egateway.myraiffeisen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: domainId, url, location, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-ray: 8bb30557bbe091d7-FRA
content-length: 0
content-type: application/json
date: Fri, 30 Aug 2024 07:20:53 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 domaingroupcheck
cookies-data.onetrust.io/bannersdk/v1/ 17 B
85 B 55ms
54ms XHR
application/json 2606:4700:4400::6812:2019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck
Requested by: Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/polyfills.7ab47b70865fbde1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

location: cdn.cookielaw.org
Referer
url: egateway.myraiffeisen.com
domainId: 3087361a-ca6a-4dff-b6f2-660c3c906db6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:20:53 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8bb30557fc1391d7-FRA
access-control-allow-headers: Content-Type
content-length: 17

GET
H2 200 otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.34.0/ 348 KB
83 KB 33ms
33ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.34.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 07:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ywzctmjVIapkx83Pz3a+AQ==
age: 40829
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 84671
x-ms-lease-status: unlocked
last-modified: Tue, 17 May 2022 16:31:35 GMT
server: cloudflare
etag: 0x8DA3822B5C4CCF6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 24814a3a-201e-0038-4ce6-1d9d43000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb305577db6bb5c-FRA

GET
H2 200 en.json
egateway.myraiffeisen.com/assets/i18n/core/ 45 B
1 KB 34ms
33ms XHR
application/json 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/assets/i18n/core/en.json

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/polyfills.7ab47b70865fbde1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: b6TE7JtxyePpusS2BR5sSu_BlqcVwWmd
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
date: Thu, 29 Aug 2024 08:29:02 GMT
x-amz-cf-pop: DUS51-P1
age: 82312
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 45
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:11 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: "1421f7f3d1fabad2053570663a21e246"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json
accept-ranges: bytes
x-amz-cf-id: nepZyr97zeXKUxXzU5F5_cRPdMDbl6QvsyLCDKuhcTVVV60g2DF_iA==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 en.json
egateway.myraiffeisen.com/assets/i18n/responsive-components-lib/ 6 KB
4 KB 32ms
32ms XHR
application/json 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/assets/i18n/responsive-components-lib/en.json

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/polyfills.7ab47b70865fbde1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://egateway.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 3zDfrQl8KKLu6cfbOEFXeEbbf18LxeIO
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
content-encoding: gzip
date: Thu, 29 Aug 2024 08:29:02 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: aws:kms
age: 82312
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:11 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: W/"2cd6a6b13e1d83d0b1ddbdbfcbe67996"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/json
x-amz-cf-id: FekUG2Gwv-opb_-g9W1vyJY1u-ttOZIc3MAWrUs6Ty_wmKevXJQBbg==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 Primary Request authorization.oauth2 Show response
sso.myraiffeisen.com/as/ 13 KB
13 KB 88ms
45ms Document
text/html 52.29.137.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.myraiffeisen.com/as/authorization.oauth2?client_id=EG&redirect_uri=https%3A%2F%2Fegateway.myraiffeisen.com%2F&response_type=code&scope=openid&nonce=JXFmfMJ9BjqcR8KWmGTB&state=fc01259589a342fc93a22f1a921575f5&code_challenge=ckP1JnYAH5k_CmTSsWQxaCaimMdR-oxgAYMe4QaCfls&code_challenge_method=S256&response_mode=query

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/main.9a7a6213418f00f6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.137.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

b556e16e5c6ba4abf6550644a4f68872cbd4a04f86079f94d76b31debeca5028

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-length: 13376
content-type: text/html;charset=utf-8
date: Fri, 30 Aug 2024 07:20:53 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
referrer-policy: origin
server: envoy
x-envoy-upstream-service-time: 8
x-frame-options: SAMEORIGIN

GET
H2 200 gds-icons.16a4a970c78fc82e.ttf
egateway.myraiffeisen.com/ 237 KB
239 KB 35ms
35ms Font
application/octet-stream 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/gds-icons.16a4a970c78fc82e.ttf

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/styles.6e88e4b970ae8be2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/styles.6e88e4b970ae8be2.css
Origin: https://egateway.myraiffeisen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: yp.KL.fZ7kyEDs_KOQBD4AuQr72WBOZZ
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
date: Fri, 30 Aug 2024 06:53:34 GMT
x-amz-cf-pop: DUS51-P1
age: 1640
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 243028
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:10 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: "a25a6310be682955c473ed2a2a6d5442"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/octet-stream
accept-ranges: bytes
x-amz-cf-id: 0UQhb2NowDyuW9zoPLtNJ92pxmJvz5-6gNMh1j0X_yhnW21y4o8Vsw==
x-amz-server-side-encryption-bucket-key-enabled: true

GET
H2 200 en.json
cdn.cookielaw.org/consent/3087361a-ca6a-4dff-b6f2-660c3c906db6/088922f2-a2b5-41f4-8754-d96c163f15be/ 51 KB
12 KB 46ms
46ms Fetch
application/x-javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/3087361a-ca6a-4dff-b6f2-660c3c906db6/088922f2-a2b5-41f4-8754-d96c163f15be/en.json

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/polyfills.7ab47b70865fbde1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 30 Aug 2024 07:20:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 77726
content-md5: I/o1CzrVX5iXt0DbrYzi0Q==
content-length: 12200
x-ms-lease-status: unlocked
last-modified: Tue, 19 Apr 2022 10:31:22 GMT
server: cloudflare
etag: 0x8DA21EFBFBDEA98
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 12609324-201e-00ba-13d6-f47383000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bb3055839ff4d80-FRA
expires: Sat, 31 Aug 2024 07:20:53 GMT

GET
H2 200 AmaliaW05-Bold.65f8e193cd03457f.woff2
egateway.myraiffeisen.com/ 79 KB
80 KB 32ms
32ms Font
application/octet-stream 18.66.248.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://egateway.myraiffeisen.com/AmaliaW05-Bold.65f8e193cd03457f.woff2

Requested by

Host: egateway.myraiffeisen.com
URL: https://egateway.myraiffeisen.com/styles.6e88e4b970ae8be2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-63.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://egateway.myraiffeisen.com/styles.6e88e4b970ae8be2.css
Origin: https://egateway.myraiffeisen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 06:16:50 GMT
x-amz-version-id: LLeH6Rr9tYviYj046WnUvUhgRdwYR5tF
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; img-src 'self' *.myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' *.myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' *.myraiffeisen.com *.apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
x-amz-cf-pop: DUS51-P1
age: 3844
x-amz-server-side-encryption: aws:kms
x-cache: Hit from cloudfront
content-length: 80480
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 06 Aug 2024 18:43:09 GMT
server: AmazonS3
x-amz-server-side-encryption-aws-kms-key-id: arn:aws:kms:eu-central-1:305550233555:key/5586707a-7ccd-4845-8103-24d8b28eda02
etag: "8c0cb696c025011f055c1e94d1f5fc5f"
x-frame-options: DENY
content-type: application/octet-stream
accept-ranges: bytes
x-amz-cf-id: sTPh2leB0IKOl708NdcJgDBlpcRahfMdyXxiBRWqURyIIdRPHFDv3Q==
x-amz-server-side-encryption-bucket-key-enabled: true

GET otFlat.json
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 0
0

GET otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/ 0
0

GET otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.34.0/assets/ 0
0

GET
H2 200 rbi.css
sso.myraiffeisen.com/assets/css/ 4 KB
4 KB 27ms
25ms Stylesheet
text/css 52.29.137.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.myraiffeisen.com/assets/css/rbi.css

Requested by

Host: sso.myraiffeisen.com
URL: https://sso.myraiffeisen.com/as/authorization.oauth2?client_id=EG&redirect_uri=https%3A%2F%2Fegateway.myraiffeisen.com%2F&response_type=code&scope=openid&nonce=JXFmfMJ9BjqcR8KWmGTB&state=fc01259589a342fc93a22f1a921575f5&code_challenge=ckP1JnYAH5k_CmTSsWQxaCaimMdR-oxgAYMe4QaCfls&code_challenge_method=S256&response_mode=query

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.137.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

0ed4ec0604197b7a0af2971c21352046c938c7d2fde611672290333d7f824fdd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sso.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:20:53 GMT
referrer-policy: origin
last-modified: Wed, 24 Jul 2024 10:37:20 GMT
server: envoy
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 3812

GET
H2 200 input-styles.css
sso.myraiffeisen.com/assets/css/ 14 KB
14 KB 29ms
27ms Stylesheet
text/css 52.29.137.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.myraiffeisen.com/assets/css/input-styles.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.137.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

d9a7ebd061e8c149e90eedf3caae19a5a97698c20e7efe6e62332dcf43c777fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sso.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:20:53 GMT
referrer-policy: origin
last-modified: Wed, 24 Jul 2024 10:37:20 GMT
server: envoy
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 14248

GET
H2 200 footer.css
sso.myraiffeisen.com/assets/css/components/ 1 KB
2 KB 28ms
26ms Stylesheet
text/css 52.29.137.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.myraiffeisen.com/assets/css/components/footer.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.137.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

08f32b633975efd2c3fb5e6f23c065383f4d418651bce4c357d817e2cc654b84

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sso.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:20:53 GMT
referrer-policy: origin
last-modified: Wed, 24 Jul 2024 10:37:20 GMT
server: envoy
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 1478

GET
H2 200 fonts.css
sso.myraiffeisen.com/assets/css/components/ 768 B
977 B 30ms
29ms Stylesheet
text/css 52.29.137.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.myraiffeisen.com/assets/css/components/fonts.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.137.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

4c11c7341c1c83f309e10f95658cf8be9f274da26bffb5eee915fcad81290a95

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sso.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:20:53 GMT
referrer-policy: origin
last-modified: Wed, 24 Jul 2024 10:37:20 GMT
server: envoy
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 768

GET
H2 200 logo.svg
sso.myraiffeisen.com/assets/images/ 2 KB
2 KB 32ms
30ms Image
image/svg+xml 52.29.137.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.myraiffeisen.com/assets/images/logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.137.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

b74f0c2c45a1ee982dc40d5206145dabe4916027d7aec9e14077fab762741b5e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sso.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:20:53 GMT
referrer-policy: origin
last-modified: Wed, 24 Jul 2024 10:37:20 GMT
server: envoy
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=0, must-revalidate
x-envoy-upstream-service-time: 0
content-length: 1593

GET
H2 200 favicon-32x32.png
sso.myraiffeisen.com/assets/images/ 1 KB
1 KB 28ms
26ms Other
image/png 52.29.137.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.myraiffeisen.com/assets/images/favicon-32x32.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.137.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-137-71.eu-central-1.compute.amazonaws.com

Software

envoy /

Resource Hash

9e0211e868cba5383f70ae63eed1d87d62de962b98b5e89cf11b72a549f0857d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sso.myraiffeisen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 07:20:54 GMT
referrer-policy: origin
last-modified: Wed, 24 Jul 2024 10:37:20 GMT
server: envoy
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=0, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 1130

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otFlat.json

Domain: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/v2/otPcCenter.json

Domain: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.34.0/assets/otCommonStyles.css

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.myraiffeisen.com/	1970-01-21 07:55:38	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Aug+30+2024+09%3A20%3A53+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=6.34.0&hosts=&consentId=fa98948e-dfdc-4c81-a29a-c43a71629f42&interactionCount=0&landingPath=https%3A%2F%2Fegateway.myraiffeisen.com%2F
			sso.myraiffeisen.com/	1969-12-31 23:59:59	Name: PF Value: nkBhGWPdMueVGhVYWJlrhw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; img-src 'self' .myraiffeisen.com https://cdn.cookielaw.org; script-src 'self' 'unsafe-eval' .myraiffeisen.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/; object-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; connect-src 'self' .myraiffeisen.com .apiconnect.ibmcloud.com https://countly.merlin-test.rbi.cloud https://countly.merlin.rbi.cloud https://cdn.cookielaw.org https://privacyportal-de.onetrust.com https://cookies-data.onetrust.io; frame-src 'self' https://countly.merlin-test.rbi.cloud/ https://countly.merlin.rbi.cloud/
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
cookies-data.onetrust.io
countly.merlin.rbi.cloud
egateway.myraiffeisen.com
fonts.googleapis.com
sso.myraiffeisen.com
cdn.cookielaw.org
18.66.248.63
2606:4700:4400::6812:2019
2606:4700::6812:572a
2a00:1450:4001:80b::200a
52.29.137.71
52.58.92.41
08f32b633975efd2c3fb5e6f23c065383f4d418651bce4c357d817e2cc654b84
0d1f167e3ca0b36e73ff5585e3c043735ae7eb2f58cd6c4446ac937b0a27d93e
0dfb9c76dd76f16e875749eb5b133b5075a0d62007ac7794253dcb127a19b721
0ed4ec0604197b7a0af2971c21352046c938c7d2fde611672290333d7f824fdd
122117dcb00a101980e20b234b2db07323c38a1d504b5819f5e0a3b725b28e00
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
4c11c7341c1c83f309e10f95658cf8be9f274da26bffb5eee915fcad81290a95
4e49b9ec71198c1abfbc3a3044caf677d0fbc231575961a89ab222e33e5714f8
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
58665aead37b1408f0e332b3612d3dd3014ed0c6b46309fa702629c8c420698e
83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296
8e9bce897fbc9be84a00c4cf2c40da687d6e97c9cea0f443ba01608c0ce01677
8ee15d9b05a5966ad96f7379b36a10ca8345774805dbdf740ca10cf010003720
9a76a5a742d350715d79691ce4e4bae1d1059122a9071f9ced62d143c54450cb
9e0211e868cba5383f70ae63eed1d87d62de962b98b5e89cf11b72a549f0857d
b556e16e5c6ba4abf6550644a4f68872cbd4a04f86079f94d76b31debeca5028
b5bdbbcc72cbc9412f84b9a45c1bcb26e18c49f5b559f3e424afb8cd1e250c6f
b74f0c2c45a1ee982dc40d5206145dabe4916027d7aec9e14077fab762741b5e
b9a405ad4c8794fa5b7f9fb17a7b46ea0641df39dbc6818f3f11ad9746055c87
bd5f0eb6292ea3c78386376d99badee8bf4c4f046d2b31190be2ef5ca7cffa33
c6a0f00a52d0c0a4aeb4603d6f49f6c321e85f28add59f7fe726dfcbc6a2cdcc
cff630abdcaf11c22c15acc11f1a92436040dfe02d585817fa5c63c0b28b00c2
d9a7ebd061e8c149e90eedf3caae19a5a97698c20e7efe6e62332dcf43c777fb
f45fd9c68e1824ccb57446d7f5da5585596cf9639d886d10963ef837bec00b53
f5e89f148709b09746201b7cab44617f8d451aa803de7f52f1c9077b04f7877b
fd855fef6cc694b6fdec95f5ab1e4b605f972a3bf60c2e8503c57a0dd4ddfd23

sso.myraiffeisen.com Open in urlscan Pro 52.29.137.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

92 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

7 IPs

2 Countries

1646 kBTransfer

5289 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sso.myraiffeisen.com Open in urlscan Pro
52.29.137.71 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

92 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

1646 kB
Transfer

5289 kB
Size

2
Cookies

38 HTTP transactions
0 data transactions