areapersonale.carta.tfbank.it Open in urlscan Pro
13.69.68.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://areapersonale.carta.tfbank.it/
Submission: On November 10 via automatic, source certstream-suspicious (November 10th 2024, 11:55:48 am UTC) — Scanned from IT

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 13.69.68.16, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is areapersonale.carta.tfbank.it.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on June 24th 2024. Valid for: 6 months.

This is the only time areapersonale.carta.tfbank.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	13.69.68.16 13.69.68.16	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	20.50.88.242 20.50.88.242	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a06:98c1:58::7d 2a06:98c1:58::7d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.195.94.202 185.195.94.202	42649 (BBN) (BBN)
27	5

18 13.69.68.16 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

areapersonale.carta.tfbank.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.50.88.242 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:58::7d (United States)

ASN13335 (CLOUDFLARENET, US)

content01.tfbank.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.195.94.202 (Sweden)

ASN42649 (BBN, SE)
PTR: vbdc-n.baffinbaynetworks.com

prodcustomerdataapi.tfbank.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	tfbank.it areapersonale.carta.tfbank.it	3 MB
5	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 785	1 KB
3	tfbank.se content01.tfbank.se prodcustomerdataapi.tfbank.se	5 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
27	4

	Domain	Requested by
18	areapersonale.carta.tfbank.it	areapersonale.carta.tfbank.it
5	dc.services.visualstudio.com	areapersonale.carta.tfbank.it
2	content01.tfbank.se	areapersonale.carta.tfbank.it
1	prodcustomerdataapi.tfbank.se	areapersonale.carta.tfbank.it
0	www.googletagmanager.com Failed	areapersonale.carta.tfbank.it
27	5

This site contains no links.

Subject Issuer	Validity	Valid
areapersonale.carta.tfbank.it GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-06-24` - `2024-12-24`	6 months	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 08	`2024-09-08` - `2025-09-03`	a year	crt.sh
content01.tfbank.se WE1	`2024-10-28` - `2025-01-26`	3 months	crt.sh
*.tfbank.se GlobalSign RSA OV SSL CA 2018	`2024-04-15` - `2025-05-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://areapersonale.carta.tfbank.it/
Frame ID: 0E199EF001F13C2E95F3D1368069834A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Pages | TF Bank

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

27
Requests

96 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

2975 kB
Transfer

5603 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
areapersonale.carta.tfbank.it/ 584 B
2 KB 281ms
64ms Document
text/html 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2150b39aa2ee3b2c291ca229b4d0723b41c4f96788ebc30b5343de9c82c48ba4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 468
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Type: text/html
Date: Sun, 10 Nov 2024 11:55:41 GMT
ETag: "0d143ce5f2bdb1:0"
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Permissions-Policy: camera=(self)
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK main.0fdedd25.js Show response
areapersonale.carta.tfbank.it/static/js/ 1 MB
333 KB 62ms
62ms Script
application/x-javascript 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

94916fe75b2e3b83619d8ac422bc9ffd20bcef03ad6aac567aa74ca0e7765b28

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 339660
Date: Sun, 10 Nov 2024 11:55:41 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK main.0748c953.css
areapersonale.carta.tfbank.it/static/css/ 149 KB
25 KB 243ms
60ms Stylesheet
text/css 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/css/main.0748c953.css

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

26be3b391b6f42037fa6e2b048098ac5f5737a1794efaaf1402bf952bc821873

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 25044
Date: Sun, 10 Nov 2024 11:55:41 GMT
Content-Type: text/css
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H/1.1 200
OK 362.1a9ca926.chunk.css
areapersonale.carta.tfbank.it/static/css/ 45 KB
25 KB 58ms
58ms Stylesheet
text/css 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/css/362.1a9ca926.chunk.css

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

69fd0c4299da4d71a3aa7eec3fa938f6767fffe57ac7b81cc3247dbbcbe9c639

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 25041
Date: Sun, 10 Nov 2024 11:55:41 GMT
Content-Type: text/css
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 362.7a9f64f0.chunk.js Show response
areapersonale.carta.tfbank.it/static/js/ 2 MB
556 KB 64ms
63ms Script
application/x-javascript 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

38c131181464f30cd7ec79a3912b5af8909064ed94669b8145336c0e8a446c40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 568759
Date: Sun, 10 Nov 2024 11:55:41 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 741.ef092e19.chunk.css
areapersonale.carta.tfbank.it/static/css/ 124 KB
32 KB 118ms
57ms Stylesheet
text/css 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6f845f00a54dac7ef5a98fb9e6dd98072493338fe8fe60bc7666e1d288b57298

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 31893
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: text/css
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 741.5030ec24.chunk.js Show response
areapersonale.carta.tfbank.it/static/js/ 350 KB
95 KB 187ms
62ms Script
application/x-javascript 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/js/741.5030ec24.chunk.js

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/main.0fdedd25.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

351ad8494c46efc186bb11d00cbd8bb613e5b718525925647a6d71b71478cf6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 95881
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK translation.json Show response
areapersonale.carta.tfbank.it/locales/it-IT/ 47 KB
16 KB 60ms
59ms Fetch
application/json 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/locales/it-IT/translation.json

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e02e246831487319626393fc8e816b3f4c84aa6f2ee3647646fd3cef8f2f7b4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |8beff2dc86334f0cba2c121964b03088.f0bbfc61ce6e416f
traceparent: 00-8beff2dc86334f0cba2c121964b03088-f0bbfc61ce6e416f-01
Referer: https://areapersonale.carta.tfbank.it/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "08e3c965f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 15695
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: application/json
Last-Modified: Thu, 31 Oct 2024 06:39:08 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK translation.json Show response
areapersonale.carta.tfbank.it/locales/it/ 584 B
1 KB 65ms
64ms Fetch
text/html 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/locales/it/translation.json

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2150b39aa2ee3b2c291ca229b4d0723b41c4f96788ebc30b5343de9c82c48ba4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |8beff2dc86334f0cba2c121964b03088.352608a42c6746dd
traceparent: 00-8beff2dc86334f0cba2c121964b03088-352608a42c6746dd-01
Referer: https://areapersonale.carta.tfbank.it/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 468
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: text/html
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK meta.json Show response
areapersonale.carta.tfbank.it/ 19 B
1 KB 58ms
57ms Fetch
application/json 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/meta.json

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |8beff2dc86334f0cba2c121964b03088.7d44ac46b5c344a1
traceparent: 00-8beff2dc86334f0cba2c121964b03088-7d44ac46b5c344a1-01
Referer: https://areapersonale.carta.tfbank.it/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0e89e985f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 139
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: application/json
Last-Modified: Thu, 31 Oct 2024 06:39:12 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK favicon.ico
areapersonale.carta.tfbank.it/ 1 KB
2 KB 60ms
60ms Other
image/x-icon 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d34df55e2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 1150
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: image/x-icon
Last-Modified: Thu, 31 Oct 2024 06:34:38 GMT
X-Frame-Options: SAMEORIGIN

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ 0
0 373ms
108ms Preflight 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://areapersonale.carta.tfbank.it
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Sun, 10 Nov 2024 11:55:42 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 199 B
303 B 56ms
55ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

dcedc71969d6334e3d6e59c89192507e4c243453fb7f5c1bb26613c16df86a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Sun, 10 Nov 2024 11:55:42 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

GET
H/1.1 200
OK tfbank21-logo-white.799bf51a13cdf5ad3702fad22db4f40d.svg
areapersonale.carta.tfbank.it/static/media/ 3 KB
4 KB 60ms
60ms Image
image/svg+xml 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://areapersonale.carta.tfbank.it/static/media/tfbank21-logo-white.799bf51a13cdf5ad3702fad22db4f40d.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 3048
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK forms.json Show response
areapersonale.carta.tfbank.it/locales/it-IT/ 7 KB
4 KB 72ms
72ms Fetch
application/json 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/locales/it-IT/forms.json

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d4767dd92603d0cf959d7296218cd5c35cc2911c07a8d76d6bb7968c7e5ef394

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |8beff2dc86334f0cba2c121964b03088.ad24c1df03d1420b
traceparent: 00-8beff2dc86334f0cba2c121964b03088-ad24c1df03d1420b-01
Referer: https://areapersonale.carta.tfbank.it/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "08e3c965f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 3310
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: application/json
Last-Modified: Thu, 31 Oct 2024 06:39:08 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK forms.json Show response
areapersonale.carta.tfbank.it/locales/it/ 584 B
1 KB 66ms
66ms Fetch
text/html 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/locales/it/forms.json

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2150b39aa2ee3b2c291ca229b4d0723b41c4f96788ebc30b5343de9c82c48ba4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

request-id: |8beff2dc86334f0cba2c121964b03088.d7da0c4c4c394243
traceparent: 00-8beff2dc86334f0cba2c121964b03088-d7da0c4c4c394243-01
Referer: https://areapersonale.carta.tfbank.it/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 468
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: text/html
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

OPTIONS
H2 204 content
content01.tfbank.se/umbraco/delivery/api/v2/ 0
0 258ms
173ms Preflight 2a06:98c1:58::7d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content01.tfbank.se/umbraco/delivery/api/v2/content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-key
Access-Control-Request-Method: GET
Origin: https://areapersonale.carta.tfbank.it
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: api-key
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e05dae87e260e13-MXP
date: Sun, 10 Nov 2024 11:55:42 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 content Show response
content01.tfbank.se/umbraco/delivery/api/v2/ 11 KB
4 KB 197ms
196ms XHR
application/json 2a06:98c1:58::7d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://content01.tfbank.se/umbraco/delivery/api/v2/content
Requested by: Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:58::7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 088e1e09a93bcd29d2bfef28a33e7cccc75631be807ee79fe37828a2cfbd37d5

Request headers

Api-Key: VGhDQ33nVOpyIPex+4QnOa7AsSufcGe8t+qF6mb9L7UkUfOzHYCSbAbVfcmAMf0NNkQDAnslzJ5dplRwJeCrYUuxfALWWpmpBAWjddpkiTJblBdzMj3w9rkGwtv1PMBE+B040v2m9sb2rx1Sr4Rd2GSTv1agMfQ2d4Pgr4zFz2bu35+pMlBTZyRaInR2e0Q2hbmNM78ekctoXSr5G2A+esKHqTt8XCam7E+EH4K1mY6uXIbPVjSqwXYSZw6J2GhbB6mG6KHIkU1pyNWw3BABTwOa7XylJ4GkNlEnx3pG2P
Referer
Accept-Language: it-IT
Accept: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
api-supported-versions: 1.0, 2.0
cf-ray: 8e05dae98f9c0e13-MXP
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sun, 10 Nov 2024 11:55:43 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: ASP.NET
server: cloudflare

GET
H/1.1 204
No Content next Show response
prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/ 0
940 B 198ms
111ms XHR
text/plain 185.195.94.202
BBN

General

Check archive.org

Show headers Download Go to

Full URL

https://prodcustomerdataapi.tfbank.se/api/customerservice/maintenance/next?market=Italy

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.195.94.202 , Sweden, ASN42649 (BBN, SE),

Reverse DNS

vbdc-n.baffinbaynetworks.com

Software

baffin-bay-inlet / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=14515200

Request headers

Referer
Accept-Language: it-IT
Accept: application/json, text/plain, */*
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=14515200
Access-Control-Expose-Headers: x-contenttype
api-supported-versions: 1.0
Connection: keep-alive
Request-Context: appId=cid-v1:90efdaad-7981-4750-b06c-44c489670db0
Access-Control-Allow-Origin: *
Date: Sun, 10 Nov 2024 11:55:42 GMT
X-Powered-By: ASP.NET
Server: baffin-bay-inlet

GET
H/1.1 200
OK woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp
areapersonale.carta.tfbank.it/static/media/ 2 MB
2 MB 65ms
64ms Image
image/webp 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://areapersonale.carta.tfbank.it/static/media/woman_hanging_outside_car_window.9b0506a76f7b5929e85d.webp

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 1600548
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: image/webp
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK logo-white.799bf51a13cdf5ad3702.svg
areapersonale.carta.tfbank.it/static/media/ 3 KB
2 KB 115ms
61ms Image
image/svg+xml 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://areapersonale.carta.tfbank.it/static/media/logo-white.799bf51a13cdf5ad3702.svg

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/static/css/741.ef092e19.chunk.css

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Content-Encoding: gzip
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 1377
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf
areapersonale.carta.tfbank.it/static/media/ 302 KB
303 KB 111ms
66ms Font
application/octet-stream 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/static/media/Raleway-VariableFont_wght.575ec9e676c7a85494bb.ttf

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/css/main.0748c953.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://areapersonale.carta.tfbank.it
Referer: https://areapersonale.carta.tfbank.it/static/css/main.0748c953.css

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d143ce5f2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 309720
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: application/octet-stream
Last-Modified: Thu, 31 Oct 2024 06:40:42 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK favicon.ico
areapersonale.carta.tfbank.it/ 1 KB
0 0ms
0ms Other
image/x-icon 13.69.68.16
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://areapersonale.carta.tfbank.it/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.69.68.16 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://areapersonale.carta.tfbank.it/login

Response headers

Content-Security-Policy: default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
ETag: "0d34df55e2bdb1:0"
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Permissions-Policy: camera=(self)
Accept-Ranges: bytes
Content-Length: 1150
Date: Sun, 10 Nov 2024 11:55:42 GMT
Content-Type: image/x-icon
Last-Modified: Thu, 31 Oct 2024 06:34:38 GMT
X-Frame-Options: SAMEORIGIN

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 544 B
602 B 61ms
59ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

c22c59068f6535b80504bb9887acee8a0e47b13c497aa82b134e416bcf358ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Sun, 10 Nov 2024 11:55:42 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 130 B
188 B 59ms
58ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b43975255fb1e5c6a2a75c9d590bfc00dd1bbfe312196e9d83735012142ccfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Sun, 10 Nov 2024 11:55:42 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 130 B
188 B 58ms
56ms XHR
application/json 20.50.88.242
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: areapersonale.carta.tfbank.it
URL: https://areapersonale.carta.tfbank.it/static/js/362.7a9f64f0.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.242 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

b43975255fb1e5c6a2a75c9d590bfc00dd1bbfe312196e9d83735012142ccfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Sun, 10 Nov 2024 11:55:42 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=&l=PageDataLayer&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.areapersonale.carta.tfbank.it/	1969-12-31 23:59:59	Name: ARRAffinity Value: f0077431910fb6dea54963132eadf2a2b43ec72473ce6346f6fc7962f841ea80
.areapersonale.carta.tfbank.it/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: f0077431910fb6dea54963132eadf2a2b43ec72473ce6346f6fc7962f841ea80
areapersonale.carta.tfbank.it/	1970-01-21 09:39:35	Name: ai_user Value: ua6Kbumt7zYzBLp0naoeRX\|2024-11-10T11:55:42.486Z
areapersonale.carta.tfbank.it/	1970-01-21 00:54:01	Name: ai_session Value: scR7Ce8zXODqJORoKcFlrr\|1731239742594\|1731239742594

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https: *.tfbank.it; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://login-eu-c1.cc.sinch.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https:; frame-ancestors 'self'; img-src 'self' data: https://www.googletagmanager.com https://content.ethoca.com https://content01.tfbank.se; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

areapersonale.carta.tfbank.it
content01.tfbank.se
dc.services.visualstudio.com
prodcustomerdataapi.tfbank.se
www.googletagmanager.com
www.googletagmanager.com
13.69.68.16
185.195.94.202
20.50.88.242
2a06:98c1:58::7d
088e1e09a93bcd29d2bfef28a33e7cccc75631be807ee79fe37828a2cfbd37d5
1431b53f53544a5c47d19c148c9624b389fa5722f3605e22afd7161e3c5e0b24
2150b39aa2ee3b2c291ca229b4d0723b41c4f96788ebc30b5343de9c82c48ba4
26be3b391b6f42037fa6e2b048098ac5f5737a1794efaaf1402bf952bc821873
351ad8494c46efc186bb11d00cbd8bb613e5b718525925647a6d71b71478cf6c
38c131181464f30cd7ec79a3912b5af8909064ed94669b8145336c0e8a446c40
5ca9e44cda59c6232b2393b76a2e68e36dd7c588e96c4dfefea7363fdd94f322
69fd0c4299da4d71a3aa7eec3fa938f6767fffe57ac7b81cc3247dbbcbe9c639
6f845f00a54dac7ef5a98fb9e6dd98072493338fe8fe60bc7666e1d288b57298
701d838178929148f2eb418c3c97c99636c033fc2efa6874d65299f6df4929d2
8e7948221210e0bff86b70de2a2e893e24e0d9c5a16a5db0aa47834b88bf1998
94916fe75b2e3b83619d8ac422bc9ffd20bcef03ad6aac567aa74ca0e7765b28
a1c5ae128a15c00c005f02cab2836792f33932f4ff2b4ffde7dda864641d169e
a6bcbccd8410b2044e7a005c74c71c09c8ffc2021f516b191c84f2744e6f3cc1
b43975255fb1e5c6a2a75c9d590bfc00dd1bbfe312196e9d83735012142ccfe5
c22c59068f6535b80504bb9887acee8a0e47b13c497aa82b134e416bcf358ec4
d4767dd92603d0cf959d7296218cd5c35cc2911c07a8d76d6bb7968c7e5ef394
dcedc71969d6334e3d6e59c89192507e4c243453fb7f5c1bb26613c16df86a0e
e02e246831487319626393fc8e816b3f4c84aa6f2ee3647646fd3cef8f2f7b4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

areapersonale.carta.tfbank.it Open in urlscan Pro 13.69.68.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

96 %HTTPS

25 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

2975 kBTransfer

5603 kBSize

4 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

4 Cookies

4 Console Messages

areapersonale.carta.tfbank.it Open in urlscan Pro
13.69.68.16 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

96 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

2975 kB
Transfer

5603 kB
Size

4
Cookies

27 HTTP transactions
1 data transactions