sandbox.multibank.cz Open in urlscan Pro
13.73.186.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sandbox.multibank.cz/
Submission: On February 12 via api (February 12th 2024, 2:36:11 pm UTC) from US — Scanned from US

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 13.73.186.126, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is sandbox.multibank.cz.
TLS certificate: Issued by R3 on February 12th 2024. Valid for: 3 months.

This is the only time sandbox.multibank.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	13.73.186.126 13.73.186.126	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2600:9000:251... 2600:9000:2511:5000:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:e8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
22	5

13 13.73.186.126 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sandbox.multibank.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.sandbox.multibank.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2511:5000:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:e8b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	multibank.cz 1 redirects sandbox.multibank.cz auth.sandbox.multibank.cz	656 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	80 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 761	47 KB
2	datatables.net cdn.datatables.net — Cisco Umbrella Rank: 4796	6 KB
2	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6285	6 KB
22	5

	Domain	Requested by
10	sandbox.multibank.cz	sandbox.multibank.cz
4	cdn.jsdelivr.net	sandbox.multibank.cz
3	auth.sandbox.multibank.cz	1 redirects sandbox.multibank.cz
2	code.jquery.com	sandbox.multibank.cz
2	cdn.datatables.net	sandbox.multibank.cz
2	cdn.auth0.com	sandbox.multibank.cz
22	6

This site contains links to these domains. Also see Links.

Domain
finbricks.com

Subject Issuer	Validity	Valid
auth.sandbox.multibank.cz R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M03	`2024-01-25` - `2025-02-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://sandbox.multibank.cz/
Frame ID: 1ED1D042EB9E02734C7DC703A5EADA1E
Requests: 10 HTTP requests in this frame

Frame: https://auth.sandbox.multibank.cz/auth/realms/multibank/protocol/openid-connect/3p-cookies/step1.html
Frame ID: ACEE7F447FF5C341A7822D57E061F45C
Requests: 1 HTTP requests in this frame

Frame: https://sandbox.multibank.cz/silent-check-sso.html
Frame ID: 811D72A57012944A90BF872340ACB3CD
Requests: 10 HTTP requests in this frame

Frame: https://auth.sandbox.multibank.cz/auth/realms/multibank/protocol/openid-connect/3p-cookies/step1.html
Frame ID: E376F39F00D589F3BBF57EC375467EDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Calling an API

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

791 kB
Transfer

2486 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://finbricks.com/
Title: Finbricks.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://auth.sandbox.multibank.cz/auth/realms/multibank/protocol/openid-connect/auth?client_id=multibank-openid&redirect_uri=https%3A%2F%2Fsandbox.multibank.cz%2Fsilent-check-sso.html&state=fa646082-a141-4474-82df-454e2abca824&response_mode=fragment&response_type=code&scope=openid&nonce=c3c842ce-e957-4c40-87b5-ffa8c4a39fe0&prompt=none&code_challenge=5NlXT_6DXqj9OmU45OxqS4MlGrk-MEvarI6-oszzjFw&code_challenge_method=S256 HTTP 302
https://sandbox.multibank.cz/silent-check-sso.html

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sandbox.multibank.cz/ 1 KB
4 KB 1374ms
144ms Document
text/html 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.multibank.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

2a95fb68eeab8c876d7f4bc8f777279368cf3e21c698ba0eb05c935ea7a00578

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 745
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Feb 2024 14:36:05 GMT
ETag: "65ca13b5-587-gzip"
Keep-Alive: timeout=4, max=100
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ 158 KB
26 KB 205ms
32ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sandbox.multibank.cz/
Origin: https://sandbox.multibank.cz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 14:36:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2879577
x-jsd-version: 4.6.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26373
x-served-by: cache-fra-eddf8230063-FRA, cache-mia-kmia1760077-MIA
x-jsd-version-type: version
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 auth0-theme.min.css
cdn.auth0.com/js/auth0-samples-theme/1.0/css/ 5 KB
3 KB 244ms
65ms Stylesheet
text/css 2600:9000:2511:5000:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/auth0-samples-theme/1.0/css/auth0-theme.min.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:5000:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

27e28e5a83acaafd3d71be385a9947173ac2e85d9dda385f6aa11abe719d5a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: NbPgzQ7ejBsfsWzRrcYRgUGTCbLyW6HW
content-encoding: gzip
via: 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
date: Mon, 12 Feb 2024 13:17:02 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: JFK50-P6
age: 4743
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Mon, 08 Jul 2019 13:17:09 GMT
server: AmazonS3
etag: W/"faa555a0a699b49f1225f51f9153eee2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10800,public
x-robots-tag: noindex
x-amz-cf-id: sdpIwzp2xoZCP70xMJ4oTyI1NqnLnaybbPyfbhMamn057HVZcWghww==

GET
H/1.1 200
OK multibank.css
sandbox.multibank.cz/ 5 KB
4 KB 143ms
141ms Stylesheet
text/css 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.multibank.cz/multibank.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

f0cf908832bf8f535659b1bdebe401a4ac57ab07cc477bfa34a8ad7a5c73a07f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 14:36:05 GMT
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 1561
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Server: Apache
ETag: "65ca13b5-15f4-gzip"
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=4, max=99

GET
H2 200 jquery.dataTables.min.css
cdn.datatables.net/1.13.7/css/ 22 KB
3 KB 222ms
46ms Stylesheet
text/css 2606:4700:10::ac43:e8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.13.7/css/jquery.dataTables.min.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77fd7ddf331cc99530aee0a5bab4e401737f839aea6b06b66fdf9ccdc245aa36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:36:05 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6397542
content-length: 3087
last-modified: Mon, 06 Nov 2023 12:01:13 GMT
server: cloudflare
etag: "112244a-58b7-6097a9c4f3260-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85458fd56abe7419-MIA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Fri, 29 Nov 2024 13:30:23 GMT

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 204ms
33ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://sandbox.multibank.cz/
Origin: https://sandbox.multibank.cz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:36:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 12844766
x-cache: HIT, HIT
content-length: 23856
x-served-by: cache-lga21963-LGA, cache-mia-kmia1760041-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707748565.339899,VS0,VE0
etag: W/"28feccc0-10fdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 13, 87635

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/ 48 KB
14 KB 212ms
42ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/bootstrap.min.js

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sandbox.multibank.cz/
Origin: https://sandbox.multibank.cz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 14:36:05 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1151141
x-jsd-version: 4.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13987
x-served-by: cache-fra-eddf8230045-FRA, cache-mia-kmia1760077-MIA
x-jsd-version-type: version
etag: W/"bf30-qVRYMYA7E1nP7tR+O01rrmjkDpk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK main.aefdcc0f.js Show response
sandbox.multibank.cz/static/js/ 898 KB
274 KB 173ms
141ms Script
application/javascript 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.multibank.cz/static/js/main.aefdcc0f.js

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

8fccab2a1e85ca91ce3843eda36c4b839a5b22955e7a315604ca9de13ca38078

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 14:36:05 GMT
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Server: Apache
ETag: "65ca13b5-e08c2-gzip"
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/javascript
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=4, max=100

GET
H/1.1 200
OK main.3be3cd46.css
sandbox.multibank.cz/static/css/ 743 B
3 KB 284ms
139ms Stylesheet
text/css 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.multibank.cz/static/css/main.3be3cd46.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

644528e2f1de5bccfa907595a95a363c003d3e023293e23aac8dbd54868c6bac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 14:36:05 GMT
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 442
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Server: Apache
ETag: "65ca13b5-2e7-gzip"
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=4, max=98

GET
H/1.1 200
OK step1.html Show response
auth.sandbox.multibank.cz/auth/realms/multibank/protocol/openid-connect/3p-cookies/ Frame ACEE 757 B
3 KB 735ms
144ms Document
text/html 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.sandbox.multibank.cz/auth/realms/multibank/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/static/js/main.aefdcc0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ; frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sandbox.multibank.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 361
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ; frame-src 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Mon, 12 Feb 2024 14:36:06 GMT
Keep-Alive: timeout=4, max=100
P3P: CP="This is not a P3P policy!"
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Referrer-Policy: no-referrer-when-downgrade no-referrer
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.dfecfdc2cf33ee17796d.png
sandbox.multibank.cz/static/media/ 35 KB
37 KB 141ms
140ms Image
image/png 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sandbox.multibank.cz/static/media/logo.dfecfdc2cf33ee17796d.png

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

2426b1b5b918fc0872828bdf83ac9d9ca058e1a16df99b5fb34761ba0b026bda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 14:36:06 GMT
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
Connection: Keep-Alive
Content-Length: 35347
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Server: Apache
ETag: "65ca13b5-8a13"
Vary: User-Agent
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: image/png
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=4, max=99

GET
H/1.1

200
OK

silent-check-sso.html Show response
sandbox.multibank.cz/ Frame 811D
Redirect Chain

https://auth.sandbox.multibank.cz/auth/realms/multibank/protocol/openid-connect/auth?client_id=multibank-openid&redirect_uri=https%3A%2F%2Fsandbox.multibank.cz%2Fsilent-check-sso.html&state=fa64608...
https://sandbox.multibank.cz/silent-check-sso.html

1 KB
4 KB

150ms
149ms

Document
text/html

13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.multibank.cz/silent-check-sso.html

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/static/js/main.aefdcc0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

2a95fb68eeab8c876d7f4bc8f777279368cf3e21c698ba0eb05c935ea7a00578

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 745
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Content-Type: text/html; charset=UTF-8
Date: Mon, 12 Feb 2024 14:36:07 GMT
ETag: "65ca13b5-587-gzip"
Keep-Alive: timeout=4, max=98
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Cache-Control: no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Date: Mon, 12 Feb 2024 14:36:07 GMT
Keep-Alive: timeout=4, max=99
Location: https://sandbox.multibank.cz/silent-check-sso.html#error=login_required&state=fa646082-a141-4474-82df-454e2abca824
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Referrer-Policy: no-referrer-when-downgrade no-referrer
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: User-Agent
X-Content-Type-Options: nosniff nosniff
X-XSS-Protection: 1; mode=block
content-length: 0

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/ Frame 811D 158 KB
26 KB 37ms
33ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sandbox.multibank.cz/silent-check-sso.html
Origin: https://sandbox.multibank.cz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 14:36:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2879579
x-jsd-version: 4.6.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26373
x-served-by: cache-fra-eddf8230063-FRA, cache-mia-kmia1760077-MIA
x-jsd-version-type: version
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 auth0-theme.min.css
cdn.auth0.com/js/auth0-samples-theme/1.0/css/ Frame 811D 5 KB
3 KB 72ms
69ms Stylesheet
text/css 2600:9000:2511:5000:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/auth0-samples-theme/1.0/css/auth0-theme.min.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2511:5000:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

27e28e5a83acaafd3d71be385a9947173ac2e85d9dda385f6aa11abe719d5a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/silent-check-sso.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: NbPgzQ7ejBsfsWzRrcYRgUGTCbLyW6HW
content-encoding: gzip
via: 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront)
date: Mon, 12 Feb 2024 13:17:02 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: JFK50-P6
age: 4745
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
last-modified: Mon, 08 Jul 2019 13:17:09 GMT
server: AmazonS3
etag: W/"faa555a0a699b49f1225f51f9153eee2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10800,public
x-robots-tag: noindex
x-amz-cf-id: raKsrfce_lYiJEzcuf4FQ29blPnD2j5AlPbLZTRHJsyMG3Z6DjegWw==

GET
H/1.1 200
OK multibank.css
sandbox.multibank.cz/ Frame 811D 5 KB
4 KB 141ms
140ms Stylesheet
text/css 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.multibank.cz/multibank.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

f0cf908832bf8f535659b1bdebe401a4ac57ab07cc477bfa34a8ad7a5c73a07f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/silent-check-sso.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 14:36:07 GMT
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Server: Apache
ETag: "65ca13b5-15f4-gzip"
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=4, max=97

GET
H2 200 jquery.dataTables.min.css
cdn.datatables.net/1.13.7/css/ Frame 811D 22 KB
3 KB 44ms
42ms Stylesheet
text/css 2606:4700:10::ac43:e8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.13.7/css/jquery.dataTables.min.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:e8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77fd7ddf331cc99530aee0a5bab4e401737f839aea6b06b66fdf9ccdc245aa36

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/silent-check-sso.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:36:07 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6397544
content-length: 3087
last-modified: Mon, 06 Nov 2023 12:01:13 GMT
server: cloudflare
etag: "112244a-58b7-6097a9c4f3260-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85458fe2aa517419-MIA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Fri, 29 Nov 2024 13:30:23 GMT

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ Frame 811D 68 KB
23 KB 36ms
34ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://sandbox.multibank.cz/silent-check-sso.html
Origin: https://sandbox.multibank.cz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 14:36:07 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 12844768
x-cache: HIT, HIT
content-length: 23856
x-served-by: cache-lga21963-LGA, cache-mia-kmia1760041-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707748567.460779,VS0,VE0
etag: W/"28feccc0-10fdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 13, 87636

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/ Frame 811D 48 KB
14 KB 39ms
38ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/js/bootstrap.min.js

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sandbox.multibank.cz/silent-check-sso.html
Origin: https://sandbox.multibank.cz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 12 Feb 2024 14:36:07 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1151143
x-jsd-version: 4.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13987
x-served-by: cache-fra-eddf8230045-FRA, cache-mia-kmia1760077-MIA
x-jsd-version-type: version
etag: W/"bf30-qVRYMYA7E1nP7tR+O01rrmjkDpk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK main.aefdcc0f.js Show response
sandbox.multibank.cz/static/js/ Frame 811D 898 KB
274 KB 142ms
140ms Script
application/javascript 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.multibank.cz/static/js/main.aefdcc0f.js

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

8fccab2a1e85ca91ce3843eda36c4b839a5b22955e7a315604ca9de13ca38078

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/silent-check-sso.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 14:36:07 GMT
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: Keep-Alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Server: Apache
ETag: "65ca13b5-e08c2-gzip"
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/javascript
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=4, max=96

GET
H/1.1 200
OK main.3be3cd46.css
sandbox.multibank.cz/static/css/ Frame 811D 743 B
3 KB 142ms
141ms Stylesheet
text/css 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.multibank.cz/static/css/main.3be3cd46.css

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

644528e2f1de5bccfa907595a95a363c003d3e023293e23aac8dbd54868c6bac

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/silent-check-sso.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 14:36:07 GMT
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Connection: Keep-Alive
Content-Length: 442
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Server: Apache
ETag: "65ca13b5-2e7-gzip"
Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=4, max=97

GET
H/1.1 200
OK step1.html Show response
auth.sandbox.multibank.cz/auth/realms/multibank/protocol/openid-connect/3p-cookies/ Frame E376 757 B
3 KB 141ms
140ms Document
text/html 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.sandbox.multibank.cz/auth/realms/multibank/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/static/js/main.aefdcc0f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ; frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sandbox.multibank.cz/silent-check-sso.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers: origin, x-requested-with, content-type
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Cache-Control: no-cache, must-revalidate, no-transform, no-store
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 361
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ; frame-src 'self'; object-src 'none';
Content-Type: text/html;charset=utf-8
Date: Mon, 12 Feb 2024 14:36:08 GMT
Keep-Alive: timeout=4, max=98
P3P: CP="This is not a P3P policy!"
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Referrer-Policy: no-referrer-when-downgrade no-referrer
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.dfecfdc2cf33ee17796d.png
sandbox.multibank.cz/static/media/ Frame 811D 35 KB
37 KB 140ms
139ms Image
image/png 13.73.186.126
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sandbox.multibank.cz/static/media/logo.dfecfdc2cf33ee17796d.png

Requested by

Host: sandbox.multibank.cz
URL: https://sandbox.multibank.cz/silent-check-sso.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

13.73.186.126 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

2426b1b5b918fc0872828bdf83ac9d9ca058e1a16df99b5fb34761ba0b026bda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sandbox.multibank.cz/silent-check-sso.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 14:36:08 GMT
Content-Security-Policy: default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
Connection: Keep-Alive
Content-Length: 35347
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 12 Feb 2024 12:48:53 GMT
Server: Apache
ETag: "65ca13b5-8a13"
Vary: User-Agent
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: image/png
Permissions-Policy: geolocation=(self), microphone=(self), camera=(self), usb=(self)
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Keep-Alive: timeout=4, max=95

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			auth.sandbox.multibank.cz/auth/realms/multibank/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 1d82d3a8-7810-4d8c-bb11-9b66da29e249.keycloak-7649bcf9df-wth7g-28765
			auth.sandbox.multibank.cz/auth/realms/multibank/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 1d82d3a8-7810-4d8c-bb11-9b66da29e249.keycloak-7649bcf9df-wth7g-28765

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://sandbox.multibank.cz/silent-check-sso.html#error=login_required&state=fa646082-a141-4474-82df-454e2abca824 Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'report-sample' 'self' blob: data: 'unsafe-inline' 'unsafe-eval' code.jquery.com cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com maps.googleapis.com www.googletagmanager.com www.googleadservices.com tagmanager.google.com googleads.g.doubleclick.net track.adform.net connect.facebook.net www.google.com google.com www.google.com/pagead/ ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; style-src 'report-sample' 'self' 'unsafe-inline' cdn.auth0.com cdn.datatables.net cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.googleapis.com cdn.zaplaceno.cz tagmanager.google.comajax.aspnetcdn.com/ ajax.aspnetcdn.com cdn.jsdelivr.net unpkg.com; object-src cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com; base-uri 'self'; connect-src 'self' auth.sandbox.multibank.cz cdn.datatables.net api.sandbox.multibank.cz cdn.finbricks.com cdn.jsdelivr.net www.google-analytics.com stats.g.doubleclick.net www.facebook.com https://www.facebook.com/tr/ cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com https://api.finbricks.cleverlance.com https://api.sandbox.finbricks.com https://auth.finbricks.cleverlance.com https://auth.sandbox.finbricks.com https://o557728.ingest.sentry.io edge.api.flagsmith.com; font-src 'self' data: cdn.finbricks.com cdn.jsdelivr.net fonts.googleapis.com fonts.gstatic.com fonts.googleapis.com cdn.zaplaceno.cz ajax.aspnetcdn.com/ cdn.jsdelivr.net unpkg.com; frame-src 'self' auth.sandbox.multibank.cz auth.finbricks.cleverlance.com auth.sandbox.finbricks.com cdn.dev.finbricks.com cdn.zaplaceno.cz cdn.sandbox.finbricks.com; img-src 'self' data: minio.finbricks.cleverlance.com cdn.redoc.ly zaplaceno-cdn-test.azureedge.net cdn.finbricks.com cdn.dev.finbricks.com cdn.sandbox.finbricks.com cdn.jsdelivr.net www.google-analytics.com cdn.zaplaceno.cz chart.googleapis.com www.googletagmanager.com www.pages06.net stats.g.doubleclick.net maps.googleapis.com maps.gstatic.com csi.gstatic.com www.google.com www.google.cz ssl.gstatic.com www.gstatic.com developers.google.com via.placeholder.com www.facebook.com; manifest-src 'self'; media-src 'self' minio.finbricks.cleverlance.com; worker-src blob: ;
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.sandbox.multibank.cz
cdn.auth0.com
cdn.datatables.net
cdn.jsdelivr.net
code.jquery.com
sandbox.multibank.cz
13.73.186.126
2600:9000:2511:5000:10:474e:104a:2961
2606:4700:10::ac43:e8b
2a04:4e42:400::485
2a04:4e42:400::649
2426b1b5b918fc0872828bdf83ac9d9ca058e1a16df99b5fb34761ba0b026bda
27e28e5a83acaafd3d71be385a9947173ac2e85d9dda385f6aa11abe719d5a4e
2a95fb68eeab8c876d7f4bc8f777279368cf3e21c698ba0eb05c935ea7a00578
644528e2f1de5bccfa907595a95a363c003d3e023293e23aac8dbd54868c6bac
669a31a113b7353d324d3b19ad3181cd33116c691b1aeb130823848bd7b52dd1
77fd7ddf331cc99530aee0a5bab4e401737f839aea6b06b66fdf9ccdc245aa36
8fccab2a1e85ca91ce3843eda36c4b839a5b22955e7a315604ca9de13ca38078
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f0cf908832bf8f535659b1bdebe401a4ac57ab07cc477bfa34a8ad7a5c73a07f
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

sandbox.multibank.cz Open in urlscan Pro 13.73.186.126 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

80 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

791 kBTransfer

2486 kBSize

2 Cookies

1 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

sandbox.multibank.cz Open in urlscan Pro
13.73.186.126 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

791 kB
Transfer

2486 kB
Size

2
Cookies

22 HTTP transactions
0 data transactions